How Foolproof Are Authentication Biometrics?

May 29, 2019 • Shannon Flynn


How useful are authentication biometrics? As technology gets better, we constantly look for ways to be more efficient and streamlined. Convenience has become a massive priority to consumers, usually beating out the desire for more security. Biometrics offered an answer to be convenient and secure all at once.

With biometrics, we only need to look or talk to something to unlock it. This is the kind of security that’s ripped straight from science fiction novels and may sound too good to be true.

This is the point where we unravel if biometrics are indeed too good to be true. They certainly seem more secure than a password, but appearances can be deceiving.

What Are Authentication Biometrics?

Biometrics or biometry is defined as the measurement of the human body. Authentication biometrics is when those measurements are taken and applied to something that’s locked. In other words, our bodies prove who we are.

DNA testing is a type of authentication biometric, but we started going a little further with them. There are two different types of biometrics — behavioral and physiological.

Behavioral includes one of the biometrics we’ve used for a long time — the signature. Pressure, inclination and movement of the pen all say something about us and make it difficult to forge a signature.

Other behavioral biometrics include keystrokes, gait, gestures, the sound of our footsteps and even our voice. Even with two similar voices, the tone, pitch, and volume would still differ.

Physiological biometrics are what companies started to use. These include facial structure, fingerprints, handprints, iris and retina scanning and the aforementioned DNA. All of these aspects are much more biological. Like a signature, they’re all very difficult to forge but not impossible.

Pros of Biometrics

Convenience is the biggest plus we get out of biometrics. Instead of remembering and typing in a password, we can just scan a finger and move along. Convenience was most of the reason biometrics were implemented in commercial goods, like phones and cars, in the first place.

Law enforcement has made a lot of great uses of biometrics. As the trend grows more mainstream, it’s easier for police to collect fingerprints from a wanted suspect in a case. They’ve also referred to biometrics as the new generation of defense against hackers.

Cons of Biometrics

While a hacker will have to get in your space to steal an image of you or your fingerprints, there’s still a chance they can hack into your devices. However, the problem now only makes itself worse.

Before, if a hacker stole a password, then they have access to that device. Now they potentially have access to legal documents, criminal records and a whole host of worse things.

Your biometrics are also easily known to all. While difficult to copy, everyone can see what your eyes look like, whereas before your password was only known to you.

Not to mention that if you are hacked, the hack is sticking around, especially if the information is sold. You can’t just change your facial structure as you would with a leaked password.

How Hackers Steal Biometrics

Not to give anyone some unfavorable ideas, but stealing biometrics isn’t all that hard once someone sets their mind to it. For example, faking a fingerprint can happen multiple ways depending on if you have a fingerprint or if you’re able to make a mold of someone’s finger.

An iris scanner is even easier. A cheap camera taking a picture of the victim in night mode will make the iris pop out, as we’ve seen happen on old pictures before.

The hacker prints just the iris out and puts a wet contact lens over the photo to mimic the shape of an eyeball. Just like that, the hacker has made a workable iris to scan on any device.

All of the movie-level spectacles aside, a hacker doesn’t need to go through that much trouble to hack biometric scanners. They can just hack into the part of a device that stores this type of information. From there, they can either keep the information for themselves or change it. Either way, hacking is possible.

The Best Security

Nothing can ever be completely secure. Biometrics and passwords are both susceptible to abuse if someone wants it bad enough.

For optimal security, use as many authentication locks as you can, mixing biometrics and passwords together. Of course, this idea isn’t exactly convenient, which was the whole point of marketing biometrics in the first place.

In the end, it all comes down to what you feel safe using and being vigilant about your personal information. The best security comes down to your own actions and habits to protect yourself but even that’s not foolproof.