FB pixel

Hacking biometrics and device IDs together is possible and dangerous: research

| Jim Nash
Categories Biometric R&D  |  Biometrics News
Hacking biometrics and device IDs together is possible and dangerous: research
 

New research indicates that it is possible to secretly build rich profiles of people in highly connected homes and other locations not by going after personal biometrics or device identities alone, but by treating the relevant systems as a single, leaky channel.

Efforts to secure face, fingerprint, voice and other biometric identifiers continue, and continue in isolation from efforts to prevent hackers from linking personally identifying information to device identity information, including MAC addresses and cookies, according to a new report.

An international team of researchers conducted two experiments over a month, and found that compound identity leaks from devices can enable criminals to build online and real-world profiles on people by correlating hardware identifications and biometric data.

It was possible, “in certain cases,” to de-anonymize more than 70 percent of device identifications and capture biometric clusters with about 94 percent accuracy, according to the report. The project prototype and code are available here.

The scientists wrote that, “results show that our approach is feasible in two real-world scenarios where face images and voice segments are captured and associated with device MAC addresses.”

Quoting Gartner Inc. research, the paper states that there should be 20 billion IoT devices by year end. Absent a networked camera, the researchers found that it is easy enough to secretly plant common, small sound and/or video sensors to correlate device identifications.

The envisioned attacks could target businesses as well as consumers, although they typically are more levels of information security in environments away from homes.

Chris Xiaoxuan Lu, with the University of Liverpool, led the team, which included scientists from New York University, The Chinese University of Hong Kong and the University of Buffalo, SUNY.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

Biometrics at scale: EES setbacks meet growth push

The effectiveness of biometrics deployments at scale can be prone to failures of procedure or coordination, as travelers to Europe…

 

Concordium’s Boris Bohrer-Bilowitzki wants to keep your AI agents in line

“Without identity, autonomous action is just autonomous risk.” So says Boris Bohrer-Bilowitzki, CEO of Layer-1 blockchain protocol Concordium. Concordium has…

 

Veratad among first certified to ISO 27566 age assurance standard

Veratad is one of the first companies worldwide to achieve certification to ISO/IEC 27566‑1:2025, the newly established international standard for…

 

World targets central IDV, AI agent management role with selfie biometrics

World’s latest update positions the company as an identity verification provider for the world of agentic AI, with new tools…

 

Idenfy launches MCP server to bring live API docs into AI assistants

iDenfy has launched an official Model Context Protocol (MCP) server, which gives developers the ability to plug the company’s live…

 

Anthropic adds limited biometric ID verification from Persona to Claude

Anthropic is introducing identity verification on its AI chatbot platform Claude for a “small number of cases.” For its verification…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events