FB pixel

Biometric exploits aren’t on the horizon; they’re in the backyard

Biometric exploits aren’t on the horizon; they’re in the backyard
 

The biggest threat to widespread use of biometrics in security is public distrust and the inability of the industry and government to address that distrust.

But that is today. Cybersecurity firm Intel 471 says that cybercriminals — precisely the people biometrics was supposed to put out of business — have already begun defeating systems. Their activity still is in its “infancy,” according to Intel 471.

A missive published by Intel 471 says that criminals “have learned to exploit vulnerabilities in facial and fingerprint recognition software.”

They have gained access to a device and then, of course, explained to their community how to defeat behavior-based anti-fraud software.

In September 2020, the company’s analysts reportedly “observed” a pair of Iranians trying to sell ID documents, some of which held biometric data.

One of the suspects claimed to have 76,000 national codes and biometric national ID cards originating in the United States and 10 other countries, including India, Brazil, Saudi Arabia, South Korea and Spain.

The other person, according to Intel 471, reportedly possessed 72,400 scanned Iranian IDs, at least some of which had biometric data.

It is also known that last fall, a team of United Kingdom scientists spotted a vulnerability in the iPhone’s express transit mode that enabled them to use a replay-and-relay attack to make contactless payments of £1,000 (US$1,350) on Visa cards linked to Apple Pay.

Biometric authorization was simply bypassed. The phone was locked and did not authorize the transaction.

Vulnerabilities also found in Android devices and in Microsoft’s Windows 10 Hello facial recognition software allowed biometric authentication to be skirted.

In a more strained example, a man claimed that he was able to bypass behavior-based anti-fraud systems and two-factor authentication by mimicking the keystrokes and mouse movements of his twin brother, according to the firm.

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Women in Identity prepares ID Code of Conduct phase 3, on costs of ID exclusion

Identity and ID documents aren’t the same thing – but, in administrative terms, they might as well be. Without identification,…

 

Somalia officially launches printing process of new national ID card

The government of Somalia says the printing of its new generation national ID cards is now officially underway. The country’s…

 

Facial recognition for borders and travel: 2025 trends and insights

By Vito Fabbrizio Managing Director, Biometrics Business Unit, HID The world of biometrics is constantly evolving, and 2024 was a transformative…

 

Azerbaijan president approves 2025-2027 digital ID, govt strategy

President Ilham Aliyev of Azerbaijan has issued a decree activating the “Digital Development Concept of the Republic of Azerbaijan,” a…

 

Mobile driver’s licenses coming to the UK this year

The UK government is planning to issue digital driver’s licenses this year with legal backing to be accepted as proof…

 

Guyana national digital ID project gets $4.8M in 2025 budget

The government of Guyana has allocated $1 billion (US$4.8M) for national e-ID cards, as part of a budget presented last…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events