FB pixel

Claims about biometrics accuracy raise questions but get repeated

Claims about biometrics accuracy raise questions but get repeated
 

A LinkedIn post by a security awareness professional has raised eyebrows in biometrics circles, some of them indirectly, suggesting that the technology comes with several problems.

Roger Grimes writes that biometric authentication can be good if well implemented, but still comes with concerns.

His article was picked up by Computer World Columnist Evan Schuman, who argues that biometric authentication systems, “as currently implemented, are little more than convenience.” At least one more publication has since picked up the thread.

Grimes identifies accuracy, hacking, stolen images or templates, the germs that go along with touch-based systems, privacy and surveillance, and bias as potential problems with using biometrics. He also provides advice for addressing several of these concerns.

Schuman seems to discuss authentication security largely via reference to phone-unlocking applications.

In both cases, the wording appears to be causing confusion in some quarters, if not all around.

Grimes asks “How can any system that relies on my fingerprints truly know that who is submitting them is me?” The potential of ‘liveness detection’ as an answer is not discussed. Grimes notes the usefulness of a second authentication factor

Curiously, he writes that NIST reports show the most accurate biometric solutions tested have error rates of 1.9 percent, but links to the FRVT and a test of fingerprint solutions from 2014, which appears to be where the statistic is drawn from.

Do not buy any biometric solution from 2014 if you are highly concerned about security.

Further, most biometrics experts will point out that accuracy is not properly expressed as a single number.

Acuity Market Intelligence Principal Analyst and Chief Strategist Maxine Most responded on LinkedIn with direct responses to four criticisms from Schuman. Most points out that there are ways to preserve privacy while using the cloud, and that templates can be revoked or canceled, among methods of mitigating biometric data theft.

“This POST perpetuates a series of debunked #biometric myths,” Most writes. “Like every other #security #technology, it’s not the failure of the technology but the failure of the implementation that is at issue. . Poor implementations of biometrics work poorly Good implementations of biometrics work well.”

“There are plenty of ways of deploying biometrics securely,” Schuman acknowledges.

If the core argument is that single-factor authentication without presentation attack detection is not highly secure, the day is won. If the argument is that there is an approach that organizations should be using instead of biometrics for better security, we are still waiting for the big reveal.

Article Topics

 |   |   |   | 

Latest Biometrics News

 

Cameroon bishops urge massive participation in ongoing biometric voter registration

Catholic bishops under the banner of the National Episcopal Conference of Cameroon (NECC) have launched a fervent appeal to all…

 

Nigerians decry duplicative biometric capture for SIM registration, ID cards, SIM-NIN linkage…

The distress of Nigerians over repeated episodes of biometric capture for different identification purposes has been highlighted by local outlet…

 

EY secures AU$10.7M to build Australia digital ID register after limited tender

EY, a big four consulting firm, has won a $10.7 million Australian (US$6.9 million) contract to build a digital ID…

 

As retailers turn to biometrics to reduce theft, costs of poor implementation loom

Demand for biometrics to reduce retail crime continues to rise, but the risk of flawed deployments of the technology are…

 

Socure announces faster biometric IDV, deepfake and synthetic identity fraud detection

Identity verification provider Socure has announced the launch of its next generation DocV, now including enhanced deepfake selfie biometrics detection…

 

Rights groups criticize EU AI Act for inadequate protections against potential abuse

The EU’s AI Act is done, and no one is happy. Having been adopted by the European Parliament in March…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read From This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events