Since it is organically connected to the user, biometric information represents the most sensitive category of data. Many have raised the concern that hackers or other malicious actors have the capability to steal and then replicate biometric records. Since biometric characteristics cannot be changed like a password or identity card, the fear is that a person’s identity would be permanently compromised. Recent claims about “hacks” of biometrically enabled systems appear at first blush to demonstrate the reality of this threat.
Yet the reality is far more complicated and nuanced than the media stories on this issue indicate. Compromising a biometric system is theoretically possible – every security system has its weaknesses. The effort and technical savvy required to do so would be considerable, however. Additionally, the strong safeguards and anti-fraud protections in biometric systems bring the possibility of compromise close to zero.
Protection against fraudulent biometrics In order to recreate a biometric indicator, it is first necessary to access and copy it. Obtaining a biometric image of sufficient quality would be extremely difficult to accomplish without the subject’s cooperation, as it would require physical access to the person’s fingerprint, iris, or another related body part. The quality of latent fingerprints, for example, is suitable for matching in forensic databases but too low to produce an image suitable for reproduction.
Copying biometric indicators involves recreating the physical contours in sufficient detail. Since many biometric features measured by modern equipment are invisible to the naked eye, a high level of technical skill would be needed to duplicate a viable biometric characteristic. Finding substances which would adequately mimic the physical qualities of a biometric indicator would be equally challenging.
Finally, use of a fraudulent biometric would require its deployment in the field. Most biometric equipment now contains built-in software designed to detect fraudulent indicators. These include “liveness detection”, which ensures that the user is presenting a genuine biometric indicator rather than a created substitute. Additionally, it would be risky and difficult to adequately test the use of a fraudulent biometric against a real world system, particularly when those systems are manned by personnel trained in detection of fraud. In the absence of a method to confirm that fraudulent biometric indicators work “in the wild”, users face significant risk of detection.
The use of fraudulently produced biometric indicators often depends on the use of a single factor in identity confirmation. Yet most biometric systems deployed today depend on more than one factor to confirm a subject’s identity, greatly complicating the process of hacking into a system which deploys such protections.
Protection of biometric templates Biometric equipment converts physical characteristics into so-called “templates” – digital signatures which serve as a representation of a person’s identifying features. These templates also require strong protection. While it would require a great deal of highly technical expertise to reverse engineer a template to create a physical characteristic, the templates themselves could theoretically be inserted into the authentication process electronically, simulating the submission of an actual biometric.
Fortunately, there are strong protections in place to guard against the fraudulent use of biometric templates. Biometric templates are encrypted, making access to the raw data extremely difficult to unlock. Biometric matching processes are often constructed to require that templates are sent from identified devices – in order to insert a fraudulent biometric into a matching process, a hacker would also have to possess the registered device needed to send the biometric for matching.
Commitment to data security Strong security is the primary driving factor behind adoption of biometrics, and the biometrics industry is constantly searching for new ways to give its products additional layers of protection. This includes development of sophisticated algorithms which can detect fraudulent biometric templates, hardware features which identify prosthetics or other false biometrics, and ever-stronger encryption for biometric templates.
While no security system can claim to be invulnerable to hacks or manipulation, the technical sophistication and layered approach to biometrically enabled security makes it extremely difficult to compromise. This is why the National Institute of Standards and Technology (NIST) prescribes the use of biometrics for the highest level of security assurance, and why industries such as banks and national governments rely on biometrics to keep data in the hands of authorized users.