Why biometrics are not a panacea

Dr. Ben Goldacre, who writes a Bad Science column for the Guardian, writes in Make your own ID:

Tsutomu Matsumoto is a Japanese mathematician, a cryptographer who works on security, and he decided to see if he could fool the machines which identify you by your fingerprint. This home science project costs about £20. Take a finger and make a cast with the moulding plastic sold in hobby shops. Then pour some liquid gelatin (ordinary food gelatin) into that mould and let it harden. Stick this over your finger pad: it fools fingerprint detectors about 80% of the time. The joy is, once you’ve fooled the machine, your fake fingerprint is made of the same stuff as fruit pastilles, so you can simply eat the evidence.

But what if you can’t get the finger? Well, you can chop one off, of course – another risk with biometrics. But there is an easier way. Find a fingerprint on glass. Sorry, I should have pointed out that every time you touch something, if your security systems rely on biometric ID, then you’re essentially leaving your pin number on a post-it note.

You can make a fingerprint image on glass more visible by painting over it with some cyanoacrylate adhesive. That’s a posh word for superglue.

It’s a post worth reading because it debunks some of the hype surrounding biometrics, which is a word politicians seem to love to throw around.


3 thoughts on “Why biometrics are not a panacea

  1. Biometrics don’t comprise fingerprint technology alone; there’s facial recognition (contours of the face), iris scanning, hand printing and voice recognition. Ideally, if security is the major concern (and not just attendance swiping in big establishments) then a combination should be used. Using fingerprinting alone will be foolhardy.

  2. Preeti: You’re right–biometrics is more than just fingerprint technology. The link to the article was to point out that biometrics too has its problems and that it is not a cure-all as the hype-makers would have us believe.

  3. Biometric can still be deployed as single means of authenitication with say “Swipe finger” technology which is based on Thermal .Here making a mould does not work !

Your thoughts?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s