The Future of Cybersecurity – A Safe World Despite Compromised Biometrics
The enormous number of breaches exposing personal data is old news. Mega breaches, where millions of records are compromised, do not faze people anymore. This August, an unconventional incident had many concerned. Over one million unchangeable facial images and fingerprints were compromised through Suprema’s data breach. For the cybersecurity world, this was unprecedented. What would happen to biometrics as a form of user authentication if they were exposed?
The answer is simple: the world must be ready for precise and secure user authentication despite compromised biometrics. Ideally, biometrics should never be exposed. Unfortunately, the enormous number of data breaches validates the argument that personal information is no longer safe under a company’s management. Biometrics are constantly in peril through hackers breaching insecure systems, like Suprema’s, but also, shockingly, through our own actions.
One would think that the care around protecting the anonymity of our own biometrics would be impeccable. However, most of us do not realize that we have happily compromised our own facial images. Profile pictures, selfies, or any portrait on social media is a public display of facial biometrics. Ironically, the website on which we have compromised our biometrics the most is a play on words with the Book of Faces.
In the wake of exposed biometrics, anti-spoofing was developed. This solution detects liveness in the biometric sample provided, assuring that the person requesting access is who they claim to be, and not a fraudster. Advanced solutions, such as ImageWare’s industry-leading Biointellic, are able to detect photo, video, and even 3D mask attacks. With anti-spoofing biometrics, the user is safe from hackers’ attacks even if the very same biometrics used to authenticate are made public.
Outdated biometric systems will be vulnerable to hackers’ attacks if biometrics, even as those as simple as a picture, are exposed. However, adding anti-spoofing capabilities to biometric systems will keep them safe. Living in fear of your biometrics being exposed is futile - because they already are. A selfie, a voice recording, a fingerprint on a glass of water: all could be used as fake biometrics to spoof your identity. An authentication system that isn't sophisticated enough to incorporate anti-spoofing is still breachable, making it not a question of if you will be hacked - but when.