Biometrics are becoming more common in today’s society. To put it in simple terms, biometrics are any metrics that can be used to identify a human being. The most common biometric recognition system is Apple’s Face ID and fingerprint recognition to unlock the iPhone. As technology is constantly evolving, biometric systems can be used to replace passwords and aid in catching criminals. Table of Contents: What are Biometrics? How do Biometrics Work? Biometric Data and Privacy Concerns How To Protect Biometric Data Final Thoughts: Biometric Data and Privacy What are Biometrics? Biometrics are physical characteristics that can be used to verify a person’s identity via automated recognition devices. These characteristics can be physiological traits (i.e. fingerprints, eyes) or behavioral characteristics (i.e. solving a security-authentication puzzle). For biometrics to be useful, they have to be unique. Think about it. Every time you ask Siri to send a text message for you, make a call for you, or even unlock your iPhone, you are using biometrics. There are a variety of biometric data types and these are just a few of them: : looks at the unique patterns of a person’s face; this is used in law enforcement and government agencies as a way for authentication and authorization Facial Recognition : Identifies the unique patterns of a human’s iris - the area surrounding your pupils Iris Recognition : The scanner captures the unique patterns of your finger; when you unlock your phone with your fingerprint, your device will compare the fingerprint to the one set on your device to see if it matches Fingerprint Scanner : It will measure the sound waves in your voice as you speak into a device Voice Recognition : Measures and records every detail of a person’s hand (thickness, width, and surface area) Hand Geometry : Examines how a person interacts with a computer system Behavior Characteristics How do Biometrics Work? Your biometric information (i.e. fingerprint) is recorded and stored in a database so that it can be accessed later for comparison when there is “live” data. A biometric system is made up of three different components: : Records your information and also reads the recorded biometric information when it needs to be recognized Sensor : There must be a computer that contains the recorded biometric data for comparison Computer : The device that connects the computer hardware to the sensor Software Biometric Data and Privacy Concerns Although biometric authentication and identification is a secure way to login into your devices and other services, there are some privacy concerns with biometrics. Here are some of the major issues with biometrics: The biometric data storage can be hacked into allowing cybercriminals to access the biometric data Since biometrics are unique, organizations may not consider implementing additional security measures Biometric data is extremely vulnerable - once your biometric data has been compromised, you may no longer have control of it A criminal may be able to duplicate some parts of your physical identity like obtaining your fingerprints from a cup The most important thing to remember is that any digital data can be hacked by cybercriminals. This may seem unbelievable, but biometrics can even be faked to look real. In 2013, a German hacking group successfully bypassed Apple’s TouchID. A “fingerprint of the phone user, photographed from a glass surface, was enough to create a fake finger that could unlock an iPhone 5s secured with TouchID” ( ). CCC I want to reiterate the bullet point about biometric data being extremely vulnerable, because it is. If you are hacked there is no going back. Biometric data is not like a password where if it gets stolen you can reset your password to something new. If a hacker has a picture of your iris or your fingerprint, they could use your biometrics to access a system or smartphone. Biometric authentication and identification systems are not perfect and they will never be. There is room for false positives meaning for example one may be wrongly identified as a criminal. Now, from a business point of view, if a biometric data storage is hacked, those people who are affected will be at risk of getting hacked for the rest of their lives which means they cannot rely on their biometrics as hackers have access to it. You Could Be Tracked With Facial Recognition Facial recognition can be dangerous and an invasion of privacy because hackers can track you. All that is needed is for the facial recognition software to be installed in any surveillance camera. As an example, conducted an experiment (which was legal) where they turned a few surveillance cameras in Bryant Park into facial recognition tracking devices. From there they were able to identify people walking through the park. Hence, no privacy. The New York Times How to Protect Your Biometric Data Here are a few recommendations of what can be done to prevent your biometric data from being stolen: - make sure you create a strong password making it more difficult for hackers to guess or brute force the password to the biometric data storage (this would mostly be beneficial for organizations) Implement a strong password - this means not using FaceID or fingerprint authentication on your iPhone to unlock your device Opt out of using biometric data if you are worried about the security of it - Make sure that your device is using the latest software version to prevent hackers from finding and exploiting vulnerabilities including Update your software zero day vulnerabilities - Do not rely solely on biometrics for authentication and/or authorization, make sure to pair it with a password or smart card, for example (two-factor authentication) Use multiple layers of security on how biometric data is stored and processed Increase awareness and education Final Thoughts: Biometric Data and Privacy The question of whether biometric systems will ever be full-proof is still unknown and cannot be answered. Biometrics are growing in popularity, therefore, it is crucial to understand what biometrics are, how they are stored, and how they are processed. As the security risk continues to rise for biometrics, it is important to understand what can be done to prevent your biometric data from being stolen and how your state or country handles biometrics. The laws that exist may vary from state to state and country to country so you must do your research.

Waves

Apple

Red Team vs. Blue Team in Cybersecurity: A Quick Crash Course

An Unboring Guide to Endpoint Detection and Response (EDR)

2021 - Top Security Expert

Nominated for 2022 - HackerNoon Contributor of the Year - Instagram

Nominated for 2022 - HackerNoon Contributor of the Year - Social Media

Nominated for 2022 - HackerNoon Contributor of the Year - Security

Nominated for 2022 - HackerNoon Contributor of the Year - Cyber Security Awareness

Nominated for 2022 - HackerNoon Contributor of the Year - Facebook

Too Long; Didn't Read

Biometric Data and Privacy: Here’s What You Need to Know

Biometric Data and Privacy: Here’s What You Need to Know

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

3 Types of Phishing Attacks and How to Prevent Them

8 Benefits of Computer Vision in the Security Industry

80% Devices in 2023 Are Already Passkey-Ready: Apple, Microsoft, and Google Pushing It Even Higher

AI Biometric Authentication is Changing

Are Time Clock Machines With Fingerprints Legit?

Biometric Authentication revolutionizes The Future of Mobile Banking

3 Types of Phishing Attacks and How to Prevent Them

8 Benefits of Computer Vision in the Security Industry

80% Devices in 2023 Are Already Passkey-Ready: Apple, Microsoft, and Google Pushing It Even Higher

AI Biometric Authentication is Changing

Are Time Clock Machines With Fingerprints Legit?

Biometric Authentication revolutionizes The Future of Mobile Banking

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps