Biometrics Cyber Security: Is a Fingerprint Enough?

Posted July 9, 2019

In Blog, Cloud Service Providers, Cloud Services, Managed IT Service Providers, Managed IT Services, Managed Network Services, Managed Service Provider, Managed Services

Facial recognition software. Fingerprint readers. Retinal scanning. What once seemed like technology reserved for sci-fi movies like Robocop (1987, facial recognition software) and 2001: A Space Odyssey (1968, voice ID programs in Hal 9000) is now our everyday. But is biometrics cyber security enough protection for the average office?

Biometrics were once thought of as the upper limits of scientific ingenuity, along with flying cars and time machines. Today, we use them to unlock our phones, login to our bank accounts, and play music over your home assistant devices, like Alexa and Google Home. Questions of biometrics cyber security have also arisen– How easy is it to hack? Can it be faked? Perhaps most importantly, are biometrics able to protect assets more effectively than traditional passcode and encryption protocols?

Let’s dive in:

Biometrics at Work

When we’re talking about the concept of biometrics and biometrics cyber security, we’re referring to a particular hardware, software, or combination of both that is able to measure the veracity of a particular action (like logging into a computer) based on the physical characteristics of the user.

Biometrics are typically divided into two categories: Physiological and behavioral.

Physiological biometrics is the reading of a particular way someone looks. This would include:

Fingerprint scanning
Facial recognition
Retina scanning
Iris recognition

Behavioral biometrics are based on the behavior of the user. The user has to perform some particular function that a software program can match to existing data, like setting up voice recognition for Siri. Examples of such are:

Voice ID
Keystroke dynamics
Signature analysis
Mouse use dynamics
Movement analysis

Behavioral biometrics are typically less expensive for companies to incorporate because they require only software programs and time to establish points of reference for the user. For example, keystroke dynamics measure our habits we have when typing that could identify us, like speed, on-screen transitions (favoring tab over clicking with the mouse, or vice versa), and other nuances that make your typing habits different from everyone else’s. It works as a second layer of security in combination with traditional username and password credentials.

But Is It Safe?

Like all cybersecurity measures, an ounce of prevention is worth a pound of cure. Nothing is impossible to hack. Even the Pentagon has issued several “hacking challenges,” encouraging people to try to crack into the government networks to help them find vulnerabilities before they can be used for nefarious purposes.

Unfortunately, as biometrics become more commonplace, the data becomes more vulnerable. You can change a password, but you can’t change your fingerprint. The more places that your biometrics data is stored, the higher the risk that it can be stolen.

Additionally, many biometrics hardware options are vulnerable to being tricked by high resolution photos and lifted fingerprints. If someone really wanted to, they could easily use a fingerprinting kit to obtain a copy of your prints from a glass or door handle. While the likelihood of this is pretty slim, it’s something to keep in mind.

The best option is to combine smart passcode standards with biometrics. For example, many devices can be setup to require facial recognition and password entry before unlocking. Additionally, there is no replacement for maintaining your cybersecurity measures for your networks. Firewalls, advanced endpoint protection, and end user training are always going to take your data protection dollar further than investing in biometric technology.

Kyle Vinar

Kyle Vinar is Partner / President of Verus Corporation. He oversees all business operations and coaches Verus teams to continually improve on their solutions from client experience to product development and overall solution implementation. He works with all Verus resources to increase efficiencies and excellence in every aspect of their organizational roles. Kyle believes that people are the last real competitive edge that a company can have and constructing a rich culture is a vital step in running a world-class organization. Therefore he strives to create a culture within Verus that allows everyone to show up authentically and grow both personally and professionally, which in turn allows Verus Corp team members to provide clients with top-of-the-line service. Kyle helps balance strategy, capacity, and culture in such a way that has allowed Verus Corp to achieve exponential growth since he joined the company in 2013. One of Kyle’s greatest professional achievements has been in helping lay the foundation upon which Verus Corporation could be named the 2nd Best Place to Work by the Minneapolis/St. Paul Business Journal. Kyle holds a Bachelor of Science in Marketing from St. Cloud State University. He lives in Champlin with his wife and 3 children. He has enjoyed volunteering as a soccer coach for over 6 years and was the former Director of Coaching for Rebels Soccer Club. If Kyle isn’t on the sidelines of one of his children’s soccer games or in the audience of his eldest’s musicals, he can often be found cruising scenic routes on his Harley, in a deer stand, or on the golf course.