Biometrics authentication is not reliable because it is probabilistic
Debesh Choudhury, PhD
Information Security Researcher, Academician, Entrepreneur | Password & Cybersecurity, Digital Identity, Biometrics Limit, 3D Education | Linux Trainer | Writer | Podcast Host
As a researcher, I devoted a lot of time on biometrics. In 2006 I had applied our 3D object recognition technique to realize 3D human face recognition. I implemented 3D face recognition much before Apple launched 3D face ID in iPhone X series of mobile phones. But I must admit that biometrics authentication is not reliable because biometrics recognition is inherently probabilistic.
Biometrics authentication relies on a probabilistic recognition process
The recognition process of all types of biometrics rely on probabilistic judgement of variable physical and / or behavioural features of the human beings. The human physiological features continually change with growing age. Humans may also lose some of their physical body parts in accidents or lose behavioural characteristics due to diseases. Some biometrics recognition varies with illumination and color of skin (such as face). The probabilistic recognition processes of biometrics may often yield unreliable results.
Biometrics is suitable for limited areas of supervised applications
Some years ago, I raised a question in my mind: Where can biometrics be safely applied? Unfortunately, there are very limited areas where biometrics may be helpful without security vulnerability.
Very long ago, it had been recognized that fingerprints can be useful in scanning a database of criminals. Police departments search criminals from biometric databases. Identification of criminals by fingerprint forensics has been recognized by the laws in many countries.
Biometrics may be utilized for personal identification in access control applications, and strictly under human supervision. We may have to accept that it would be very risky to use biometrics for unsupervised online authentication applications, such as online financial transactions.
Can biometrics replace "passwords"?
A part of the tech community promotes convenience-first biometrics as a security-first replacement of passwords. They are chasing after "passwordless" authentication with biometrics. What are your views about digital identity and the future of passwords and the authentication technology? I would love to get your views and suggestions. If you like this article, please click a generous "Like" or any other LinkedIn "reactions", and "Share" it among your acquaintances and network.
Join the LinkedIn Group “Identity Crisis: The Future of Password Security” to get updates about the future of password security, authentication technology, episodic memory based password systems and beyond.
----------------------------------------
Join me on Twitter, Medium, Facebook, beBee, Steemit and LinkedIn
More of my articles on Digital Identity, Cybersecurity and allied topics:
- Passwordless is Like Living with the Lockers Always Open?
- Identity Crisis: The Future of Password Security
- The Biometrics Rush
- Can Cybersecurity and Quantum Computing be Friends?
- Does Cybersecurity have any Space for Digital Convenience?
- Security Ability and Convenience Bear an Uncertainty Relationship
- Convenience is the Weakest Link in Security
- Biometrics Liveness Detection May Help Criminals
- Can Liveness Detection Defeat Biometrics Spoofing Attacks?
- Biometric Data Breach Conundrum
- Is Biometrics More Secure than Text Passwords?
- Self-Sovereign Identity Depends on National Policies
- The Password Hole in the Cyber Bag
- Identity Dilemmas: Biometrics, Texts or Something Else
- Brand Identity, Digital Identity and Crypto Aspirations
- Digital Identity, Assets and Governance
- Decentralized Digital Identity: Which Distributed Ledger is Most Viable?
- Decentralized Biometrics: Is It the Ultimate Solution?
- Biometric Data Protection is a Big Challenge
- Reset Biometric Traits?
- Spoofing Biometrics isn't Impossible
- Privacy protection could have saved Aadhaar data breach
- Data Protection is a Big Challenge
For more articles, stories, and insights follow #DebeshChoudhury
* * * * * * * * * * * * * * * * * * * * * *
I am a researcher and academician of electronics and applied photonics. My current research focuses on Privacy Protected Digital Identity. My friend Jose Munoz Mata and I are researching distributed ledger technology for decentralized digital identity and other real world applications.
In June 2015, Dr. Jeffrey Strickland and I founded a new LinkedIn Group called "The Unfluencers". To learn about the history of "The Unfluencers" please read the seminal LinkedIn article by Dr. Jeffrey Strickland entitled -- "Who are the Unfluencers". This group is an open group. You are welcome to join this group and engage yourself in the discussions. The Unfluencer?? Logo is a registered trademark of Dr. Jeffrey Strickland.
Text Copyright ? 2020 Debesh Choudhury— All Rights Reserved
#digitalidentity #cybersecurity #biometrics #threats #spoofing #dataprivacy #datasecurity #passwordsecurity #technology #innovation #infosensys #dazlabsasia #learningtimes #debeshchoudhury #josemunozmata
Biometrics , as a means of access control , can be problematic if the potential user is disabled !
Advocate of Identity Assurance by Citizens' Volition and Memory. Founder and Chief Architect at Mnemonic Identity Solutions Limited
5 年The still rampant hype of biometrics drove me to write this post -? "Cult of Convenience" https://www.dhirubhai.net/posts/hitoshikokumai_identity-authentication-password-activity-6633190384073834496-uH7M Continuation https://www.dhirubhai.net/posts/hitoshikokumai_identity-authentication-password-activity-6633189998780874752-0m3q? What a folly!??