Hey, Biometrics Guys! Get Provoked!

 Ever since I joined LinkedIn seven years ago, I have repeatedly made clear that biometrics brings down security to the level lower than a password/pincode-only authentication where it is used together with a password/pincode in a ‘multi-entrance’ deployment.

 The first article on LinkedIn was “Biometrics & Conundrum” published on 7/Dec/2014 - https://www.dhirubhai.net/pulse/20141207052655-141508358-conundrum

 The latest one is “Threat of Biometrics to Security and Its Structure” of 23/Sep/2019 - https://www.dhirubhai.net/pulse/structure-threats-security-biometrics-hitoshi-kokumai

 We have received not a single logical or evidence-based refutation (*1), which led us to suspect that the biometrics guys love a one-way propaganda but hate the exchange of opinions.

 They might be prepared to allow people to debate on ‘spoofing’ and ‘data leak’, because they could counter these debates by talking about the eternal endeavor of improving technologies.

But it looks like they are aware they cannot afford to be involved in the discussion on the security effect of a 'fallback password’ required against false rejection/non-match, presumably because there is absolutely no way of eliminating the presence of trade-off relation between false match/acceptance and false non-match/rejection due to the nature of the body features inherent in living animals.

In other words, it looks as though they are afraid that, should they publicly admit the necessity and actual presence of 'fallback measure', a default password/pincode in most cases, the foundation of their decades-long allegation of “Biometrics brings better security than passwords” would evaporate right away.

 As such we are led to suspect that all that the biometrics guys can do is turn a blind eye, cover their ear, close their mouth and keep earning as much quick money as possible before their 'business model' collapses.

 Incidentally, we are also very worried to have noticed that biometrics data is seldom publicized in a logical and scientific manner.

 Quite a few biometrics vendors publicize a part of a fact and do not disclose the other part of the fact, for instance, publicizing a nicely low false match/acceptance rate without saying anything about the corresponding false non-match/rejection rate, which could be alarmingly high, but remains unknown to the public.

 Subsequently, this phenomenon comes with their silence on the need and presence of a fallback password/pincode against the false non-match/rejection, which brings down security to the level lower than password/pincode-only authentication as repeatedly made clear.

 Moreover, we could add that unsubstantiated theoretical data is often presented as if it were the empirical data.

 By ‘biometrics guys,’ we mean not just the biometrics vendors but those officials, professionals, researchers, consultants, journalists, etc. who have gained much from this dubious way of doing business..

 Biometrics Guys!  Should you be confident that we are mistaken somewhere in this article, you would be welcomed to refute specifically where you reckon we are wrong.

< Footnotes >

*1 The counter-arguments that we have so far been given were basically (a) from the people (*2) who would only repeat the unprovable assertion that biometrics is stronger than passwords, or (b) the people (*3) who did not know anything about the trade-off-relation between false acceptance/match and false rejection/non-match  or (c) the people (*4) who know the trade-off relation but are apparently ignorant of or are possibly pretending to be indifferent to the opposite security effects of two authenticators used in ‘multi-layer’ and ‘multi-entrance’ deployments.

*2 A direct comparison would not make sense between a biometrics on its own, which is probabilistic, and a password on its own, which is deterministic. Furthermore, as a matter of practice, how can we select the test samples to compare from among numerous combinations in the broad spectrum in between the two extremes of the securest password vs the least accurate biometrics and the poorest password vs the most accurate biometrics?

On the other hand, it is just logical and easy to compare (A) a password with (B) a biometrics with the same password as a fallback measure against false rejection/non-match. Logic tells us that (B) is inevitably weaker than (A) as outlined in this short video - https://youtu.be/wuhB5vxKYlg

This observation is valid however accurate or inaccurate the biometrics may be, and however strong or weak the password may be. It is also valid even if someone comes up with a perfectly ‘spoofing-proof’ biometrics.

*3 The trade-off relation between false acceptance/match and false rejection/non-match is explained here with graphs – https://www.valuewalk.com/2018/02/biometrics-aadhaar-danger/

 *4 The opposite security effects of two authenticators used in 'multi-layer' and 'multi-entrance' deployments are closely examined here –https://www.dhirubhai.net/pulse/quantitative-examination-multiple-authenticator-hitoshi-kokumai/