As Governments Adopt Biometrics As National IDs, They May Become Bigger Risk To Personal Cyber Security

[Lucian Armasu]

Singapore is the latest country to require iris scans as part of its national ID system. As governments continue to collect biometric profiles in centralized databases, the risk of attack against citizens who use biometrics as password alternatives grows.

As Governments Adopt Biometrics As National IDs, They May Become Bigger Risk To Personal Cyber Security : Read more

 

[InvalidError]

I never considered biometrics as secure beyond user name replacement. Once compromised by whatever means, it cannot be changed. Biometric identification needs to be backed up by something that cannot easily be surrendered against your will to be reasonably secure. Biometrics alone can easily be overcome with force.

 

[falchard]

Chips under the skin.

 

[InvalidError]

Chips under the skin.

That isn't any more secure since anyone can do drive-by read-out without your consent.

 

[3ogdy]

We're headed towards a really dark future.

 

[Guest]

No one is putting a chip under my skin.

 

[targetdrone]

All of this is for our own good, citizen(read subject)


That is until someone hacks the database, obtains your bio-metric data, forges it and then steals your identity for good Then you're status as a person is for ever invalidated because unlike a compromised credit card you CANNOT be issued new retinas, finger prints, or DNA.

 

[Guest]

Woah! Biometrics for username!! Now that's how to do it. I hope this is an option in Windows 10.

 

[falchard]

It is an option for Windows 10.

 

[sosofm]

After that we will be like cows.Then they will give us a number like in prison , and that's it , your name is insignifient , the important thing willbe your number.
And everybody will talk about freedom and democracy. Everybody will be just a number.

 

[InvalidError]

After that we will be like cows.Then they will give us a number like in prison , and that's it , your name is insignifient , the important thing willbe your number.

You already have a social security number used for taxes and most other government-related stuff. Your name is only a secondary identification in your numbered file which makes it easier to find.

 

[drajitsh]

NOT using fingerprints as authentication and payment medium. Please keep with the news outside America.
The Indian Government is VERY very strongly pushing fingerprints as an authentication tool -- as the only authentication on a NATIONWIDE payment system.
Don't believe me, just google "aadhar" and payments.
And it gets WORSE, it is strongly promoting biometric identity cards for newborns.

 

[John_561]

You can always refuse it here (US) on Christian religious grounds. Mark of the beast!

 

[computerguy72]

A lot of misunderstandings about biometric data. I read a message here where someone asserts you can just hack a biometric database and forge credentials that way. You can't. That would require that you have access to both ends of the authentication process and totally understand the mechanics on both sides as well. I worked on systems like this for a long time and they are far more secure at the moment than existing alternatives.

 

[John_561]

Well, I think the big one is the governments of the world having access to data like that to begin with as a privacy issue. Previously in the USA at least you had to be arrested for them to get that info (fingerprints). But I agree, it's the most secure now. If what they say about quantum computing is correct, then passwords will be obsolete when they happen eventually anyway, so some level of security beyond that will be necessary. A computer than can do a number of calculations per second equivalent to the number of atoms in our universe can hack any password pretty quick.

 

[InvalidError]

A lot of misunderstandings about biometric data. I read a message here where someone asserts you can just hack a biometric database and forge credentials that way.

You do not need any of that fancy stuff: you simply need access to the person itself. If police or a crook wants to access your biometric-protected devices or data, all they need to do is physically take whatever biometric parameters they need directly from your body by force if necessary and there is little to nothing you can do against that.

A good password cannot be overcome by physical force, whoever wants to have access to your devices and data has to get the password out of your head, which is a whole lot more difficult to do against your will.