printer friendly version

Biometrics galore

Before I get onto this month’s editor’s note, have you received your CCTV Handbook 2014 with Hi-Tech Security Solutions? You should have. It’s awesome and you shouldn’t miss it. If your Handbook was not bundled with this issue, please contact [email protected] to get a copy.

Biometrics and specifically fingerprint biometrics have been with us for a long time and have mostly been ignored as a security mechanism in the mass market. The reasons for this are many, including ignorance, misinformation, and the belief that today’s biometrics are still the same devices of years ago that could be fooled by a photocopy of a fingerprint.

Other, more reasonable reasons include the difficulty in reading some people’s fingerprints and the difficulty in matching prints in certain conditions. There are many other reasons too. I’m currently doing a dissertation on the potential of using biometrics to reduce the opportunities for certain types of cybercrime and it is amazing to see people’s opinions of biometrics as well as some of the studies done on the topic.

A while ago Apple released a new iPhone, which was pretty much like any other iPhone except for a fingerprint reader in the home button. I’ve written on this and the hysterics which followed before, but safe to say someone quickly revealed that they had hacked the Apple reader – which is not too difficult if you have a huge budget and a nice clear copy of the person’s fingerprint to work with.

The latest news is that Samsung’s new phone will also have a fingerprint reader – one that you slide your finger over – much like many laptops have today. I’m told these are less secure than the readers that scan your whole finger at once, but I’ll leave that to the experts.

The difference between Apple’s release and Samsung’s is that you can only access your App Store with your biometric iPhone, whereas Samsung delivered the news of its new biometric model (the S5) along with news of a deal with PayPal. This deal will allow you to pay for goods online via swiping your finger over the reader. How cool is that!

I believe this is the time for biometrics to come into its own and change the way we authenticate ourselves in various areas of our lives. The password is really, finally on the way out. I have no doubt, however, that it’s going to fight to the bitter end, undoubtedly assisted by those still maintaining passwords are easy and free. (See an RSA white paper titled 'Are Passwords Really Free?' if you want to see what it costs to keep your business on passwords.)

But it may not be a total win for biometrics. We have a short article on the FIDO Alliance (Fast IDentity Online) this month and its awesome plan to make authenticating ourselves online far more secure, and it allows other forms of authentication as well (not passwords, they’re so 1985). If you’re interested in identity management or authentication in any sphere of business, you should take a look (fidoalliance.org). As a matter of interest, FIDO software is behind the Samsung/PayPal deal.

However, back to this issue. You’ll notice that we have quite a healthy focus on data security and securing your infrastructure this month. Is it too much? Too little? Irrelevant? Too non-technical? Send your comments and criticisms of this issue and the CCTV Handbook 2014 to [email protected]

Andrew Seldon

Editor

Share this article:

Further reading: