Biometric Identification - Security Risk or the New Reality?

Just when you were getting used to placing your thumb or finger on the tiny button of your phone to login, mobile technology is changing once again. With the latest devices, they won’t unlock without facial recognition. 

If this kind of technology is available on something as common as our mobile devices, it’s only natural that we would integrate it into more sophisticated security practices. Want to access your bank account? Why not use both a password and biometrics? Want to trade stocks or evaluate your 401k portfolio? It makes sense there too. 

What about healthcare? There are a lot of benefits to adding it as a part of your security process. You can use fingerprints to sign in and access records, and use facial recognition or iris scans to ensure you have the right patient before moving forward with a procedure. 

Whether you place your finger on a pad, or use a camera for facial recognition, in theory, biometric identification appears to improve security. But like any form of security, when you use it to keep an end-user safe and secure, there will always be hackers trying to find ways to profit from it. 

Security risks include:

Imposter attacks - Technology is never 100 percent secure. There is always an acceptable rate of error. With biometrics, it’s referred to as FAR - False Acceptance Rate. For example, when a fingerprint or a facial scan is close, some systems will give access to an imposter as if they were an authorized user. While programs continue to work to get this as close to zero as possible, hackers are working on the other side to get in any way they can. 

Spoof attacks - You’ve probably seen spy movies where the criminal uses a print collected from a glass, or even a photograph to spoof the system and gain access to a secured area. These are based on reality. In some cases, criminals have been able to use these techniques to gain access. It’s a matter of both sides working diligently to stay one step ahead of technology. 

Storage - Every year we hear about large security breaches where user and password information is compromised. User and passwords can be changed; bioidentical information cannot. That makes compromises in biometric security that much more disastrous. 

While biometrics may be the way of the future, it’s important to note that every system has its weaknesses. And while technology will always be in the throes of improvement, criminal behavior will always be one step behind it, waiting to find a way in and profit from their gains. 

Before you implement any new technology into your practice, understand it’s weaknesses and develop a security plan first. Planning is the best way to protect yourself, your business, and your patients. 

For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.