Biometrics: Where do we stand?

Friday, April 16, 2010

Contributed By:
Aaron Simmons

New Hampshire recently voted down the bill (HB 1409) and sided with the Security Industry to allow Biometrics. So now that security is becoming a priority, where does it stand in the role of Authentication Verification?

There are several methods for verification, (Biometric, PIN, Token and even Telephone Call Back/SMS). Each one of these has its pro’s and con’s, especially depending on the market you are securing!

Some Compliance Regulations even call for this type of verification, including the Department of Homeland Security has a Directive for dealing with Biometrics. However, some proponents of Privacy laws are pushing to halt the use of Biometrics.

So the question is; How can it benefit you in your sector, without becoming a liability?

Share This! |

Views:	2083
Categories:	Firewalls IDS/IDP Network Access Control Network->General
Tags:	Biometrics Authentication

Post Rating I Like this!

Comments:

Ruben Ramirez If we are talking acceptable liability regarding privacy, Biometrics can be a viable solution especially when using several approaches to securing the identity data (i.e. fingerprint, etc) Regarding a given biometrics system, its security and storage of Authentication data, it does not have to store the true identity data of a given person. Hashing the user’s identity data and storing the hash instead if the true data can solve the problem of an adversary successfully identifying a user from ill-gotten stored identity data. There are other ways that can be expanded on such as air-gaping, etc. The remaining question is whether or not there are enough facts that can be presented in order to gain customer acceptance for Biometrics.

1271440863

Cr00zng Around While it's true that there are number of different authentication method that's available as stated, the financial implication and customer acceptance had put a dent into its utilization across the board. Certainly, the government organizations with your taxes paid can require biometric authentication; however, try to convince your company that it is the way to go.

Not to mention the fact that biometric authentication isn't 100%; all of them have false acceptance/rejection ratios that can make your end users and security administrators miserable at times. for the time being it's better to stick with "tried and true" technologies, such fobs, or RSA tokens. Most of these systems do support software tokens as well that might just be the next authentication type that will be deployed widely.

Cr00zng

1271453632

You Must Register or Login to Comment

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.

Most Liked

Latest Member Comments

"Android is always preferable over any OS, very much flexible. Waiting for it's desktop popularity... http://www.doctorbrakes.com"

Steps Toward Weaponizing the Android Platfor... Freid Jerome on 05-17-2013

"http://www.lovewigs88.com"

Is BYOD a Nightmare for IT Security or a Dre... Sasa Miss on 05-16-2013

"http://www.wighair.co.uk/"

FTC Seeks Comment on Proposed Revisions to C... Sasa Miss on 05-16-2013

"http://www.lovewigs88.com"

How to Protect Your Privacy from Facebook's ... Sasa Miss on 05-16-2013