生物识别(Biometrics)是指识别个人物理特征的过程,例如指纹、视网膜图案等。该技术发展得更快,以取代基于文档的ID(IDs)。绝大多数公司现在都使用生物识别安全(Biometric Security)作为他们最值得信赖的身份验证和执行背景调查的方法。
生物识别安全威胁(Biometric Security Threats)与对策(Countermeasure)
虽然在纸面上看起来一切都很好,但事情并不像它们看起来那样笨拙。那么,生物识别安全的方法是否万无一失且完全可靠呢?我们试图通过探索在今天的帖子中找到答案
- 对生物识别安全的威胁
- 生物识别威胁的解决方案
尖端技术取代了输入PIN和密码(Passwords)的过时方法,提供了极大的便利。然而,每一种新方法都有一些固有的挑战。
1] 对生物识别安全的威胁
生物识别系统主要由三个不同的组件组成:
威胁发生在每个阶段。考虑以下,
传感器:(Sensor: )一种电子设备,用于记录您的信息,并在需要识别您的生物特征信息时读取它。您的某些物理身份可以复制。例如,网络犯罪分子可以从您可能留在办公桌上的一杯咖啡中获取您的指纹。此信息可能会被用于入侵您的设备或帐户。
计算机:(Computer: )必须有计算机等存储设备来存储信息以供比较。存储在生物特征数据库(计算机中保存的一组结构化数据)中的数据有时比任何其他类型的数据都更容易受到攻击。如何?您可以更改密码,但不能更改指纹或虹膜扫描。因此,一旦您的生物特征数据被泄露,就没有回头路了。
软件:(Software: )软件基本上是将计算机硬件连接到传感器的任何东西。更高级的黑客可以通过生物特征(Biometric)处理攻击向传感器提供伪造的生物特征样本。这是一种利用对生物特征算法的理解来通过软件导致错误处理和决策的技术。
生物识别安全(Biometric Security)的其他潜在威胁可大致分为
- 演示攻击(欺骗),其中生物特征样本的外观被物理改变或替换为试图进行身份验证的欺骗生物特征样本。有许多不同类型的人脸PA(PAs),包括打印攻击、重放攻击、3D 蒙版。
- 软件(Software)和网络漏洞——这主要包括对运行生物识别系统的计算机和网络的攻击。
- 社交(Social)和演示攻击——依赖生物识别安全的(Biometric Security)当局(Authorities)被欺骗泄露和窃取用户的生物识别信息。
2]生物识别安全(Biometric Security)威胁的解决方案
安全专家长期以来一直指出生物识别系统的易错性。他们还概述了生物识别数据被黑客入侵的风险,因此提倡稳健的解决方案。
- 生物识别安全措施——(Biometric security measure – )它是一种旨在通过监视和监督传感器来保护生物识别系统免受主动攻击的系统。虽然不错,但它有一个不足之处,该方法并非旨在防御零努力的冒名顶替者。
- 切换到行为生物识别——行为生物识别 (Switching to Behavioral Biometrics – )采用(Behavioral)的验证方法包括击键动力学、步态分析、语音 ID、鼠标使用特征、签名分析和认知生物识别。多种识别因素的组合使该解决方案成为首选。
- 使用多因素生物识别解决方案—— (Use multi-factor biometric solution – )该系统注册了一种以上的生物识别因素,例如视网膜图案、指纹和面部识别的一二组合。如果指纹与视网膜图案相匹配,并且视网膜图案与文件相匹配,那么您就设法建立了一个多因素身份,这是一个极难破解的生物识别安全系统。
- 高保真注册—— (Enroll at high fidelity – )从各种情况来看,很明显低保真生物识别扫描无法提供所需的保护级别。因此,为了获得最高的安全性,通过像经过认证的FBI(FBI)通道人员使用的高保真机制来注册多个指纹至关重要。这些可以防止DeepMasterPrint黑客攻击。系统用于识别个人的数据点越多,被黑客入侵和被假脸等漏洞利用的可能性就越小。
最后,人是终极的机器系统。因此,让一个人实时检查身份可以提高安全级别并增加责任感。毕竟,有人可能会通过戴口罩来欺骗面部扫描仪,但肯定无法通过安全检查站的人。
Biometric Security Threats and Countermeasure
Biometrics refers to a process of identification of physical characteristics of an individual such as fingerprints, retinal patterns, etc. The technology has grown faster to replace document-based IDs. A vast majority of corporate houses now use Biometric Security as their most trusted method for authentication and performing background checks.
Biometric Security Threats & Countermeasure
While all looks good on paper things are not hunky-dory as they appear. So, is the method of biometric security foolproof and completely reliable? We attempt to find answers in our today’s post by exploring
- Threats to Biometric security
- Solutions to Biometric threats
The cutting edge of technology offers great convenience by replacing the archaic method of entering PIN and Passwords. However, every new method has some inherent challenges.
1] Threats to Biometric Security
A biometric system mainly consists of three different components:
Threat occurs at every stage. Consider the following,
Sensor: An electrical device that records your information, as well as reads it when your biometric information needs to be recognized. Some pieces of your physical identity can be duplicated. For example, a cybercriminal can get access to your fingerprints from a cup of coffee you might have left on your work desk. This information could potentially be used to hack into your devices or accounts.
Computer: There must be a storage device such as a computer to store the information for comparison. The data stored in a biometric database (a structured set of data held in a computer) is sometimes more vulnerable than any other kind of data. How? You can change your passwords but not fingerprint or iris scan. So, once your biometric data has been compromised, there’s no going back.
Software: The software is basically whatever connects the computer hardware to the sensor. More advanced hackers can provide a fake biometric sample to a sensor via Biometric processing attacks. It’s a technique in which understanding of the biometric algorithm is used to cause incorrect processing and decisions via software.
Other potential threats to Biometric Security can be broadly classified into
- Presentation attacks (spoofing), in which the appearance of the biometric sample is physically changed or replaced with a spoofed biometric sample that is attempted for authentication. There have been many different types of PAs for faces including print attack, replay attack, 3D masks.
- Software and networking vulnerabilities – This mainly includes attacks against the computer and networks on which the biometric systems run.
- Social and presentation attacks – Authorities relying on Biometric Security are tricked to leak and steal a user’s biometric identification.
2] Solutions for Biometric Security threats
Security specialists have long pointed to the fallibility of biometric systems. They have also outlined the risks of biometric data hacks and have therefore, advocated for robust solutions.
- Biometric security measure – It is a system designed to protect a biometric system from active attack via surveillance and supervision of sensors. Although good, it has one shortfall, the method is not designed to defend from zero-effort impostors.
- Switching to Behavioral Biometrics – The verification methods employed by Behavioral biometrics include keystroke dynamics, gait analysis, voice ID, mouse use characteristics, signature analysis, and cognitive biometrics. A combination of multiple factors for identification makes the solution a preferred choice.
- Use multi-factor biometric solution – This system that enrolls more than one type of biometric factors, like a one-two combo of retinal patterns, fingerprints and facial recognition. If the fingerprints match the retinal pattern, and the retinal patterns match the documents, you manage to build a multi-factor identity, a biometric security system that’s extremely difficult to hack.
- Enroll at high fidelity – From the various instances, it’s obvious that low-fidelity biometric scans are incapable of offering the desired level of protection. So, for the highest security, it’s crucial to enroll multiple fingerprints through a high-fidelity mechanism like those used by certified FBI channelers. These provide protection against DeepMasterPrint hack. The more data points the system uses to identify an individual, the less likely it is to be hacked and run over by exploits like false faces.
Lastly, the human is the ultimate machine system. So, having a person to check identity in real-time can increase the level of security and add accountability. After all, someone might fool a facial scanner by wearing a mask but is surely not capable to get past a human at a security checkpoint.