Slashdot Mirror

← Back to Stories (view on slashdot.org)

Biometrics: Prepare to be Scanned

Posted by michael on from the scanned-in-the-place-where-you-live dept.

npistentis writes "From an article in the Economist: It has been a long time coming. But after years of false starts, security systems based on biometrics--human characteristics such as faces, hand shapes and fingerprints--are finally taking off. Proponents have long argued that because biometrics cannot be forgotten, like a password, or lost or stolen, like a key or an identity card, they are an ideal way to control access to computer networks, airport service-areas and bank vaults. But biometrics have not yet spread beyond such niche markets, for two main reasons. The first is the unease they can inspire among users. Many people would prefer not to have to submit their eyes for scanning in order to withdraw money from a cash dispenser. The second reason is cost: biometric systems are expensive compared with other security measures, such as passwords and personal identification numbers. So while biometrics may provide extra security, the costs currently outweigh the benefits in most cases."

2 of 284 comments (clear)

  1. Can't be changed, either. by Pyromage · · Score: 1, Redundant

    Sure, you can't forget your retinas, or lose your fingerprints. And good biometrics could, in theory, be extremely difficult or expensive to counterfeit.

    However, if anyone ever *does* compromise your biometrics, what then?

    You could have a society where access to so much is based on it (because it worked so well) and then all of a sudden, all the passwords are out in the open. Except that unlike a password list disclosure, you can't change your password!

    Sure, probably no one will ever compromise your retinas, but what do you do if it *does* happen? You can't argue that it's not possible, and just because it isn't practical doesn't mean it won't ever be. You always must be able to change your password. Always!

  2. A third reason... by po8 · · Score: 1, Redundant

    A third main reason that biometrics haven't taken off is irrevocability. Bad guys can forge your fingerprints, and you can't counter this by changing fingers. DNA is particularly noxious in this regard: there's a lot one can do with stray hairs from a hat and some PCR.

    The oldest biometric still in widespread use is the signature. Ironically, we are moving away from signatures because of the problems with biometrics. IMHO it is unlikely that newer biometrics will be better. The best seems to be the intelligent combination of biometrics with other methods---as with signatures now.