Biometric Security - 2

Biometric security devices have a high gee-whiz factor, but experts had an easy time fooling them.

One of the most common causes of network security breaches is easily guessable or insecure passwords. Many users choose common names or words that are in any dictionary; others use the same passwords everywhere or write them down where they can be discovered. Wouldnt it be great if you never had to remember another password? This is one of the claimed benefits of biometrics—technologies that let machines recognize you via one or more physical features. Devices are now available that can examine users fingerprints, facial features, and irises; some even attempt to identify individuals by examining their gaits as they walk.


The good news is that such devices are coming down in price; some, like the fingerprint recognition devices built into some mice and keyboards, are easily affordable for average consumers. The bad news is that, as with all new technologies, many of the current biometric systems are not quite ready for prime time. A recent article on PC Magazines sister site, ExtremeTech), describes ways in which its authors were able to spoof a wide variety of systems. They foiled some face recognition systems—which try to match facial features such as the distance between ones eyes and the sizes of ones nose and mouth—with still photographs; the authors likewise fooled iris sensors by placing a still photo over a different persons eye.