Why your biometric data should never get hacked
Are you prepared to have plastic surgery if your biometric data is stolen? No? Don’t worry, we’re not either. A top concern about biometric authentication is that the biometric data – fingerprints, facial features, iris, voice, etc. – is something that can’t be changed like a password if it’s stolen. Your face is your face. While this is true, the likelihood of a cyber criminal stealing someone’s biometric data is extremely slim, if companies offering and using biometric authentication follow industry best practices. Let’s look at four key best practices that you should ensure your biometric authentication partners have in place to keep biometric data secure.
Best Practice 1: No centralized biometric database
If you’re nervous about the security of biometrics, you’ve likely heard about the 2015 theft of millions of fingerprints from a database of the US federal government Office of Personnel Management. This large-scale attack occurred because there was a target, a centralized repository of biometric data. The FIDO (Fast ID Online) Alliance has long recommended that biometrics should never leave the user’s device to eliminate the possibility of theft from a centralized database. To steal someone’s biometric data would require stealing the device itself — and if best practice #3 was implemented, there actually would be no raw biometric data on the device to steal.
Best practice 2: On-device matching of credentials
The strategy of “keeping it local” applies to credential matching as well. Similar to best practice #1, ensuring credential matching on the device eliminates a centralized point for a large-scale attack. It also avoids transmission of data that could be intercepted. In addition to being more secure, local credential matching also enables authentication even when the user or systems are offline.
Best practice 3: Revocable biometric templates
Instead of storing raw biometric data, biometrics should be used only “in the moment” to create a template or unique code for authentication purposes through encryption, tokenization or hashing. If a system or device is ever breached, this template or code can be revoked or changed, protecting the user. Also, to date, no one has been able to reverse-engineer templates to expose credentials, keeping data safe. In fact, this is the approach on iPhones and Macs with Touch ID or Face ID. These devices use a processor called Secure Enclave, which only stores encryption keys (not biometrics) that are used to lock biometric data on the phone or computer. The processor is isolated from the operating system, so even if the iOS was exposed to malware, the malware still wouldn’t be able to access the encryption keys. Android and Google smartphones follow a similar protocol.
Best practice 4: Public key cryptography
With biometric authentication solutions that adhere to FIDO Alliance standards, biometrics is always part of a strong authentication approach to security. Biometrics unlock a public/private cryptography key pair unique to the user, sending the public key to the server and keeping the private key and any biometric data or encrypted templates securely on the local device. Biometrics should function as a secure and user-friendly first factor that make authentication more convenient for users; ensure it is backed up with that second-factor cryptography key.
Biometric protection into the future
No matter the biometric type, – fingerprints, voice, retinas, etc. – eventually someone, whether researchers or criminals, will find ways to fake it to gain access to systems and devices. In fact, researchers in Germany were able to bypass several vein authentication scanners using a wax hand and a photograph that showed the target’s vein layout. It took 2,500 test photos, so it wasn’t easy, but it ultimately worked. However, even when “faking it” becomes more efficient (which it will, eventually), the best practices above still significantly mitigate risk by reducing the amount of personal data collected or stored. This approach of “data minimization” is becoming the standard of basic information security to help stem the tide of data breaches. Biometric authentication, when implemented correctly, is a powerful – and secure – solution for preventing cyber crime and data breach.