Technology is moving forward at a tremendous pace. What was previously only seen in movies is now completely commonplace. Opening a safe or a car with a fingerprint is no longer the future. We can also unlock a phone with a fingerprint, for example.
Biometric authentication is thus becoming more and more widespread, which, although it can bring an additional layer of security, can also bring possible unexpected dangers. So how secure is biometric authentication really?
Biometric authentication technology
Biometrics are any biological or physical measurement that can accurately identify you. It can be fingerprints, face, iris, or various combinations of physical traits. Biometric authentication is used in everyday life, but also in airport security, financial transactions or to unlock smartphones.
Airports are introducing biometric authentication and virtually all new phones already support fingerprint or Face ID authentication.
In most cases, biometric authentication is more secure than a traditional password. Biometrics are much harder to copy, and passwords always run the risk of someone simply figuring it out or, for example, just seeing you typing it.
Can biometric authentication also be a threat?
Although harder to crack, biometric authentication is not bulletproof. Face ID, or facial authentication, has been cracked with a mask printed on a 3D printer. In 2014, a hacker created a fingerprint of European Commission President Ursula von der Leyen using images taken with a regular camera.
The implications of this are horrifying. Hackers are bypassing biometrics and breaking through commonly available technologies. But while you can change your password if someone cracks it, you simply cannot change biometric data.
Also black is the idea that while you simply don’t have to divulge your password, one can be coerced into using biometrics. A criminal could simply force a person to put their thumb on the phone, whereas with the password they wouldn’t even need to get into the phone.
So to use or not to use?
In the vast majority of cases, biometrics are more secure than traditional passwords. Hackers can theoretically get this data too, but it’s an extremely complex job that has to be focused on individual targets.
But biometrics are an increasingly widespread method of authentication, so we can expect to see new and more effective methods to steal, copy and misuse this data.
Today, and probably in the future, the most secure method is to use a combination of password and biometrics, i.e. two-factor authentication. It is true that putting your finger on the display is very convenient, but passwords will still have a role to play in the security system, and they will certainly not just disappear.