Norton UK Blog
Biometrics – A Hacker’s Delight
With the recent news that some of the UK’s major banking companies will be offering their customers the chance to use fingerprint or voice authentication to access their bank accounts biometrics are very much in the spotlight. So, what exactly are biometrics and how could they possibly be as secure as they seem?
The term biometrics refers to a measurement or measure related to human characteristics, for example, in the case of an iris scanner, the device looks over your eye and quantifies the unique patterns within it to determine if it is in fact, you. The essence of it is this, computers have become intelligent enough to identify our unique biological characteristics, be it the nuances of our speech pattern or the faint outlines on the tips of our fingers, it can be done, quickly and efficiently.
Unfortunately nothing is ever hack proof, and biometrics are not an exception to this rule, voices can be mimicked, fingerprints can be stolen and iris’ can be imitated.
Speech Synthesis, or text to speech, involves using a small sample of recordings which would then enable a computer to imitate a human speaker to a high enough degree of accuracy that it would have positive reads on voice recognition fail safes. Voices can also be converted via software to alter their signal frequencies, speech characteristics and rhythm, and therefore manipulated to sound similar to the voice of a prospective target.
We leave fingerprints wherever we go, glasses, keyboards, door handles, and with the advent of 3-D printing, should someone wish to clone a fingerprint, providing they have a copy, it can be literally printed and stuck to the end of their finger, giving them access to your device and/or account.
The iris of an eye is a complicated thing to imitate, let alone replicate, nonetheless it is now possible to generate a fake image from the iris code of a real person, an image which is complex and accurate enough to fool iris scanners.
Time and time again it has been proven that new technologies are not infallible, firewalls have been bypassed, passwords hacked and encryptions… unencrypted, there are already signs that indicate that biometrics are no different; as always, vigilance and security remain imperative.