Biometrics will spell the end for passwords by 2020

[Aerosol]

Nearly half of people aged 16 to 24 foresee the end of passwords and pin numbers by 2020 as biometric security takes over, according to research by Visa.

The research of 2,000 people revealed that 69 percent of respondents aged between 16 and 24 - dubbed 'Generation Z' - believe it will be easier and faster to use biometric identification than remembering passwords and pin numbers.

This age group is also keen to adopt biometric security. Some 76 percent feel comfortable with the concept of making payments using biometric data.

Jonathan Vaux, executive director at Visa Europe, told V3 that the use of biometric authentication in smartphones as seen in Apple's latest iPhones will help drive demand for the technology.

"Fingerprint biometrics in particular are entering the mainstream as a security measure, with the likes of Apple and Samsung relying on biometric security to enter their phones, and more recently the launch of Touch ID and Apple Pay," he said.

Generation Z also favours fingerprint scanning over other forms of biometric identification, the research revealed.

Nearly 70 percent expressed a desire to use fingerprints rather than passwords, while 39 percent favour retina scans and 27 percent favour face recognition.

Vaux explained that biometrics technology will continue to evolve, offering more secure identification by scanning vein patterns in fingers rather than fingerprint systems which can be hacked.

This evolution of biometrics and increased demand from consumers will break down the scepticism and criticism that some consumers show for the technology.

"We mustn't discount biometrics as a viable form of security. When passwords were first introduced consumers needed to be educated on how to be safe and secure when using them," said Vaux.

However, Vaux does not believe that passwords will disappear completely, but will become a secondary layer of security to further reduce the risk of fraud.

"There are some concerns surrounding biometric security measures, such as whether fingerprints can be reproduced. Biometric security could be coupled with password or Pin authentication to maintain higher levels of security," he said.

"In the future there may not be one security measure, but a combination of several - the biometric equivalent of two-step authentication."

Biometric security is undoubtedly becoming more widespread. Apple added its TouchID fingerprint scanner to the latest range of iPads and iPhones, and Barclays has introduced a tool that scans the vein patterns in a finger.

Source

[abraxyss]

This will also cause an increase in the missing fingers population.

[Gushterul]

Nu cred, nu poti sa iti schimbi biometrics:)

[Ganav]

What if I break my arm? Can I use my foot for palm print authentication?

[TheTime]

Mie mi se pare o tragedie toata povestea asta, din doua motive.

In primul rand, nu sunt sigure. Poate ca au in spate modele matematice bine elaborate care atesta ca sunt sigure si bla bla, dar asta ii convinge pe matematicieni si pe creduli ca sunt metode sigure. Pe mine nu. Eu, ca inginer, stiu ca orice masuratoare biometrica depinde foarte mult de senzorul folosit. Iar la scara larga nu vor fi folositi cei mai performanti senzori, din pacate nu vor fi folositi nici cei mai buni judecand dupa raportul calitate/pret, in majoritatea cazurilor vor fi folositi senzorii cei mai accesibili. Din start avem erori de masurare.

Mai apoi, caracteristicile noastre biometrice variaza in timp, nu e intamplator faptul ca acum nu mai aratam ca la 10 ani. Sa nu credeti ca amprenta voastra arata la fel la 60kg si la 90kg, dimineata devreme sau cand aveti degetele umflate dupa o zi grea de munca, in mijlocul unei zi toride de vara sau dupa ce ati stat cu mainile 2 ore in apa sarata a marii. Deci algoritmul de recunoastere biometrica va trebui sa aibe anumite tolerante. Tolerante pe care noi, oameni inventivi, le putem folosi pentru a falsifica probele biometrice.

Probele biometrice nu ar trebui folosite pe post de autentificare/autorizare. Din duo-ul utilizator - parola, in mod natural probele biometrice ar trebui sa substituie utilizatorul. Nu parola, nu duo-ul.

Si asa am ajuns la cel de-al doilea motiv: ce confidentialitate vom mai avea noi, ca utilizatori, daca in procesul de autentificare ne sunt cerute probe biometrice? Pana in anul 2050 vom fi nevoiti sa dam probe ADN si bucati din ficat ca sa ne putem face cont pe vreo retea de socializare? Va ma posta cineva mesaje critice la adresa unei puteri corupte daca va trebui sa se semneze cu amprenta?

In esenta, exista 3 forme de autentificare:

- ceea ce suntem => probe biometrice;

- ceea ce avem => tokens, sms;

- ceea ce stim => afurisitele de parole.

Ce ar trebui sa facem pentru siguranta noastra? Sa ne riscam integritatea? Sa scapam de hotie? Sau sa ne amintim parolele pe care le punem la betie?

Edited January 21, 2015 by TheTime

[Worm64]

Daca ai un computer quantic poti face brute la orice si la tokens,si la probe biometrice

[laszlo_borsh]

Mie mi se pare o tragedie toata povestea asta, din doua motive.

In primul rand, nu sunt sigure. Poate ca au in spate modele matematice bine elaborate care atesta ca sunt sigure si bla bla, dar asta ii convinge pe matematicieni si pe creduli ca sunt metode sigure. Pe mine nu. Eu, ca inginer, stiu ca orice masuratoare biometrica depinde foarte mult de senzorul folosit. Iar la scara larga nu vor fi folositi cei mai performanti senzori, din pacate nu vor fi folositi nici cei mai buni judecand dupa raportul calitate/pret, in majoritatea cazurilor vor fi folositi senzorii cei mai accesibili. Din start avem erori de masurare.

Mai apoi, caracteristicile noastre biometrice variaza in timp, nu e intamplator faptul ca acum nu mai aratam ca la 10 ani. Sa nu credeti ca amprenta voastra arata la fel la 60kg si la 90kg, dimineata devreme sau cand aveti degetele umflate dupa o zi grea de munca, in mijlocul unei zi toride de vara sau dupa ce ati stat cu mainile 2 ore in apa sarata a marii. Deci algoritmul de recunoastere biometrica va trebui sa aibe anumite tolerante. Tolerante pe care noi, oameni inventivi, le putem folosi pentru a falsifica probele biometrice.

Bagam un cip unic pt fiecare in frunte .Problem solved.

[Gushterul]

Daca exista vre-o metoda de autentificare mai buna ca parola, din 7 miliarde de oameni banuiesc ca o gasea cineva pana acum. Dar nu te opreste nimeni sa tot incerci, poate candva cineva o sa vina cu o idee. Dar putin probabil:)

[onet.hacker]

I need a good crypter for stealer, rat and zues, pm on deboydeboy1@yahoo.com

[wildchild]

I think you guys are forgetting that any kind of digital information is a sequence of 0 and 1 and you don't really need the original biometrics to pass. Of course, if you can manipulate somehow the handshake or dataflow between the reader and the authenticator, there is still a change depending on the algorithm to foul it. Especially because there will be plenty of backdoors in the original designs imposed by the governments or maybe the tech owner.

Daca exista vre-o metoda de autentificare mai buna ca parola, din 7 miliarde de oameni banuiesc ca o gasea cineva pana acum. Dar nu te opreste nimeni sa tot incerci, poate candva cineva o sa vina cu o idee. Dar putin probabil:)

Vein matching - Wikipedia, the free encyclopedia