Category: Biometrics security

Times of Malta reports last month that the Maltese Passports Office has started issuing biometric passports, thus providing holders with a more secure travel document.

“timesofmalta.com” indicates that the launch was made last October by the Minister for Infrastructure, Transport and …

There are significant privacy and civil liberties concerns regarding the use of such devices that must be addressed before any widespread deployment. Briefly there are six …

Scientists from the Monell Center present behavioral and chemical findings to reveal that an individual’s underlying odor signature remains detectable even in the face of major dietary changes. The findings using this animal model support the proposition that body odors …

Users may be concerned that the use of biometric authentication will increase the
danger that they will find themselves targeted by ruthless criminals who are intent on
gaining entry to the assets protected by the biometric. With non-biometric
authentication, cards, keys, and passwords …

If details of countermeasures employed in biometric systems are publicised, it may
help attackers to avoid or defeat them. Similarly, if attackers know what
countermeasures are not employed, this will help them identify potential weaknesses
in the system, and direct attacks towards those …

Many encryption algorithms are publicly available to allow cryptographers to analyse
and verify the strength of the encryption. Biometric algorithms are not readily available
for review and are thus an unknown factor.
Biometric algorithms do not generally fulfil the same purpose as cryptographic
algorithms. …

This is a sometimes heard expression of concern about the potential misuse of
biometric data stored on central databases. It refers to the threat to privacy that such
centralised collections of personal data could pose if compromised.
Biometric data are regarded as personal …

Biometric systems may be initially adequately secure, but become less so with
passing time. This could be because critical security parameters such as threshold
settings become maladjusted, or sloppy enrolment procedures lead to poor enrolment
quality. Some biometric systems are self-adaptive which means …

This is related to the covert use of biometrics (see “Can my biometric be collected
covertly?” previously), and to functional creep in applications. It is important to realise
that authentication does not necessarily imply consent, and it is consent which is the
issue …

Valuable assets are traditionally protected by secrecy, typically secret passwords.
Biometric features are often readily observed and do not possess equivalent secrecy.
They may also be captured with varying degrees of difficulty.
This is a variation on the spoofing concern. It is certainly …

There is sometimes a misapprehension that biometrics can provide absolute
identification (e.g. of terrorists, criminals etc) as though the implementation of
biometric systems will somehow solve the problem of a major terrorist attack.
Of course biometric systems can, at best, only identify/verify individuals …

Capture/replay is the name given to attacks where the biometric signals from an
enrolled user are captured at one place and time and replayed later (usually at the
same place) in an attempt to fool the system that the enrolled used is …