Home > News > Industry News > 5 Things to Consider Before Us.....
Browse Categories
Face Recognition Temperature(7)
New Arrival(26)
Hot Products(12)
Fingerprint Scanner(23)
Handheld Terminal Series(14)
POS Terminal(5)
Time Attendance Series(14)
Access Control Series(6)
Personal Security Protection(4)
Sales Promotion(35)
Door Lock Series(11)
Camera Series(11)
Explosion Models
Contact us
Tel:+86-23-67305242 :
Facebook:Huifan Technology
Contact Now


5 Things to Consider Before Using Biometric Authentication

  • Author:HFSecurity
  • Release on:2021-01-26

People have always thought that having a password that can be kept secret in your memory is as good as gold until hackers can fully smash or crack them. Thus, we will make super easy to crack passwords (such as "password" or the name of our cat, child or birthday) easy to use the same password in every account created. Remembering multiple passwords takes more time and strength than having one password for everything, but making our lives easier also means making hackers' lives easier.

As a result, the idea of ​​updating the authentication method was proposed. And log in with "what do you know", it is better to be able to log in with "what are you (biometrics) or "what do you do" (behavioral data)? These factors have led to the development of identity and access management technology.

Companies such as HFSecurity provide a convenient method for implementing biometric authentication on online services using the biometric function of the device, and can easily combine biometric methods with other methods using fingerprint scanner solutions.

Today, large companies can use smart cards or fingerprint readers and passwords to access the network. In the consumer world, we are also increasing the use of new authentication methods, such as fingerprint scanning on mobile devices. Consider the iPhone and the innovative Touch ID.

How secure is it to log in with fingerprint scanner applications?

Logging in to the account via fingerprint alone may be risky. Please note the following points before setting up via biometrics.

1. Can deactivate biometrics

Have you been told not to write down all your passwords to prevent others from stealing it? You have android phone with fingerprint scanner everywhere, and fingerprints are easy to lift. Don't you believe me?

You may think that iPhone6 ​​has enhanced security, but in fact it seems that no measures have been taken to solve this problem.

Of course, to make the phone hacked like this, you also need to steal the phone, but the technology is easy to use and means that if the device is stolen, it will be threatened.

It was also found that you can use the photo to lift the fingerprint. This means that you did not even touch any dangerous objects. You only need to store the texture image of your fingerprint somewhere online.

2. Biometric fingerprint scanner technology is difficult to reset

Security research has shown that the method of remotely intercepting biometric data is like keylogger intercepting keystrokes. To this day, we have seen that biometric technology is compromised with the help of printers, paper, ink and cameras. If the biometric data is damaged if your usb fingerprint scanner, the reset operation will require the use of a sharp knife and will not improve the customer experience. Other biological characteristics (such as blood vessel pattern, retina, ECG pattern, etc.) are even more difficult to change, or completely impossible.

3.  Biometrics is "your stuff" rather than "what you know"

Take the United States as an example. The 5th Amendment protects you from losing your password to your mobile phone during traffic stops. However, if you use a fingerprint scanner on your phone, the 5th Amendment should not provide protection, so you may be forced to use your fingerprint to unlock your phone. This is the legal difference between what you know and what you own.

The acceptance rate of biometric technology is wrong

In biometrics, there will always be a false acceptance rate (FAR) or false rejection rate (FRR). FAR tells you how often people you shouldn’t actually know are recognized. Most biometric systems claim that their FAR is between 1 in 10,000 and 1 in 1,000,000.

Hackers can use the copies of user biometrics collected by the system to generate log-in fake biometrics. This is called a physical spoofing attack and is compared to the behavior of a hacker watching someone write down their password and copy the password.

If hackers cannot access your fingerprint biometrics, they can still gain access by intelligently guessing (through complex algorithms) or using real invalid user samples to create fake biometrics. Imagine using a dictionary to calculate the password.

4. Recommendations for using biometric fingerprint scanner mobile

Even taking into account the above considerations, this is not to say that biometric technology has no place in identity and access management. Biometric technology provides additional factors that facilitate identity verification or access to secure information (such as private keys). Similarly, you can use certificates to verify your identity, and even use a mobile phone. In an ideal world, you would implement a system similar to the following:

The system boots to the welcome screen, it does not display any UserID, which will reduce the possibility of guessing the user name.

Swiping your fingerprint or scanning the retina will not log in to your system, only your UserID will be displayed. Likewise, biometrics is your identity. You can also include the certificate as an ID here. For more information, see this certificate-based authentication white paper.

Now that your UserID appears on the screen, you can authenticate using what is known or has stronger authentication. The blocked UserID creates an additional layer of security.

Biometric identification is very convenient, and criminals tend to hang low. Before using them for single-factor authentication, make sure you understand the legal implications and risk factors associated with the method. Biometric methods are usually easy for end users and can improve the customer experience. With the IAM solution, you can choose the appropriate way to authenticate users from social identity to smart card, and biometric technology can be used as an option, or it can be used with other methods as other factors.














Chongqing huifan technology

Related News: