Biometric security offers the world several advantages over traditional PINS and passwords. Fingerprint scan technology gives organizations and individuals an excellent way to protect data assets, secure server rooms and render valuable devices impenetrable to hackers. Biometric security will only become more sophisticated as time goes on, and several recent news stories point to this fact.
Adding another layer of security to fingerprint scanners
TechRepublic explained that while biometric signatures are harder to crack than passwords, they still have one vulnerability. Because fingerprint scans are converted into a digital format – just like a password – that data is still susceptible to hacking. However, organizations are continually developing new technologies, and one such company believes it has solved this problem. The chief executive officer of one biometric company explained that storing biometric information can be troublesome.
"The main error that current biometric solutions make is centrally storing mass amounts of biometric template information," stated the CEO, according to the news source. "This is hazardous because in the event of a breach, this compromises sensitive biometric data; and unlike passwords, changing biometric identities is not easy."
As such, the CEO went on to explain that biometric authentication protocols should be stored in a trusted environment on the scanner devices themselves, and kept away from the operating system. The news source explained that, similar to mobile devices that use fingerprint scans, like Apple Pay, the best way to manage biometric signatures is by using a Trusted Execution Environment that is separate from the OS. This new technology is able to send digitized biometric information to an authentication server using tokens. This adds a whole new layer of protection.
"The user's fingerprint is authenticated to the user's token," the CEO added. "Once the token verifies the user's fingerprint, it initiates a cryptographic signature. Since this cryptographic signature can only be initiated once the user's fingerprint is verified, reading the fingerprint is an additional authentication factor."
Brainwave-based security might be coming next
According to VR-Zone, researches may soon be able to use the way a brain responds to a computer screen as a foundation for a new biometric security system. Experts from Binghampton University have been working on a project that may change the way companies think about biometric security. In their study, a group of volunteers had their brain reactions to various stimuli recorded. The results showed that brain waves are different enough to be used for authentication in a security system. Sarah Laszlo, an assistant professor of psychology at the university explained that "brainprints" may be better than fingerprints because, while fingerprint images can be stolen, brain waves cannot.
"If someone's fingerprint is stolen, that person can't just grow a new finger to replace the compromised fingerprint – the fingerprint for that person is compromised forever," said Laszlo, according to the news source. "Fingerprints are non-cancellable. Brainprints, on the other hand, are potentially cancellable. So, in the unlikely event that attackers were actually able to steal a brainprint from an authorized user, the authorized user could then 'reset' their brainprint."
Phys.org reported on another innovation in biometric security, based on the idea of using three-dimensional fingerprints. Fingerprint scans used in smartphones like iPhones only produce a two-dimensional image of a fingerprint. However, a newly developed ultrasonic sensor can eliminate the risk of replication by imaging the ridges and valleys of a fingerprint surface. The technology is very similar to medical ultrasound imaging. The inventors essentially created a small ultrasound imager that can record the shallow layers of tissue near a finger's surface. David Horsley, professor of mechanical and aerospace engineering at the University of California, explained why the technology is similar to ultrasound.
"Ultrasound images are collected in the same way that medical ultrasound is conducted," said Horsley, according to the news source. "Transducers on the chip's surface emit a pulse of ultrasound, and these same transducers receive echoes returning from the ridges and valleys of your fingerprint's surface."
Ultimately, biometric security provides a safe and effective way to protect electronic files. Over time, these methods will only become more sophisticated. Companies looking to commit to better data protection policies should consider making a switch now and catch the wave of innovation as it happens.