Hitoshi Kokumai

1 year ago · 2 min. reading time · ~10 ·

Contact the author

Like Share Comment
Blogging
>
Hitoshi blog
>
Step-by-Step Analysis of Why and How Biometrics Brings Down Security

Step-by-Step Analysis of Why and How Biometrics Brings Down Security

FRR (False Rejection Rages)

 

False Acceptance Rates and False Rejection Rates

 

10

10%

10°

    
    

38 (Equa ror Rates)

procucts
(more accurate)

  

 
 

00 100 ar 100 10
FAR (Fale Accegtarce Rates)

This is a follow-up of my earlier post – “Reality that so many security experts opt to not speak” 

  1. Biometrics is probabilistic; it measures unpredictably variable body features of living animals in ever changing environments.
  2. Therefore, biometrics does not escape the trade-off between False Acceptance (False Match/False Positive) and False Rejection (False Non-Match/False Negative), outline of which is shown in the graphs above.
  3. The presence of False Rejection forces a fallback measure to be pr-provided in case the correct user gets rejected. 
  4. Biometrics and a fallback measure need to be used together in a ‘multi-entrance’ deployment, as against a ‘multi-layer’ deployment.  The former increases the attack surface (= brings down defense), while the latter decreases it (=brings up defense).
  5. Unless a default password/PIN is invalidated not to work as a fallback measure (with availability sacrificed), the overall security is lower than that of the default password/PIN used on its own.

As such, it is not that biometrics is not so secure as it claims to be, but that biometrics destroys the defense which a default password/PIN has otherwise provided.

 

Worry about a backdoor?

 

Key References 
 

 “What we need to do for NOT achieving Solid Digital Identity”

Removal of Passwords and Its Security Effect 

Negative Security Effect of Biometrics Deployed in Cyberspace

External Body Features Viewed as ‘What We Are’

 

Distracted “A


Additional References
 

For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)

What We Know for Certain about Authentication Factors

Digital Identity for Global Citizens
 Image-to-Code Conversion by Expanded Password System

Summary and Brief History - Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Account Recovery with Expanded Password System 

 History, Current Status and Future Scenarios of Expanded Password System 

Availability-First Approach 

Update: Questions and Answers - Expanded Password System and Related Issues 

 

“Expanded Password System

wane = Only I can select all of
BS] them correctly

Broader choices with both images and characters accepted

i

 

 

 

 

Easy to manage relenons between accounts and corresponding passwords.

&

Torturous login is history. Login is now comfortable, relaxing and healing

BO
250
08


 

 < Videos on YouTube>
 

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes - narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space - "below-one" factor authentication

Secret Credenti

 
   
 

Memories

Episodic Memory
Like Share Comment
Comments

More articles from Hitoshi Kokumai

View blog
11 months ago · 2 min. reading time

Some friends directed my attention to this news report - · “Biometric auth bypassed using fingerpri ...

1 year ago · 2 min. reading time

Today's topic is BBC's “Facebook to end use of facial recognition software” · https://www.bbc.com/n ...

1 year ago · 2 min. reading time

The quantum computer held in a bad guy’s hand is indeed a big threat. So is the artificial intellige ...

You may be interested in these jobs

  • HN Company

    Lead Senior Software Engineer

    Found in: Ziprecruiter GB Test30 - 5 days ago


    HN Company Saint Albans

    Job Description · Salary 75,000 · 85,000 GBP per year Requirements: · Highly skilled using Java · Script · Node, React, Jest/Mocha · Strong AWS and microservices architecture experience · Excellent Agile experience is essentialResponsibilities: · Design, build, deploy, and main ...

  • Talent in Logistics

    Class 2 Tramping Drivers

    Found in: Talent UK - 1 week ago


    Talent in Logistics Glasgow Permanent

    Job Description: · Class 2 Tramper Drivers (LGV C) · Ongoing or Temp to Perm, Locations: · Nuneaton Pay rates:£. PAYE £ LTD. + £ per Night Out. *Client happy to accept Class 2 LTD Drivers Day Shifts - LONG TERM ONGOING WORK ALL YEAR ROUND Job role& Shift pattern: · Delivery & ...

  • Prospect Health

    Contact Lens Optician Vacancy, Birmingham

    Found in: Jooble GB - 4 days ago


    Prospect Health Co. West Midlands Full-time

    An exciting opportunity has become available for a Contact Lens Optician to join a patient focusses, independent practice in Birmingham, on a full time basis. You will be joining a well established and long standing independent practice, who always work with patient and staff ca ...