Skip to main content

Why you should think twice before using biometrics

In the last decade we have seen how advances in biometric technologies have made it possible to identify individuals with their fingerprint, voice, iris or even brainwaves with very low failure rates.

I have no doubt that biometrics (something you are) will eventually replace passwords (something you know), which can be easily forgotten, guessed or deciphered with dictionary attacks. It is a fact, we are not good at choosing robust passwords and we reuse them all the time.

Unfortunately, it is not uncommon to hear from considered secure cloud services urging their users to change their passwords after a cyberattack. It is very annoying, but a new password should solve the problem.

But what if your biometric information is stolenMost of cloud services protect it the same way they do with passwords, i.e., the information is encrypted and stored in their servers. If after a cyberattack your fingerprint is deciphered, it could be used in order to access any other online service, and you can't simply change your fingerprint. If it is stolen once, it is stolen forever.

So the next time you are required to sign in with biometrics, ask your self how will your information be processed and protected.

A way to tackle this problem is by using Zero Knowledge Proof protocol (ZKP), that eliminates the transmission, storage and exposure of private user data during authentication. This way, biometric information never leaves the device, it is never transmitted or stored, so it simply cannot be stolen if the server is compromised.

* Disclaimer: I am CTO of Sedicii, a leading company in user authentication solutions, which uses ZKP-based patented technologies.

Popular posts from this blog

How to jump to time offsets in HTML5 video

Let's say that you have a 30-minute WEBM video file, from which you just want to play the following video segments , jumping from one to the other automatically  without interruptions : [00:01:25.00 - 00:02:25.00] -> from second 85 to 145 [00:11:40.00 - 00:11:55.00] -> from second 700 to 715 [00:20:26.00 - 00:21:07.00] -> from second 1226 to 1267 [00:26:11.00 - 00:28:01.00] -> from second 1571 to 1681 To increase the complexity, let's think that you have these video segments in a PHP variable $arrayVideoSegments  (normally the case if they were retrieved from the database).   $arrayVideoSegments[0]->startTime = 85   $arrayVideoSegments[0]->endTime = 145   $arrayVideoSegments[1]->startTime = 700   $arrayVideoSegments[1]->endTime = 715   $arrayVideoSegments[2]->startTime = 1226   $arrayVideoSegments[2]->endTime = 1267   $arrayVideoSegments[3]->startTime = 1571   $arrayVideoSegments[3]->endTime = 1681 The

The Ethics Canvas

In 2008, Alexander Osterwalder presented an innovative tool called " Business Model Canvas " (BMC) that aimed to help entrepreneurs to capture the fundamental business knowledge about their project, and bring about pivots in order to make the business model more consistent and successful.  Since then, the BMC has helped over 5 million entrepreneurs increase the value that they provide to their users, and find a sustainable model. In 2015, a group of researchers from ADAPT Centre  started using a similar approach in order to detect at early stage all the ethical implications of a project, and help entrepreneurs and researchers pivot their idea in order to minimise these issues. If you think about new technologies such as biotech, AI, IoT, VR, biometrics, blockchain, 3D printing,... they all bring great advancements for humanity, but they have some potential ethical issues that could have a catastrophic impact. After some months of hard work and experiments, we h

El Lean Canvas, explicado paso a paso

Tengo el honor de ser profesor del curso Startup Innovation Lab , del Plan de Empleo para la Educación Superior , en el que jóvenes canarios en situación de desempleo descubren las principales técnicas de emprendimiento siguiendo la metodología Lean Startup . Dado que no hay muchos ejemplos prácticos y en español sobre cómo completar el Lean Canvas , he creado un vídeo de 14 minutos en el que se explica, paso a paso, cómo completar el canvas utilizando Spotify como producto de ejemplo. Éste es el canvas resultante. Espero que sea de utilidad al igual que lo está siendo para mis alumnos.