Skip to main content

Why you should think twice before using biometrics

In the last decade we have seen how advances in biometric technologies have made it possible to identify individuals with their fingerprint, voice, iris or even brainwaves with very low failure rates.

I have no doubt that biometrics (something you are) will eventually replace passwords (something you know), which can be easily forgotten, guessed or deciphered with dictionary attacks. It is a fact, we are not good at choosing robust passwords and we reuse them all the time.

Unfortunately, it is not uncommon to hear from considered secure cloud services urging their users to change their passwords after a cyberattack. It is very annoying, but a new password should solve the problem.

But what if your biometric information is stolenMost of cloud services protect it the same way they do with passwords, i.e., the information is encrypted and stored in their servers. If after a cyberattack your fingerprint is deciphered, it could be used in order to access any other online service, and you can't simply change your fingerprint. If it is stolen once, it is stolen forever.

So the next time you are required to sign in with biometrics, ask your self how will your information be processed and protected.

A way to tackle this problem is by using Zero Knowledge Proof protocol (ZKP), that eliminates the transmission, storage and exposure of private user data during authentication. This way, biometric information never leaves the device, it is never transmitted or stored, so it simply cannot be stolen if the server is compromised.

* Disclaimer: I am CTO of Sedicii, a leading company in user authentication solutions, which uses ZKP-based patented technologies.

Popular posts from this blog

How to jump to time offsets in HTML5 video

Let's say that you have a 30-minute WEBM video file, from which you just want to play the following video segments , jumping from one to the other automatically  without interruptions : [00:01:25.00 - 00:02:25.00] -> from second 85 to 145 [00:11:40.00 - 00:11:55.00] -> from second 700 to 715 [00:20:26.00 - 00:21:07.00] -> from second 1226 to 1267 [00:26:11.00 - 00:28:01.00] -> from second 1571 to 1681 To increase the complexity, let's think that you have these video segments in a PHP variable $arrayVideoSegments  (normally the case if they were retrieved from the database).   $arrayVideoSegments[0]->startTime = 85   $arrayVideoSegments[0]->endTime = 145   $arrayVideoSegments[1]->startTime = 700   $arrayVideoSegments[1]->endTime = 715   $arrayVideoSegments[2]->startTime = 1226   $arrayVideoSegments[2]->endTime = 1267   $arrayVideoSegments[3]->startTime = 1571   $arrayVideoSegments[3]->endTime = 1681 The fo

5 learnings from a techie turned into a NFT artist

In September 2021 I chose to sell my crypto AI art business after two enriching (and often painful) years as a part-time sole founder. Today  is one of the best-selling AI art collections on Opensea . I want to share with you some of the key lessons I learned during this period: Work hard and get lucky.  And I got really lucky. On February 24th 2021 I had planned to shut down , back then a business selling AI Art printed on canvas. I was discouraged after several months with no sales and my Shopify billing cycle was ending that day. Then something incredible happened: I missed the Shopify deadline and I sold an artwork one hour later. The buyer asked me: " Can I get it in as an NFT? ". I had absolutely no idea what an NFT was, but after a bit of research I found the concept so interesting that, two days later, I had pivoted the entire business to  NFT art made by AI . Sales started to pick up: I had finally found product-market fit . Impostor syn

Microsoft will soon launch a feature to schedule chat messages on Teams

In 2021 I wrote an article  where I shared why I started scheduling my emails and the positive impact this easy action has had on the wellbeing of the recipients and on my own work-life balance . However, one of my frustrations is that, as of today, it is not possible to schedule chat messages or posts on Microsoft Teams. Have you ever received a push notification on a Friday evening  from a non-urgent message that could have easily waited until Monday? Yes, you know what I am talking about! The good news is that Microsoft is currently working on this feature, and it is expected to be released in July 2022 , as we can see on Microsoft's roadmap . It was back in June 2019 when this useful functionality was first proposed on Microsoft Tech Community . It soon gained many supporters that pushed it through the approval channels. I can't wait to start using this!