Pundits are missing the point on Biometrics

We continue to field questions from members about adoption rates of biometrics as part of a multifactor identification scheme.

 Most media coverage focuses on the fact that as a practical matter biometrics does not yet work all that well. Here is a sampling of recent items:

 False negatives:

False positives:

Ease of stealing the information:

However there is a greater problem with biometrics–once your biometric data have been compromised, there is no way to fix things. If my password (what I know) is learned or my token (what I have) lost, those can be revoked and replaced. If someone finds a way to forge my biometric identity for a given biometric authentication implementation, what can I do about that? What I am is a dangerous means of authentication, and we probably shouldn’t even be considering biometrics as a solution so its failings are not news.

Explore posts in the same categories: Identity and Access Management

2 Comments on “Pundits are missing the point on Biometrics”

  1. Dan Stanton Says:

    There is a solution to false positives and false negatives. SignatureOne, a SaaS app, provides biometric authentication and is being used by Wells Fargo, Charles Schwab, State Farm Insurance et. al and integrated by Adobe, Oracle, Computer Sciences Corporation et al. This solution speeds transactions, eliminates paper and authenticates individuals in real time.

  2. Jeremy Bergsman Says:

    Just found a nice post on the same topic from 2006:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: