Thursday, October 1, 2015

Biometric databases breaches shouldn't be a problem

Recently there were a lot of news regarding breaches regarding stolen fingerprints. According to Hacked 5.6 fingerprint records were stolen from US government. With existing advancements in biometric template a breach like this shouldn't pose a problem.
Let me explain the biometric authentication process. The first step is enrollment which consists in acquiring the desired biometric trait, let's say fingerprint, by using the required sensor. Then a biometric template is created. Based on that biometric template the authentication is done. A long time ago, when biometrics were first introduced, this template was represented by the images of the fingers - I'm referring to fingerprint usage by law enforcement.
Ratha, Connell and Bolle introduced the concept of cancelable biometrics. According to the same authors classic biometric information storing has the following issues:

  • Biometric data is not secret - a face can be photographed, the finger print can be taken from a glass, a voice recorded. Tsutomu Matsumoto et al. demonstrate how fingerprints gathered without user knowledge can be forged.
  • Biometric data can't be revoked  - your password was compromised. No problem, a new one will be issued. What about your fingerprints? Chopping the fingers off and replacing them that's hard, especially the replacing part. When a biometric trait is compromised that type of biometrics can't be used.
  • Permanent tracking record - biometric data can be successfully used to track a user.
Cancelable biometrics store the biometric information in a template which, according to ISO 24745, has to be: irreversible the original biometric data should be impossible to restore based on the stored template, and un-linkable different versions of the biometric template can be generated, so the same biometric trait can be reused. There are different types of cancelable biometrics, but I'm not going to get into details.
I'm not arguing that the breach might not a real threat. I'm sure it might be, because from my experience most companies don't secure their databases. The best example, which is valid even today, is password encryption. Most sites still don't encrypt user passwords. If they get hacked the hackers will have a list with usernames (aka emails) and passwords. Knowing that most users have the same password everywhere, the first thing a hacker will do is to hack the user email using the same password. The sad part is that he will succeed in most cases.
My point is that most of the biometric systems today should use a form of cancelable biometrics for storing the templates. When we see news like this a lot of people panic. Unfortunately the people reporting this news don't elaborate on the details, which in this case are crucial.


  1. When you consider all the important data you store virtually - from financial records, to customers' private information - it's not hard to see why one breach could seriously damage your business.
    secure data room services

  2. For many years, the average American small business was an unlikely target for a sophisticated cyberattack. Fewer financial resources and a relatively unknown brand worked in your favor to ward off hackers. Not anymore.

  3. For larger databases, you are probably aware of MySQL(TM), IBM DB2(TM), Oracle(TM), Microsoft SQL Server(TM).excel dashboard software