In the three years to 2022, the number of Gen Z victims of online scams has increased by 123%, according to Ping Identity.
While this generation of digital natives is often seen as the most tech-savvy and digitally savvy age group, the rise of Gen Z falling for online scammers reflects higher comfort levels in online spaces, often causing unforeseen financial and emotional damage as a result.
It has become increasingly clear that passwords alone are no longer sufficient in terms of device security, says Ping Identity.
The company claims that 81% of hack-related breaches use stolen or weak passwords. Due to the obvious flaws in the traditional way of accessing our devices and applications, Ping Identity assessed the increase in the use of biometrics, whether they are truly more secure and the impact they will have on how which we store and use our personal data. .
Biometric data is used for a wide variety of purposes, with more than 75% of Americans having used biometric technology.
38% of people already use facial authentication to access their mobile banking app.
37% of over 40s feel safer using biometrics for security than before the pandemic.
The prevalence of online fraud and cybercrime continues to rise worldwide, increasing at a rapid rate year on year. The general consensus of recent years is that improved levels of cybersecurity must be based on zero trust and passwordless authentication. Rather than continuing to rely on passwords, security tools use users’ biometric data to prove that the person and their device are legitimate.
Types of biometric information
Common and widespread uses of biometrics include fingerprint and face recognition, which almost all modern cell phones or electronic devices will have as an option. Unlocking your phone or laptop just by looking at it, or even talking to it, is now the gold standard. As this technology advances, expands and evolves, all of the security issues directly related to these methods are often overlooked.
“We all know the importance of securing our login credentials. Keeping our many usernames and passwords secure has become second nature to us and with identity fraud losses totaling $52 billion in 2021 , it is now more important than ever that we achieve additional levels of online security,” says Ping Identity.
“Now that biometric data is used more frequently to access our online accounts, how is this information actually stored? This raises the question of whether biometric data is really as secure as we would like them to assume, and are there ways to improve the security levels of our biometric data?”
How is biometric information captured?
Distinctive biometric traits are used to confirm the identity of the user. While they should be unique to the individual, it is also important that they are permanent and immutable, allowing long-term access, as well as possessing measurable and collectable properties.
Current, commonly captured biometric data includes:
- Fingerprint patterns
- Iris and retina models
- 2D or 3D facial structure maps
- Hand and finger geometry charts
- Vein recognition patterns
- Gait Analysis Cards
- DNA profiles
- Behavioral biometric profiles
“When combined, these characteristics make biometrics one of the most effective ways to identify users. The unique characteristics are what give biometrics such high levels of reliability for users,” says Ping. Identity.
“It is simply not possible to forget or lose our fingerprints in the same way that we could forget a user name or a password!”
The future of biometric data
According to Ping Identity, while commonly used biometric data types are well known, there are also a range of other biometrics that are implemented on a smaller scale.
“Although not widespread in terms of usage, some of these surprising biometric applications are expected to be implemented in the future.”
- Body odor, unique chemical fingerprints that each person carries with them
- Indentation or structure of the ear, which does not change with age
- Gesture recognition, already integrated into Windows 10
- Lip prints, as each person has a unique pattern of lip grooves
How is biometric information stored?
As users cannot modify their biometric data obtained by unauthorized third parties, it is extremely important that it is handled with the utmost care.
Why is biometrics more secure?
Companies like Apple have decided to do away with passwords altogether, and Google Chrome’s password manager is expected to get desktop biometric authentication very soon. Due to concerns about data breaches, social engineering or phishing attacks, these companies that are leading the way in terms of smart home devices believe that it will reduce the risk that your identity, personal information and finances are compromised.
Biometric technology follows a number of steps to ensure the security of your data.
Capturing information is the first step towards using biometric information for identity authentication. It is then converted into a mathematical rendering called a biometric model, referenced against the live version presented by the user.
This converts or copies the specific characteristics of a biometric sample into a secure form, removing the image or sample from the equation and replacing it with a binary mathematical equivalent or algorithm.
“These steps make it nearly impossible to replicate biometrics, removing the image of a fingerprint, iris, or any given feature while the live version is compared in real-time to the captured features,” says Ping. Identity.
How are biometric data stored?
Unlike passwords, biometric data is usually only stored on the user’s device. No external device, database or server can access the data, eliminating any single collection point where a hacker could steal it. In the unlikely event that someone gains access to a device’s biometric data, it is impossible to reverse the conversion that created it to produce an image that will be recognized and accepted by a biometric sensor.
Any sensor on a device has a file where the biometric template is stored. This file is protected by a randomly generated key encrypted in the system.
Biometric data is usually stored securely using one of these methods:
- On a device
- On a portable token
- On a control panel
- On a biometric database server
- Both on a server and on a device
- Spread across multiple pieces of hardware
What are the risks when storing biometric data?
Although they are considered the most secure form of data storage, there are still some risks. The security of your biometrics will depend on how you store it! All of the storage methods mentioned above use encryption to protect biometric data.
It is a secure storage medium, although anything encrypted can be decrypted. Encrypted data is only as safe, secure and trustworthy as the users who have access to it.
Device storage is much more secure than database storage. Although databases can be convenient and profitable, with a large number of biometric templates for users, databases can be an attractive target for hacking. In the event of a hack, large volumes of data immediately become vulnerable. Encryption is the key and can be of great help, but the key to risk reduction. it’s controlling who has access to the data and how they use it.
The probability of identifying someone through biometric data is very high. That being said, 100% accuracy cannot be guaranteed. Additionally, although rare, there have been instances of unauthorized users accessing biometrically secured devices. The rate at which this is measured, known as the false acceptance rate (FAR) is typically one or two in 100,000, reinforcing the fact that biometrics is one of the most secure means of device protection. .
Confidentiality is another common concern. Biometric data has the potential to bring targeted advertising to the physical world. An example of this is in-store cameras that work with social media companies. This could cause in-store advertisements to display targeted, customer-specific advertisements when you enter a store.
Fortunately, some government agencies are aware of current trends and laws are being created to control how biometric data is used. The General Data Protection Regulation (GDPR) addresses these concerns in Europe, and a growing number of states are adopting or considering biometric information privacy laws (BIPA).
Protect your biometric information
The market for biometrics, such as facial recognition, is expected to grow by $7 billion by 2024.
Approximately 28% of biometric technology is used in the United States by the financial industry and more than 60% of payment transactions using biometric authentication will be carried out remotely.
As the use of biometrics becomes more common, your personal traits are likely to be stored in an increasing number of places. It is important that users remain vigilant about biometric security. Here are some things to consider when providing your biometric information.