BOX ES.4 | Who Goes There? Authentication Through the Lens of Privacy | Committee on Authentication Technologies and Their Privacy Implications | Computer Science and Telecommunications Board | Division on Engineering and Physical Sciences | National Research Council of the National Academies | Stephen T. Kent and Lynette I. Millett, Editors
BOX ES.4
Biometrics
In addition to public key cryptography, biometrics is also often touted as an effective authentication solution. As with any authentication technology, however, the truth of this claim depends, among other things, on the context in which the biometric systems are used. “Biometric authentication” (often called biometrics) is the automatic identification or authentication of human individuals on the basis of behavioral and physiological characteristics. Biometrics has the obvious advantage of authenticating the human, not just the presented token or password. Common biometrics in use today verify fingerprints, retinas, irises, and faces, among other things. Downsides to biometrics include the fact that not all people can use all systems, making a backup authentication method necessary (and consequently increasing vulnerability); the fact that revocation is not possible for current systems (the saying goes that most individuals “have only two thumbs”); and that remote enrollment of a biometric measure (sending one’s fingerprint or iris scan over the Internet, for example) may defeat the purpose and is easily compromised.
Finding: Biometric authentication technologies hold the promise of improved user convenience. Vendors of these technologies also promise reduced system management costs, but this has yet to be demonstrated in practice. Moreover, these technologies can pose serious privacy and security concerns if employed in systems that make use of servers to compare biometric samples against stored templates (as is the case in many large-scale systems). Their use in very local contexts (for example, to control access to a laptop or smart card) generally poses fewer security and privacy concerns. (5.2)
Recommendation: Biometric technologies should not be used to authenticate users via remote authentication servers because of the potential for large-scale privacy and security compromises in the event of a successful attack (either internal or external) against such servers. The use of biometrics for local authentication—for example, to control access to a private key on a smart card—is a more appropriate type of use for biometrics. (5.2)
Items in cart [1]
