To advertise, place classifieds free ads by category in a forum as a new topic, or in the classified display ads section, or start a classifieds free blog.


Post a reply

Biometrics Are a Grave Threat to Privacy

Fri Jan 26, 2018 9:50 pm

Biometrics Are a Grave Threat to Privacy
The New York Times

URL: ... to-privacy
Category: Privacy
Published: July 5, 2016

Description: Biometric identifiers – facial features, voice patterns, fingerprints or eye structures – reveal incredibly sensitive information, not simply because those characteristics are personal but because they’re permanent. The reason to use biometrics as identifiers at all is precisely because they are unique and unchanging over time. If these identifiers are compromised, there will be severe privacy and security threats for the victims. It’s possible to replace a stolen credit card or bank account number, but how do you replace fingerprints, facial features or an iris? Instead of credit monitoring, will hacked companies offer their customers plastic surgery? Big banks and internet firms pioneering the use of biometrics claim they do not store actual fingerprints or iris scans — only the authentication codes they are converted into — but the growing rate of data breaches in this industry casts doubts on those kinds of promises. This risk needs to be considered in the regulation, design and deployment of biometric systems before they become widespread. Another risk is that, without regulation, this information and technology could be used or sold for targeted, location-based advertising. Facial recognition and other biometric systems would allow companies to instantly recognize individuals walking down the street or into a store. This is a significant consumer protection issue: Advertisers already track our every move online, but biometric technologies would track us in the real world. Walking down the street would become more and more like browsing the web, with every move recorded and filed away into highly detailed profiles about each individual's personal preferences, financial status, political affiliation and medical conditions. Government agencies have already incorporated facial recognition capabilities in closed-circuit TV and drone technology, to be linked with the F.B.I.'s Next Generation Identification database. There are currently no federal laws regulating the use of facial recognition or other biometric identifiers, though some states, like Illinois, have wisely adopted statutes to limit it. Until privacy safeguards are established, the Federal Trade Commission should enforce a moratorium on the commercial use of biometrics. The issue isn’t going away, and consumers should not be left powerless against profound threats to privacy and financial security.

Your phone’s biggest vulnerability is your fingerprint

Fri Jan 26, 2018 10:06 pm

Your phone’s biggest vulnerability is your fingerprint
The Verge

URL: ... k-security
Category: Privacy
Published: May 2, 2016

Description: Can we still use fingerprint logins in the age of mass biometric databases?
In five minutes, a single person faked a fingerprint and broke into my phone. It was simple, a trick the biometrics firm Vkansee has been playing at trade shows for months now. All it took was some dental mold to take a cast, some play-dough to fill it, and then a little trial and error to line up the play-dough on the fingerprint reader. We did it twice with the same print: once on an iPhone 6 and once on a Galaxy S6 Edge. As hacks go, it ranks just a little harder than steaming open a letter. Of course, this particular method only works if you have help from the person whose fingerprint you need — and even then, it’s not a foolproof system. As luck would have it, my own fingertips turned out to be too smooth to leave an impression, so we had to rely on our director Phil Esposito, who had his thumb successfully molded and used it to unlock both phones.

It’s also one of the more primitive ways to bypass a fingerprint scanner. I’ve seen researchers at CITER pull off a similar trick with a 3D-printed mold, developed from a stored image rather than a real finger. If the mold is filled with rubber, you can wear that print permanently, and fool any reader small enough to fit on a smartphone. At the CCC conference in 2014, a security researcher called Starbug used those techniques to construct a working model of the German defense minister’s fingerprint, based on a high-res photograph of the minister’s hand. It’s a good trick, and one that should make us a little bit nervous. Fingerprint readers are now an essential part of a modern smartphone, and in most cases, they make apps more secure. Most biometric readers work with isolated hardware and a zero-knowledge proof, so capturing the data in-transit isn’t enough to spoof a login. If you’re going to break in, you need the fingerprint itself. The bad news is, fingerprints can still be stolen — and unlike a passcode, you can’t change your fingerprint, so a single credential theft creates a lifetime vulnerability. What looks like a security upgrade turns out to be something much more complex.


That’s particularly true in the wake of the San Bernardino case, which saw government agents working to unlock an iPhone linked to a mass shooting. As it happens, the iPhone in question was a 5C — the last iPhone made without a fingerprint reader. But if a more recent phone had been keyed to Farook’s fingerprint, it would have been trivial for investigators to break in. As a number of morbid commentators pointed out at the time, the FBI had possession of Farook’s corpse, so they could have simply taken the phone to the morgue and placed his finger on the TouchID pad. That’s even possible when the subject is still alive and uncooperative. A recent case in Los Angeles saw a judge issuing a warrant to force a woman's finger onto a seized phone for the purposes of unlocking it, following her conviction for identity theft. If that woman had been in one of the federal government’s growing databases, the warrant might not have been necessary. 3D-printed molds let any fingerprint image be transformed into a working model of that print, and police have a growing number of images to choose from. Homeland Security policy is to collect fingerprints from non-US citizens between the age of 14 and 79 as they enter the country, along with a growing number of fingerprints taken from undocumented immigrants apprehended by Customs and Border Patrol. The FBI maintains a separate IAFIS database with over 100 million fingerprint records, including 34 million "civil prints" that are not tied to a criminal file. The Department of Defense maintains a third database with yet more fingerprints collected by military officers around the world. Those records are typically used for verification, but once collected, there’s no reason they couldn’t be used to trigger a fingerprint reader, too. As collection becomes more common, fingerprints may become one more form of easily leaked data, alongside passwords, credit cards, and social security numbers. We’ve already seen it happen when the OPM breach compromised the fingerprints of 14 million federal workers. That same credential theft can happen at a smaller scale, as criminals pull fingerprints off furniture or even from high-resolution photos. For a determined attacker, a fingerprint is easier to steal than a password: it’s visible on your body at all times, and you give it away every time you touch a flat surface. It’s still rare for a criminal to take that much trouble, but it could become more common we rely on fingerprints for more logins. And once someone has an image of the print, making a model is trivial. 3D printers are easy to find, and a few security experts have already figured out other methods for faking a print. Even with fingerprint readers on most phones, biometrics are still a long way from becoming the primary way into our devices. Analysts estimate less than 15 percent of iPhone logins happen through the TouchID sensor, and many phones simply won’t have the user’s fingerprint onboard. For those phones, the government’s stockpile of fingerprints is effectively useless. But for users that have logged their fingerprint, it gives police an easy way in. As the Los Angeles case shows, the government is beginning to take full advantage of that opening. That’s not just a problem for criminals, but for biometrics in general. As long as federal agencies are collecting fingerprints in bulk, they’ll never be private, which means they’ll never be truly secure. Once it’s been collected, it can be revealed in a breach, as the OPM hack showed. For anyone hoping fingerprint readers would usher in a new era of mobile security, that’s terrible news. The new spotlight on San Bernardino and lockscreen protections only drives home the point. A fingerprint can be a personal password or it can be a government ID, but it can’t be both. In this case, the government may have already chosen for us.

Why fingerprints shouldn’t be used for security

Fri Jan 26, 2018 10:29 pm

Why fingerprints shouldn’t be used for security
Android Authority

URL: ... ty-272092/
Category: Privacy
Published: September 23, 2013

Description: Apple is clearly very pleased with the iPhone 5S and although its new biometric security system TouchID seems like a neat feature at first glance, the use of biometric data for security isn’t necessarily a good idea. The problem with fingerprint scanners is that they aren’t as secure as you might think, it raises some interesting privacy issues but worst of all once your biometric information has been compromised you can’t change it. In terms of security, the Chaos Computer Club (CCC) has already shown that Apple’s TouchID can be tricked using easy everyday means. Although we are only talking about a $600 smartphone and there are easier crimes to commit than trying to lift someone’s fingerprints just so you can access their phone, the weaknesses in fingerprint scanning are applicable to every situation where they are used including on identity documents (like passports) or scanners at supermarkets. In 2007 the CCC demonstrated how to trick a fingerprint scanner at a supermarket resulting in a shopping bill being charged to someone else’s account. In 2008 the group included thin film copies of the fingerprints of the then German Minister of the Interior Wolfgang Schäuble in its club magazine. The CCC’s webpage on how to fake fingerprints was uploaded in 2004, nearly a decade ago and the techniques described remain valid today. There are also serious privacy questions around the use of biometric data. A senior US senator has written to Apple asking the Cupertino tech giant how the fingerprint data is encrypted on an iPhone 5S, whether any diagnostic data is ever sent back to Apple about the fingerprints and the exact legal status of the biometric data – does it belong to Apple? Could the data be subpoenaed? The reason Senator Al Franken is asking these questions is because once your biometric data has been stolen you can’t change it. “Let me put it this way: if hackers get hold of your thumbprint, they could use it to identify and impersonate you for the rest of your life,” wrote the Senator, who is also the chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law. Today, if someone hacks one of your online accounts you just change your password. If someone steals your bank card, you just cancel it and get another one and so on. But if someone managed to steal and use your biometric data you can’t change your fingerprints. You can’t alter your retinas or modify your DNA. The fact that these characteristics are fixed is why they are used in crime detection, but using them for information security is dubious. Worst still you leave a biometric trail wherever you go, everything you touch, every piece of skin or hair that falls leaves biometric information about you. Again that is why it is so useful for solving crimes, but you wouldn’t go around leaving fragments of your passwords everywhere would you?
”It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token. The public should no longer be fooled by the biometrics industry with false security claims.” -- Frank Rieger, spokesperson of the CCC

In context we are only talking about accessing someones phone, I understand that. And some may think that using TouchID as an easy way to stop people using your phone is great – and maybe it is. But what if in the future my banking information is verified via TouchID? What if I can pay at a shop or online store using data verified by TouchID? Then suddenly lifting a copy of my fingerprints from a glass of soda means a criminal can empty my bank account and go on a shopping spree. Maybe we should stick to other forms of authentication.

Your privacy, fingerprints and the Fifth Amendment
Android Authority

URL: ... -amendment
Category: Privacy
Published: February 1, 2017

Description: You can be forced to provide your fingerprint to access the data on your phone. But you don't have to make it easy.
Being able to unlock your phone with your fingerprints is a really good thing. It's not the most secure method you can use, and there are issues about having only one set of fingerprints if you ever need to change your login credentials, but the convenience factor means more people will keep their phones locked when they're not using them. That means your privacy is protected, as well as the privacy of everyone in your contacts or people you're networked with through social media when and if someone else gets their hands on your phone. We all should thank Motorola for trying it, and Samsung and Apple for making it good. Biometrics used to verify identity isn't exactly new, but getting everything working on a tiny pocket computer surely wasn't easy. We've also seen Iris scanning on the Alcatel Idol 3 and short-lived Note 7. We'll probably be going through this same scenario when iris scanning tech takes off, too. If you're in the U.S., though, there's another snag that not everyone knows about — law enforcement can force you to place your finger on your phone and unlock everything. A precedent was set by the Circuit Court of Virginia in October 2014, and recently upheld and reinforced by a federal court in February 2016, that makes it clear that while you can't be forced to provide a passcode for an electronic device, your fingerprints and using them to unlock the same device is not protected by the fifth amendment of the U.S. Constitution. You can be forced to incriminate yourself by providing anything and everything on your phone to law enforcement by using your fingerprint as long as a warrant was requested and received. This will almost certainly be challenged as a direct violation of the fifth amendment (and possibly parts of the fourth amendment), but for now, this is the law. I want to be clear on a couple things here. Nobody at Android Central is condoning any criminal behavior, nor do we judge anyone for their feelings on how they want to help law enforcement investigate any case. If you want the U.S. government to have access to the data a person involved in an investigation has on their phone, that's fine. You should realize that not everyone feels the same way, as well as know that you don't have to be a law-breaker to value your privacy. If you, or a peace officer in any capacity, would get access to my phone you'll find nothing that puts me at risk of prosecution, and probably be bored looking at pictures of my family and my dogs, see half-completed documents I'm working on and maybe an expense report or two. But that's my stuff, and I don't want anyone rifling through it. It's OK to feel differently. But this leads us into ideas of how we can protect that privacy if we're using our fingers to open the secure container that holds it all. And there are a few things you can do. You'll need a backup method to unlock your phone if you are using a fingerprint scanner. A four digit PIN works well here. It's not too difficult to break, but protections that make your wait between incorrect attempts and a self-destruct feature where data is wiped after a certain number of attempts mean that getting past a PIN will prove to be difficult. Like using a fingerprint in the first place, it's a nice balance between security and convenience. The real benefit here is that you can require this PIN to be entered before your phone will start. You'll see this option when you set up a phone as new, or when you go into the security settings and change the PIN itself. This means that every time your phone is started until the correct PIN is entered, it's completely dead. No data is decrypted, no calls can come in, and no software outside of the bootloader itself is running. Because a PIN is either required to start the phone (if you choose to use this feature) or unlock the screen for the first time after it starts up, you can't unlock it with just your fingerprint — your fifth amendment protected PIN is required. And with all current Android phones and iPhones, a piece of hardware embedded in the system-on-chip that houses the CPU keeps things locked up and inaccessible through standard software hacking. If you see the blue lights, just hold the power button and shut down your phone. Now, this isn't going to help if you're a fugitive and subject to being detained on sight or caught in the act doing something shady. But if you're just a regular person who doesn't want anyone to get information about you or the people you keep company with it's pretty effective. If you're able to do this, it means you get to decide if you want to share what is on your phone with "the man." Android phones with unlocked bootloaders also pose a risk. Don't think that even your local constable doesn't have access to people just as savvy with Android as the folks you find at XDA. If your bootloader is unlocked, anyone can dump the software and all the data from your phone onto a computer without ever having to use the lock screen. With enough incentive, even an encrypted image that has a key to unlock it stored in the protected hardware of the original phone can be cracked. Chances are there's not much incentive to go through this for a regular middle-aged dude like myself, but what if I had a random Twitter interaction with someone who is worth the trouble? The internet connects the world, and that funny meme you liked on Facebook could have been posted by anyone. Facebook is obliged (rightfully so, in my opinion) to provide any and all publicly available data (the public part is important) about a user when the right warrant is served. If you liked a post from a person of interest, the people who want to know more about you don't care that you claim to have a phone filled with texts from your friends and cat pictures — they want to see for themselves. Keeping the bootloader locked means it's almost impossible for them to have a look, and they likely won't even try. I want the police to put people doing horrible crimes in prison where they can be rehabilitated, or at least be kept from doing more harm to society. Most of us aren't one of those people, and getting arrested or detained for drag racing or having a tiny baggie of weed in your pocket or any other minor offense doesn't make you Charles Manson or the Zodiac Killer. Neither does peacefully protesting against a government overstepping their bounds. We all have rights and a reasonable expectation of privacy. If the courts won't decide to uphold our fourth and fifth amendment rights when it comes to what we have on our phones, then we should do everything we can to protect them ourselves. I just want to share my data on my terms, and want the same for you.

When Fingerprints Are as Easy to Steal as Passwords

Sat Jan 27, 2018 12:19 pm

When Fingerprints Are as Easy to Steal as Passwords
The Atlantic

URL: ... cs/520695/
Category: Technology
Published: March 24, 2017

Description: As hackers learn to imitate the body's unique features, scientists might turn to brainwaves and genomics to verify people's identities.
How do you prove who you are to a computer? You could just use a password, a shared secret between you and the machine. But passwords are easily compromised—through a phishing scam, or a data breach, or some good old-fashioned social engineering—making it simple to impersonate you. Today, you’re often asked to produce something more fundamental and harder to imitate than a password: something that you are rather than something that you know. Your fingerprint, for instance, can get you into a smartphone, a laptop, and a bank account. Like other biometric data, your fingerprints are unique to you, so when the ridges of your thumb come in contact with a reader, the computer knows you’re the one trying to get in. Your thumb is less likely to wander off than a password, but that doesn’t mean it’s a foolproof marker of your identity. In 2014, hackers working for the Chinese government broke into computer systems at the Office of Personnel Management and made off with sensitive personal data about more than 22 million Americans—data that included the fingerprints of 5.6 million people. That data doesn’t appear to have surfaced on the black market yet, but if it’s ever sold or leaked, it could easily be used against the victims. Last year, a pair of researchers at Michigan State University used an inkjet printer and special paper to convert high-quality fingerprint scans into fake, 3-D fingerprints that fooled smartphone fingerprint readers—all with equipment that cost less than $500. In the absence of a state-sponsored cyberattack, there are other ways to glean someone’s fingerprint. Researchers at Tokyo’s National Institute of Informatics were able to reconstruct a fingerprint based off of a photo of a person flashing a peace sign taken from nine feet away. “Once you share them on social media, then they’re gone,” Isao Echizen told the Financial Times. Face-shape data is susceptible to hacking, too. A study at Georgetown University found that images of a full 50 percent of Americans are in at least one police facial-recognition database, whether it’s their drivers’ license photo or a mugshot. But a hacker wouldn’t necessarily need to break into one of those databases to harvest pictures of faces—photos can be downloaded from Facebook or Google Images, or even captured on the street. And that data can be weaponized, just like a fingerprint: Last year, researchers from the University of North Carolina built a 3D model of a person’s head using his Facebook photos, creating a moving, lifelike animation that was convincing enough to trick four of five facial-recognition tools they tested. The fundamental trouble with biometrics is that they can’t be reset. If the pattern of one of your fingerprints is compromised, that’s fine; you have a few backups. But if they’re all gone—some law-enforcement databases contain images of all ten fingers—getting them replaced isn’t an option. The same goes for eyes, which are used for iris or retina scans, and your face. Unlike a compromised password, these things can’t be changed without unpleasant surgery or mutilation. “If Border Patrol and your bank and your phone all are collecting your fingerprint data, all it takes is one actor who figures out how to manipulate that and you’ve basically wiped out the usefulness of that information,” said Betsy Cooper, the director of the Center for Long-Term Cybersecurity at the University of California, Berkeley. What’s more, fingerprints and face shape, the two most widely used forms of biometric identification, stay quite stable over time. A study of automatic face-recognition systems from Michigan State’s Biometrics Research Group examined nearly 150,000 mugshots from 18,000 criminals, with at least 5 years between the first and last photo. The researchers found that one off-the-shelf software package was still 98 percent accurate when matching a subject’s photo to one taken 10 years prior. There’s even a field of research that studies how facial software can recognize the same face before and after plastic surgery. The same Michigan State lab found that fingerprint patterns stay consistent over time, too. This time, the study examined a database of fingerprints from more than 15,000 people who were arrested by Michigan State Police over the span of five years. The results showed that for practical purposes, a 12-year-old fingerprint could be matched with an original, with nearly 100 percent accuracy. In another experiment, the group found that children’s fingerprints begin to stabilize at about one year of age, and remain of sufficient quality to identify them for at least a year. (Not all biometric identifiers remain constant: Pregnancy can alter the blood-vessel patterns in women’s retinas, for example, confusing retinal scanners.) To overcome the security risk of static fingerprints, irises, and face shapes, some research has turned to the development of changeable biometrics. In 2013, a team of Berkeley researchers came up with a futuristic system called “passthoughts.” The technique combines three factors: something you know (a thought), something you are (your brain patterns), and something you have (an EEG sensor for measuring brainwaves). To authenticate with a passthought, you think your secret key while wearing the sensor. The key can be just about anything: a song, a phrase, a mental image. The thought itself is never transmitted—just a mathematical representation of the electric signals your brain makes while thinking it. If someone else were to figure out exactly what you were thinking, they couldn’t impersonate your passthought, because every person thinks the same thought differently. A hacker might be able to defeat the system by using a phishing scheme: by tricking you into thinking your passthought, capturing the output, and later replaying it back to an authentication system to trick it. But you wouldn’t be compromised forever. You can just change your passthought. Cooper says a CRISPR-like system could possibly be used to embed alterable encryption keys into DNA, too.* With changeable biometrics that use brainwaves or genetics, you’d have a way to prove you’re you, even if each of your fingerprints has been compromised ten times over.

YOUR PAPERS, PLEASE ... Banks require fingerprint ID

Sat Jan 27, 2018 1:46 pm

YOUR PAPERS, PLEASE ... Banks require fingerprint ID

Category: Privacy
Published: March 23, 2000

Description: 'Raises the difficult tension between security and privacy'
For Pennsylvania resident Patrick Giagnocavo, the fact that the First Union Bank teller was asking him for identification before she would cash his check was a matter of long-accepted procedure. After all, he didn’t have an account at the bank, even though the company who issued the check was an account holder. But when Giagnocavo made ready to show the teller his required photo identification in the form of a current passport he used to travel outside the continental United States, he was surprised to find it wasn’t good enough. The teller wanted his fingerprint too. Giagnocavo is among the millions of Americans who are both amazed — and alarmed — at the rapid advance of information technology. Biometrics — the name given to technology used to identify persons via fingerprint, retinal (eye) scans or voice recognition — is making remarkable progress to the point that average citizens fear they have already lost their most prized possession: their privacy. Though a bank official admitted to Giagnocavo that his required fingerprint identification could not be immediately verified when he questioned the practice, “the argument she made,” he told WorldNetDaily, “was that it was only used if the check was fraudulent — then the check with fingerprint would be turned over to the police.” That bit of information, he said, led him to believe that his fingerprint data would have to be kept “on file” somewhere. Otherwise there would be nothing to turn over to police. Indeed, check fraud appears to be the rallying cry banks are using to justify ever more intrusive inroads into their customers’ privacy. According to the American Bankers Association, U.S. banks lost “$815 million to check fraud in 1993.” And, the banking organization said, it supports fingerprint verification through a program the organization founded called the “Thumbprint Signature Program” as a direct method of
reducing such losses. The organization’s literature says the program even permits member banks to require thumbprint identification from persons cashing government checks, “provided the bank has not entered into an agreement with a regulator or other government entity under which it agrees to cash government checks for non-customers on the same terms as it cashes checks for its customers.” The banking organization stopped short of recommending that every non-customer be subjected to fingerprint identification before being allowed to cash a check. However, ABA recommends to all member banks that they have a written policy guiding their thumbprint program administration and to make sure it is “applied consistently to avoid allegations of discriminatory treatment.” One of the major selling points to the program, the American Bankers Association maintains, is that it allows participating banks to assist “law enforcement agencies in the investigation of fraud claims made by account holders.” Fine, said Giagnocavo, but the industry offers weak guarantees that the information won’t be abused by those charged with protecting it. “Banks make microfilms or use electronic document imaging to keep a permanent record of checks that they handle,” Giagnocavo said. “How do I know that they won’t sell this data — since they have my name, passport number, and fingerprint — to someone else?” “Participants will not retain the Thumbprint Signature in their files and the signatures will be shared with law enforcement officials only in cases of suspected fraud,” said the ABA. And, the group said, pilot programs in Arizona and Nevada have been found so far to decrease check fraud by about 75 percent. While security experts agree that fingerprint identification is the ultimate in high-tech protection of data, files and even property, privacy advocates continue to decry its implementation over fears that the information cannot be fully protected from disclosure. “The fingerprint identification raises the difficult tension between security and privacy,” said Marc Rotenberg, director of the Electronic Privacy Information Center, in a March 1999 interview with the New York Times. “Security gives more authentication, and that’s good … but on the privacy side we create the risk of a new global identifier.” And fears that some firms may sell private information, including archived customer fingerprints, are not unfounded. In a final ruling issued Feb. 10, the Federal Trade Commission ordered Trans Union, a credit reporting agency, to stop selling or distributing “consumer reports, including those in the form of target marketing lists, to any person unless respondent has reason to believe that such person intends to use the consumer report for purposes” authorized by law. And earlier this month, the Internet advertising giant DoubleClick announced it would no longer collect personal information from the computers of users who clicked on the company’s advertising banners, which are located on thousands of websites around the world. The company does, however, “collect non-personally identifiable information about you, such as the server your computer is logged onto, your browser type (for example, Netscape or Internet Explorer), and whether you responded to the ad delivered.” Currently, bank customers may, for example, have a number of different passwords for different accounts. While using a fingerprint gives a person a single, universal ID for all accounts, it also means all of a person’s data is related to a single identifier and thus puts more of that data at risk. A password is much easier to steal than a fingerprint, but fingerprints can be taken from water glasses or other objects without a person’s knowledge. However, many companies have developed or are developing intelligent software that will enable virtual automatic biometric identification in transactions, in controlling security access, and in online Internet operations. As more technology becomes available, the equipment to gather such information will become more advanced and much smaller. And, experts believe, the temptation to make money from the information will also increase. “I have read somewhere that since the FDIC got shot down on ‘Know Your Customer,’ they are trying to persuade banks to do things voluntarily, thus skirting the need to pass laws or rulings,” Giagnocavo said. “Corporate fascism rears its ugly head.”

Fingerprints for Check Cashing: Where Lies the Real Fraud?

Sat Jan 27, 2018 5:14 pm

Fingerprints for Check Cashing: Where Lies the Real Fraud?
Fisher, Sheehan & Colton

URL: ... NGERPR.pdf
Category: Privacy

Description: This article considers the low-income consumer impacts of bank fingerprinting of non-account-holders.


Maria looked at the bank teller with dismay. She didn't have much. A tiny apartment for herself and the two girls. A high school degree. And when the minimum wage job finally came through, an opportunity to have a few dollars more in her pocket than her welfare check used to provide. Her dismay turned to disbelief "An account?" she whispered, almost to herself. "After I pay my rent, my electric bill, and my babysitter, what do you think I should keep in this. . .`account'?" "I'm sorry," the teller said, polite-as-can-be. "Unless you have an account with this bank, I need a thumbprint to let you cash that check." Maria looked at her paycheck again, feeling somewhat criminal. She didn't have much. And this morning, allowing the bank teller to fingerprint her as she cashed her check, she had even less, as she felt a little bit of her newly found dignity slip away. It appears the fingerprinting scheme facing Maria was originally the brainchild of the Texas Bankers Association. In 1994, banks in Texas, Arizona and Nevada operated pilot projects. Considered successful by the industry in reducing fraud, the practice spread quickly. By early 1998, banks in nearly 30 states collected thumbprints from non-account-holders wanting to cash a check. According to the American Civil Liberties Union, the process works as follows: if a non-account holder asks to cash a check at a bank, the bank requests that person to provide identification and a fingerprint. If the customer objects, the banks refuses to cash the check. If the customer does not refuse and the check clears, nothing is done. If the check is returned as a counterfeit or a forgery, however, the check and fingerprint are turned over to local law enforcement agencies for comparison to state and national data bases of people with criminal records. Setting aside the concerns of privacy advocates --not as unimportant but simply as different from those considered here-- bank fingerprinting of non-account-holders is replete with potential risks for low- income consumers. Because of their poverty, low-income persons will be treated with suspicion and subject to procedures that their more wealthy counterparts are not. The fingerprinting procedure, advocates say, is inherently prejudicial to low-income persons for at least two reasons. First, research abounds showing that poor households are substantially less likely to have checking and savings accounts. Not only do low-income consumers have fewer discretionary dollars to keep in bank accounts, but the monthly fees imposed upon small accounts do not make them financially feasible. According to the National Consumer Law Center, "race and chronically low household income.account for the major difference in the use of financial services markets by consumers. Blacks, Hispanics and other minorities (regardless of income and age) and low-income households are much less likely to use checking accounts, the principal financial service used by the majority of Americans." Indeed, when race and income are combined, NCLC says, the lack of access is magnified, with the percentage of low-income minority families not having checking accounts reaching 80 percent and increasing. Second, there is a concern about whether banks will "really" require all non-account-holders to provide fingerprints. The federal Office of the Comptroller of the Currency (OCC) warns that "any bank that implements this type of [fingerprinting] plan should exercise care to ensure that it is not applied on a selective basis." Low-income and civil rights advocates express skepticism of the banking industry's ability to heed this warning. This concern is based on years of "selective" requests for identification from persons of color and low socio-economic status, evident in every industry from banking to apartment rentals. Of equal concern, however, is the institutionally approved "selective enforcement" that was perhaps not envisioned by the OCC. Consider Ed Cohen, who owns a small business in Longwood (FL). Even though his business had banked at Great Western for nearly a decade, the bank would not cash his employee's checks without a fingerprint. Another small business owner, Deborah Johnson of Apopka (FL), said that her employees began to demand payment of their wages in cash, "and you can't blame them." Ocean County (NJ) county employees don't have that same problem. The difference? In April 1997, Ocean County (NJ) freeholders objected when First Union Bank refused to cash paychecks for county employees who wouldn't provide fingerprints. When Ocean County threatened to stop doing business with First Union, moving to withdraw its $60 million annual payroll account from the bank, First Union excused county government employees from the fingerprinting requirement. The bank continued its policy for other non-account-holders. Union County (NJ) soon followed suit by threatening to move its $13.5 million in investment funds to alternative banks to protest First Union's fingerprinting policies. Poverty advocates question who can or will stand-up for the less politically powerful. Persons without bank accounts, who are offended by the process of fingerprinting and thus refuse to submit to it, always have the option of cashing their paychecks at "check cashing stores" instead of banks. Exercising such a "choice," however, imposes considerable expense. One study in Oakland found that check-cashing fees range around five percent. One typical customer pays about $50 a month in fees, reports David Troutt of Consumers Union (San Francisco). "Viewed over a year in which the family's income was $17,436, the [customer] spends $600 on check cashing fees. In that time, the `friendly' check casher has taken almost 3.5 percent of the family's total annual income." Persons objecting to bank fingerprinting suggest that a low-income person should not be forced to pay such a burden for a little respect, rather than being treated as suspect because of their account-free status. It perhaps would be understandable for banks to forge ahead, even in light of these problems, if the fingerprinting procedure really generated the benefits claimed for it. Part 2 of this article will examine whether fingerprinting customers when they cash checks is either necessary, or sufficient, to have the positive impacts asserted.


As reported in Part 1 of this article, more and more banks around the country today are fingerprinting non-account-holders seeking to cash a check. Bankers assert that fingerprinting is a necessary evil in order to stop the millions of dollars in fraudulent check losses incurred by the industry. Most of these programs are launched with great fanfare and statements from local police departments stating how this program will aid them in the prosecution of criminals. According to a nationwide study conducted by the Federal Reserve in 1995, there were 529,000 cases of check fraud resulting in $615 million dollars in losses. The Fed study found that the majority of check fraud cases involved stolen personal checks. This seems to make a pretty impressive case for surrendering one more slice of privacy and submitting to fingerprinting. The truth is somewhat less compelling. The actual use of fingerprint matching in criminal prosecutions is not likely to result in a substantial reduction in bank fraud. Boris Melnikoff, testifying on behalf of the American Bankers Association before the U.S. House Banking Committee, conceded that "taking fingerprints is effective in reducing check fraud mostly as a deterrent..." Aside from the deterrence, for reasons ranging from the practical to the technical, it is unlikely that bank fingerprinting will not generally be useful in actual prosecutions. From a practical perspective, taking proper fingerprints is a skill that requires training to do properly. Criminalists get extensive training in the proper way to take fingerprints in order to insure that a good set is taken. In contrast, bank tellers have no training in fingerprinting. Indeed, according to the American Civil Liberties Union, fingerprinting will not even necessarily be administered by the teller. The ACLU reports that tellers will keep inkless pads --the ink does not leave a residue on the finger-- next to pens or send them to motorists through drive-through vacuum tubes. Legal problems prevent bank fingerprints from being used in prosecution as well. It is highly unlikely that such prints would be admissible in court. No means exists to establish a chain of custody from an evidentiary stand point. How can it be established that the check with your print on it is the check you submitted to the teller? How can a bank establish how many people, or who, handled the check prior to its processing? Too many holes appear for bank fingerprinting to be valid evidence in court. Given these problems, consumer advocates have often questioned the "real" motives behind the rapid spread of fingerprinting procedures. After all, they say, even if the practical and legal problems are solved, fingerprinting will only help catch a criminal who already has fingerprints on file with a law enforcement agency. If you have never had a set of fingerprints taken, there is nothing to compare to the thumbprint a bank places on the check. In addition, professional thieves will likely understand the shortcomings of both the fingerprinting process and its effectiveness in court. The only persons "deterred," therefore, will be the ordinary, and innocent, non-account-holder. Early speculation was that fingerprinting benefits larger institutions and harms community banks. Under this reasoning, larger lenders hope that fingerprinting will convince unsuspecting customers to switch banks. Typically, large employers have their accounts with large financial institutions. These larger institutions tend to have more branch locations throughout a market area than do smaller community banks. It is more convenient, therefore, for an employee to cash his or her check at the employer's bank than to drive across town to the community bank where their account is located. The large institution offers the noncustomer the option of being fingerprinted or opening up an account. These suspicions were validated when, in July 1997, a New Jersey newspaper report cited the existence of an internal First Union memorandum that instructs tellers on how to handle a customer who refuses to be fingerprinted: "If someone without an account should object to being fingerprinted, use this opportunity to encourage the customer to establish a financial relationship with us." In contrast to fingerprinting, there is a simple way to prevent fraud: asking for multiple identification for all customers. Experience in the banking industry finds that aggressively checking identification would reduce bank fraud losses in large banks by 40 percent. In addition, with new holographic technology and imaging, state identification cards and drivers licenses have become much more sophisticated and are far less susceptible to forgery than in the past. Indeed, even the American Bankers Association says that "not opening a fraudulent account is one of the first defenses against check fraud." The Bankers Association concedes that one of the most important anti-fraud procedures "includes requiring appropriate identification, verifying addresses and telephone numbers, calling new customers at their place of business, checking zip codes, and looking for other indicators." Existing technology will help protect against fraud as well. According to John Stafford, vice-president of the California Bankers Association, the big increase in check fraud in recent years has arisen because of the widespread availability of high-quality color printers, scanners and consumer computer equipment. Bank equipment, called MICR readers, however, can help determine at the point of presentment if the checks are magnetically encoded. These readers are designed to screen out color or laser check copies by checking for the magnetic ink at the bottom of the check. In addition, the American Bankers Association admits, check fraud could be substantially reduced by using many of the same techniques used for currency: micro-print, high resolution borders, watermarks, security threads, embossment and even holographs. The fingerprinting of non-account-holders is inherently prejudicial to low-income customers. These customers tend not to have bank accounts. Indeed, when income, race and ethnicity are considered together, the penetration of bank accounts is found to be quite low. Given the ineffectiveness of fingerprinting in the first place, as well as the availability of reasonable alternatives, quite aside from privacy concerns, many low-income and civil right advocates believe that fingerprinting should not be allowed.

Biometrics Are Coming, Along With Serious Security Concerns

Sun Jan 28, 2018 9:36 pm

Biometrics Are Coming, Along With Serious Security Concerns

URL: ... -concerns/
Category: Technology
Published: March 9, 2016

Description: You’re buying a pair of jeans. At the register, instead of reaching for your wallet or phone, you pull back your hair. The cashier holds a camera up to your ear. The camera confirms a match to a photo in a database, all of which is linked to your bank. Transaction complete. This futuristic scenario is actually not so far-fetched, and it’s coming sooner than you might think. Research on biometric tech has amped up, leading to mobile apps that read various unique-to-you body parts to help verify your identity, raising all kinds of security and privacy concerns, and it’s still an open question as to how government and manufacturers are going to address it all. But back to that ear scan. “Ears are unique,” says Michael Boczek, the President and CEO of Descartes Biometrics, a company that specializes in mobile ear detection security apps. “It’s stable and enduring, which means it changes very little over the course of one’s life. That’s also true of fingerprints, but less true of facial recognition.” Just because someone might be able to use their ear at checkout doesn’t mean it’s necessarily going to happen anytime soon, though. “Biometrics are tricky,” Woodrow Hartzog, an Associate Professor of Law at Samford University told WIRED. “They can be great because they are really secure. It’s hard to fake someone’s ear, eye, gait, or other things that make an individual uniquely identifiable. But if a biometric is compromised, you’re done. You can’t get another ear.” Databases get hacked all the time, from the IRS to Target to hospitals and banks, and until some of the very real security concerns surrounding the use of biometric technologies are better ironed out, you wouldn’t be wrong to worry about linking data about your body parts to online accounts.
Biometrics? Back Up
Biometric identification refers to any technology that does one of two things: identifies you or authenticates your identity. For identification, an image is run against a database of images. For authentication, an image has to be accessed from the device to confirm a match. The latter is typically used for unlocking computers, phones, and applications. Since Apple introduced its incredibly usable biometric identification with Apple’s home button fingerprint sensor in 2013, the appetite for biometrics has expanded rapidly. Now MasterCard wants to use your heartbeat data to verify purchases. Google’s new Abicus Project plans to monitor your speech patterns, as well as how you walk and type, to confirm that it’s really you on the other end of the smartphone. Other apps are looking at the uniqueness of vascular patterns in the eyes or even a person’s specific gait to verify identities. The idea isn’t actually new. Police have been fingerprinting for over 100 years and have used digital biometric databases since the 1980s. But until the 2013 iPhone, consumer-level biometric verification was largely limited to unlocking devices with fingerprints. And those sensors were in awkward places, like on the back of a phone or next to the trackpad on laptops. Mobile biometrics have also piqued the interest of investors. Reports surfaced that the Swedish biometrics company responsible for fingerprint identification in most Android devices, Fingerprint Card AB, saw a 1,600 percent increase in its stock in just the last year alone, making the company one of the best performing stocks in Europe in 2015.
Securing the Public
Although many experts say biometrics are intrinsically secure (since no one else can have your ears or eyes), Alvaro Bedoya, Professor of Law at Georgetown University, argues otherwise. “A password is inherently private. The whole point of a password is that you don’t tell anyone about it. A credit card is inherently private in the sense that you only have one credit card.” Biometrics, on the other hand, are inherently public, he argues. “I do know what your ear looks like, if I meet you, and I can take a high resolution photo of it from afar,” says Bedoya. “I know what your fingerprint looks like if we have a drink and you leave your fingerprints on the pint glass.” And that makes them easy to hack. Or track. Law enforcement agencies are particularly aware of how public your body parts actually are. A technology like that ear-scan, which can be used to make shopping easier in one scenario, can be used by the police in another. The FBI has been building a biometric recognition database that it hoped to have filled with 52 million facial images by 2015, with thousands more images added every month. The Department of Homeland Security is working with U.S. Customs and Border Patrol to add iris scans and 170 million foreigner fingerprints to the FBI’s national database. And local police departments are also in on the biometrics game. The *LA Times *reported that the police department in Los Angeles invested millions of dollars in 2015 to expand biometric identification capabilities for officers in the field, and according to research from the Electronic Frontier Foundation, numerous other police departments have mobile fingerprint identification already deployed. Even Boczek says that police are interested in his ear verification software. He explained that it would allow a police officer with a body-mounted camera that sits mid-chest to capture images of someone’s ear to scan when they approach a driver’s window. In fact, he says this technology is currently being tested by police departments in Washington state.
Writing the Rules
The use of data about your body parts is largely unregulated. Last summer, the National Telecommunications and Information Administration held a workshop to craft a voluntary code of conduct for the operation of facial recognition technology. Trade associations were there, representing companies like Google and Microsoft, as well as advocates and experts. But they didn’t get far. Before the meeting was over, everyone from the public interest community walked out. “Not a single trade association would agree that before you use facial recognition to identify someone by name, even if you don’t have any relationship with that person, you need to get their consent,” said Bedoya. “The industry associations in the room were taking a position that was well beyond standard practices.” The US government is dancing around the question of consent and how to oversee biometrics, with what seems like almost every agency in Washington addressing part of the issue. The National Institute of Standards and Technology has been evaluating the efficacy of biometric identification for years, focusing on face identification, fingerprint, voice, and iris scans. The Federal Trade Commission is leading the charge on data security. The FDA deals with the security of implantable devices, and the Department of Health and Human Services handles personal health information. For now, it’s legal in 48 states for software to identify you using images taken without your consent while you were in public. Texas and Illinois don’t allow it for commercial use, but it’s legal nationwide for law enforcement. And even when consent is obtained, it’s often done so in a way you may not be aware of: in the fine print of Terms of Service agreements that people routinely don't read. “The law is written in such a way that that these agreements are routinely considered valid and that they are the way for companies to get permission to collect, use, and share your personal information,” says Hartzog. But companies have been self-regulating for sometime now. Google Executive Chairman Eric Schmidt, as Bedoya notes in an article he wrote for Slate, even once said that facial recognition was “the only technology Google has built and, after looking at it, we decided to stop.” Microsoft’s Xbox and Apple’s iPhoto both have limited uses of the software on an opt-in only basis. We reached out to Apple and Google about this, but neither had comment. Microsoft responded that it keeps facial recognition opt-in because the company believes "it’s important to be able to personalize and control your Xbox experience." And then there’s Facebook. With over 350 million photos uploaded every day, the company’s research lab suggests that it has “the largest facial dataset to date”—powered by DeepFace, Facebook’s deep learning facial recognition system, but Facebook has an agreement with the FTC that says it first has to first obtain “affirmative express consent” before going beyond a user’s specified privacy settings. Bedoya says, using such a system, it’s not hard to imagine a future where someone walks into a car dealership, and immediately the dealership knows who they are, where they live, their income, their credit score—all thanks to Facebook. After all, there’s already facial recognition software that brick-and-mortar shops can use to identify “return shoppers” and signal when “pre-identified shoplifters” enter the store.
Creepy, Public, and Unsafe?
Just as you can buy software to brute force your way through pins and passwords, hackers are already engineering ways to spoof biometric authentication. One of the big reasons we’re not all using our bodies to verify purchases now is that the security isn’t there yet. When the Office of Personnel Management was hacked last year, 5.6 million people’s fingerprints were compromised. Universities are hacked every year, medical records, the IRS, banks, dating websites, the list goes on. Biometric data isn’t immune to these attacks. In fact researchers from mobile security firm Vkansee were able to break into Apple’s Touch ID system with a small piece of Play Doh just last month at the Mobile World Congress—similar to what security researcher Tsutomu Matsumoto a did with a gummy bear over a decade earlier with another fingerprint sensor. And researchers at Michigan State University just last month released a paper that describes a method for spoofing a fingerprint reader using conductive ink printed with an ink jet printer in less than fifteen minutes. Beyond the security question, there’s also something just plain creepy about the technology. Case in point: MasterCard has partneredwith the biometrics company Nymi to test heartbeat authentication for credit card purchases. (That would be in addition to its selfie-and-fingerprint payment verification app it rolled out at Mobile World Congress). Or EyeVerify, which works by scanning the blood vessel patterns in the whites of your eye by using a selfie taken with a smartphone. Other mobile phone companies have built devices that use infrared cameras to scan irises. “There’s a question as to how viscerally people will respond to biometrics. The fingerprint reader seems to have caught on pretty well, because it was really useful and easy,” says Hartzog. “When people feel creeped out they may be less gung-ho to adopt some kind of biometric.” And if you can get past the ick factor, then there’s also the privacy question. Are you willing to use your unique bodily identifiers to link you to a purchase history? Think about how often you purchase items you’d rather keep private: porn, alcohol, drugs, condoms, a hoverboard. “We enjoy shopping in relative obscurity,” says Hartzog. “This is something that we might be able to accept for some purchases, but for it to be standard practice in America strikes me as a long way off.” If you knew the political thinking of everyone you bought things from, you’d probably be slightly disturbed. As University of Washington law professor Ryan Calo expressed in a recent paper, a certain level of privacy allows us to do business with each other; it’s part of interacting in a marketplace. “We’re probably not ready to hand over the keys to the entire biometric kingdom when we’re not sure how this is going to work,” Hartzog added. Eventually, we may be willing to exchange privacy for the convenience—but not just yet.

Do You Own Your Own Fingerprints?

Sun Jan 28, 2018 9:57 pm

Do You Own Your Own Fingerprints?
Bloomberg News

URL: ... ngerprints
Category: Legal
Published: July 7, 2016

Description: An obscure law could lead to broader limits on biometrics.
These days, many of us regularly feed pieces of ourselves into machines for convenience and security. Our fingerprints unlock our smartphones, and companies are experimenting with more novel biometric markers—voice, heartbeat, grip—as ID for banking and other transactions. But there are almost no laws in place to control how companies use such information. Nor is it clear what rights people have to protect scans of their retinas or the contours of their face from cataloging by the private sector. There’s one place where people seeking privacy protections can turn: the courts. A series of plaintiffs are suing tech giants, including Facebook and Google, under a little-used Illinois law. The Biometric Information Privacy Act, passed in 2008, is one of the only statutes in the U.S. that sets limits on the ways companies can handle data such as fingerprints, voiceprints, and retinal scans. At least four of the suits filed under BIPA are moving forward. “These cases are important to scope out the existing law, perhaps point out places where the law could be improved, and set principles that other states might follow,” says Jeffrey Neuburger, a partner at law firm Proskauer Rose. The bankruptcy of fingerprint-scanning company Pay By Touch spurred BIPA’s passage. Hundreds of Illinois grocery stores and gas stations used its technology, allowing customers to pay with the tap of a finger. As the bankrupt company proposed selling its database, the Illinois chapter of the American Civil Liberties Union drafted what became BIPA, and the bill passed with little corporate opposition, says Mary Dixon, legislative director of the Illinois ACLU. Under the Illinois law, companies must obtain written consent from customers before collecting their biometric data. They also must declare a point at which they’ll destroy the data, and they must not sell it. BIPA allows for damages of $5,000 per violation. “Social Security numbers, when compromised, can be changed,” the law reads. “Biometrics, however, are biologically unique to the individual; therefore, once compromised, the individual has no recourse, [and] is at heightened risk for identity theft.” In April 2015, Chicagoan Carlo Licata, a Morgan Stanley financial adviser, sued Facebook under BIPA, arguing that the company violated his privacy by using its facial-recognition software to create a detailed geometric map of his face and tag him in photos. Two more Illinois residents filed complaints against Facebook the following month. That June a logistics engineer and paratriathlete named Brian Norberg brought an almost identical suit against the photo-sharing site Shutterfly. Two more plaintiffs sued video game publisher Take-Two Interactive Software on similar grounds in October, and two more went after Google in March. The companies declined to comment for this story. “I think people had really imagined, well, biometrics, it’s got to be an in-person thing. You walk in front of a facial scanner,” says Mark Eisen, a lawyer at Sheppard Mullin in Chicago who specializes in consumer privacy and class-action suits. (He’s not involved in any of the cases.) “So that first lawsuit got a lot of attention, and follow-up lawsuits happened pretty quickly.” Most of the suits focus on photo tagging; in Take-Two’s case, the plaintiffs are worried about the game maker’s creation of realistic digital look-alikes using their facial profiles. Take-Two has argued that the plaintiffs lack standing because they haven’t claimed harm. The lawsuit against Shutterfly survived a motion to dismiss in December and ended with an undisclosed settlement in April. In the Facebook suit, the plaintiffs are seeking information about, among other things, Facebook’s marketing of and third-party access to its faceprint database. Facebook is arguing that BIPA was meant to apply to physical facial scans and shouldn’t apply to photos. The Facebook plaintiffs, whose cases have been consolidated in California, where the company is based, passed a crucial test in May. Facebook had argued that according to its terms of use, disputes should be handled under California law, which lacks BIPA-style protections for biometric data. The judge didn’t agree, ruling that BIPA applies. In a June 29 filing, Facebook made the same argument as Take-Two—that the plaintiffs lack standing to sue because they haven’t claimed harm. Google, meanwhile, is challenging BIPA as unconstitutional on the grounds that one state can’t set rules for the rest of the country. National efforts to establish biometric guidelines haven’t gone well. In 2014 a Department of Commerce agency led an effort to develop a code of conduct for companies using facial-recognition technology, but consumer advocates withdrew from the group the following year, saying tech companies refused to consider the most modest of privacy protections. The effort yielded an unenforceable set of privacy recommendations, published in June. Part of the problem is that government agencies often have an interest in looser consumer protections. In May the Department of Justice proposed exempting the FBI’s facial-recognition program, called Next Generation Identification, from privacy protections. In June the Government Accountability Office reported that the FBI program failed tests of accuracy and privacy. So far the report hasn’t led to any action. In Canada and Europe, Facebook stopped offering tag suggestions on photos following pressure from regulators to obtain consent to collect people’s images. In the U.S., BIPA has become a target. Just before Memorial Day, with the Illinois legislature rushing to finish its session, Democratic state Senator Terry Link proposed an amendment to the statute that would have excluded photos and digital images from protection and neatly undercut the lawsuits. The ACLU’s Dixon says the amendment was Facebook’s doing. Link declined to comment. Following outrage from advocacy groups such as the ACLU and the Electronic Frontier Foundation (EFF), it was shelved without a vote, but there’s nothing stopping its reintroduction. “This measure was introduced right before the Memorial Day weekend and could have been passed and changed the law over that weekend,” says Jennifer Lynch, a senior staff attorney at EFF. “If we only have one state with a law that protects use from commercial biometric data collection, and it’s so easy to change that law, it just shows how tenuous the protections on our privacy are.” The bottom line: For now, an Illinois statute is the strongest check on corporate use of biometric data such as fingerprints and facial profiles.

Why You Should Not Use The New Smartphone Fingerprint Readers

Sun Jan 28, 2018 10:13 pm

Why You Should Not Use The New Smartphone Fingerprint Readers

URL: ... t-readers/
Category: Privacy
Published: March 5, 2015

Description: Over a year ago I wrote a piece for Forbes that warned of serious security concerns created by the Apple iPhone’s TouchID fingerprint authentication; I speculated then that hackers could gain unauthorized access to users’ data by using lifted fingerprints. Days later, hackers successfully did just that. This week, Qualcomm announced a new smartphone fingerprint authentication technology that might offer dramatic improvements over TouchID. The new offering leverages sound waves to create and analyze a detailed three-dimensional replica of a user’s fingerprint, something that cannot be impersonated simply by lifting prints off the side of a phone, as can commonly-used two-dimensional prints. Aaron Tilley has a piece in Forbes that describes Qualcomm’s new offering and its potential advantages over TouchID. While the benefits of 3-D fingerprint authentication on smartphones may be substantial, I still have several serious concerns about the use of fingerprints on smartphones:
1. The most obvious concern is that the system may not work as well as people expect; there were claims in 2013 that TouchID would also perform 3-D analysis to avoid being tricked by images of lifted fingerprints; such claims obviously did not hold up to hackers. Time will also tell how significantly inaccuracy impacts people leveraging the new technology; in general, fingerprint-based authentication suffers from a problem that either legitimate users are going to occasionally be denied access, or inappropriate users are going to sometimes gain unauthorized access.
2. In many jurisdictions, if you secure your phone with a fingerprint police have the right (without any warrant) to force you to unlock your phone and let them inspect its contents, but if you secure your phone with a password law enforcement has no such right. This may sound crazy, and counterintuitive, but it is the law.
3. Despite assurances that collected fingerprint data is never actually transmitted from the phone and is processed only in an area separate from the operating system, there remains the risk that criminals may find ways to get to the data. Unlike passwords, fingerprints cannot be reset – if a criminal obtains a fingerprint along with the user’s identification information he can potentially use it to steal the user’s identity and commit crimes for decades; evildoers certainly have the incentive to look for ways to steal this information, and will likely invest in technology to do so. Once people are conditioned to trust a phone fingerprint reader, for example, couldn’t criminals potentially sell slightly modified-internally devices on the secondary market and capture actual fingerprints?
4. What would happen if some government “asked” phone manufacturers to create a back door to store or send it fingerprint information, and to lie to the public with denials of the existence of such a program. Considering the news of the past few years such a scenario seems far from impossible. For the foreseeable future I’ll be securing my phone with a password.

The 2 Big Problems with Fingerprint Security

Sun Jan 28, 2018 10:32 pm

The 2 Big Problems with Fingerprint Security
Yahoo News

URL: ... 08679.html
Category: Privacy
Published: January 28, 2015

Description: Thanks to the incredibly good fingerprint reader on the iPhone, millions of people have become accustomed to the everyday use of biometric security: the use of a unique biological characteristic as a security pass. Fingerprints are the biometrics we’re getting used to, but there are other forms of biometrics, like iris scans, voiceprints, heartbeats, and even gait detection (how you walk). Biometrics are incredibly convenient and they can also be very secure. But they also have two really big issues that can bite users if they are not careful. I’ll tell you how to watch out for this in a second. But first, let me reiterate the benefits of good biometric security. First, there’s nothing to remember. You can’t forget your fingerprint. You don’t have to write it down. You can’t even get drunk and accidentally blurt out your fingerprint. They’re quite safe, as secrets go. And you can’t beat the convenience. Second, as I said, biometrics can be secure. Well-designed systems that use biometrics don’t store a digital copy of the biometric (like a fingerprint). Rather, they store what’s called a hash of the identifier. Math is used to verify that a scanned biometric is the same one that was registered as authentic, but you can’t go the other way and generate the fingerprint from the hash. So if, for example, your iPhone is stolen, nobody’s going to be able to extract your fingerprint from it and use it elsewhere. And now, the issues.
1. They will be hacked
Eventually someone will figure out a cheap and easy way for bad guys to steal your fingerprint from a bar glass and make a fake finger (one that appears to be alive) that can be used to unlock your phone. Complicated or expensive methods for this already exist. It’s just a race towards convenience for the bad guys. Or, worse, an entire biometric system, like Apple’s, might be hacked at the source. Then what? If your password is hacked or stolen, you set up new passwords. But if your fingerprint is hacked, what are you going to do, get a new finger? No. And that’s the big problem with biometrics. You cannot really rely on them as at the first line of defense or your only authentication system. “You cannot use a biometric as a primary authenticator, or you’re gonna have a bad time,” says Joseph Lorenzo Hall, chief technologist of the Center for Democracy & Technology. “It’s not secret. You can’t change it. So you always have to have something else.” Security experts like Hall recommend using passwords as the first line of security, and using biometrics as an additional factor in security — so there are two things need to get into an account. Hall says that sensitive installations are protected by three factors: To get access to their systems, you need a password (something you know), a biometric (something you are), and a special physical device (something you have). All of these factors have to line up before the system will open for you. So should you forgo using Apple’s fingerprint security and lock your device with a password instead? Hall says not to stress about it. “I would recommend using it and not worrying about it. It’s designed to fail safe.” In other words, if anything goes slightly wrong with your iPhone’s fingerprint security, as it likely would if someone was trying hack in, the phone drops back to asking you for your password. Alexander Abdo, a staff attorney at the American Civil Liberties Union who studies information security, agrees that Apple’s fingerprint system is good for consumer security. “I’m sure countless users now use biometrics to lock their phones, people who before may not have locked them at all.” But you have to make sure that first line of defense is strong. Hall uses an 11-digit passcode on his iPhone, not the standard 4-digit pass. “I know there’s law-enforcement equipment to crack a 4-digit phone in two minutes. I want it to take longer.”
2. You can’t keep them to yourself
Passwords have a special standing in American law. They are knowledge, and the U.S. constitutions’s fifth amendment protects you from things you know that can be used against you in any way. As Hall says, “They can’t force you to give it up if it’s only in your head. But a biometric factor is not in your head. It’s not mediated by knowledge.” You fingerprint, or other biometric identifier, is not something you know, it’s something you are, and that’s not protected. In other words, you can be legally compelled to place your fingerprint on a scanner (or your eye in an iris scanner). Both Hall and Abdo agree that this distinction is fuzzy. “The law is a little bit of a mess,” says Hall. “It basically says you have no 5th amendment right to your biometrics.” Abdo adds the ACLU position: “We think the law should equally protect passwords and biometrics.” But it doesn’t. And protections outside of courts are even worse. As Abdo points out, governments collect biometric identifiers all the time, without the knowledge of people. “Your physical gait can be captured at a distance,” Abdo says. And then it can be used to identify you later. There are also fingerprint databases. Iris scan databases are growing. DNA databases are next. At sensitive locations, protections against the collection and use of all digital access keys, including biometrics, are even less. You have no 5th amendment right at a border crossing, for example, and often not in other countries, either. A border agent can simply deny entry to a country (or worse, put you in a jail cell) if you refuse to provide access to the electronic device he wants to get in to. To get around this, Hall says, the best advice is to not take anything across a border that is sensitive. Depending on what you don’t want discovered, you might want to follow this advice: “Use secure Web storage, so you don’t cross the border with your data. Cross only with a wiped or new machine, and wipe or destroy it before you leave.” But outside of the border-crossing scenario, to protect devices that use biometric security, make sure that they are primarily locked by a legally-stronger password first, with a biometric used only as a second or convenience factor.
Security is not a luxury
We rely on security to keep our economy running. Without passwords and encryption, we wouldn’t have Internet banking, or online commerce, or private email, or social networking. These basic functions of society depend on citizens being able to trust that their data and devices are secure. As parts of this system, we all to understand how to work in it safely, just as we understand how to cross a street safely in our physical world. And there are things we can do to stay safe, not the least of which is using strong passwords, and knowing the limits of biometrics.
Post a reply