After reading articles,books and seen many movies on this theme, I see there're are a lot of people excited about this technology. People who really believe that this is a truly reliable approach to validate human entities for security screening purposes.
However, I completely disagree with this and consider biometrics as just a fashion/trend gadget of our time. And here is some evidence I present to support my argument. Lets take the main components used in biometrics today:
- Iris recognition. Easy to be duplicated using a photo. Today someone can get a
detailed picture of your eye from hundred of meters away using telescopes which are getting
increasingly better and cheaper. This then can be easily printed on any surface and it will
fool any recognition system not assisted by a human. Alternatively, this can be printed on
contact lens so it ca even fool these which are human assisted. Or if someone is
really desperate to get in somewhere, he could just take you by force or take you head of or
just your eye. You have less of a choice then when you have your password deep in your mind and
it's up to you if you want to give it away or not.
- Fingerprint. Even easier to duplicate, we let our fingerprints everywhere, on the glasses, on
the door handles, etc. For someone to duplicate your id for a machine not assisted by a human
it will be very easy. Not to mention the brut force methods. However, for human assisted machines
might be a bit more difficult for the moment, but not for long with the advances in
rubber/plastics. Not to mention genetics and plastic surgery.
- Voice recognition. Probably the easiest to copy and duplicate. On top of this it will be always
unreliable, as someone's voice will change with to many factors, which we don't always control.
- DNA match. Well, there is still a lot to be done here and this someone believes will
provide undeniable evidence. However, yet again, this will probably be difficult to fake
for these machines which are closely assisted by human to make sure that you actually provide
a DNA sample from you body to one you got form somewhere else. To get someone's DNA is extremely
easy, easier then any of the other biometrics elements. We leave DNA samples on every object
we touch, with each strand of hair we loose (thousands a day).
As you can see, biometrics cannot be considered at all secure. In fact the
current system based on passwords which you memorize are more secure because as long as you
keep them deep in your mind it will be difficult for someone to access them. Biometrics by
difference is based on static material evidence, which can be easily reproduced. This is
why I think this method is just a "gadget".
Well, enough with the criticism, and how about a real way you can probe
identity and which cannot be reproduced or stolen? Did you ever think what does actually
uniquely identify an individual and is not reproducible? I did, and I have
the answer, which I will publish here as soon as I will have the time to mirror my ideas
into a readable content.
Written By: Larry O. Lart, 21st of December 2001
|