Vulnerability of Biometric Security Data Revealed After Leak
28 August 2019 - 10:08 by Mike Price
The exposure of fingerprint details linked to more than a million users worldwide has raised questions about the validity of switching to biometric authentication methods as a means of boosting the security of digital services.
This leak occurred not as a result of the activities of underhanded hackers but rather due to the white hat efforts of researchers at VPNMentor. The aim of security specialists working for the firm was to demonstrate the vulnerability of a system known as Biostar 2, which is widely used to scan and record fingerprints.
A number of different businesses and organisations, including the Metropolitan Police, make use of Biostar 2, and so it is clear that a genuine breach could have serious ramifications.
Fingerprints were not the only things to be exposed as a result of this issue, with facial recognition details as well as a variety of personal information relating to individual users also being left unprotected for several days.
Biostar 2 is a product of a developer called Suprema, and the company has since said that it is investigating the issues raised internally and will act to ensure that similar compromises are not possible in future.
There is an ongoing debate about how to make it easier and quicker for people to carry out safe shopping online while also ensuring that security is more resilient.
Biometric scanning can already be used to access devices, log into services and confirm the identity of people who want to make online purchases. This feature may ultimately be adopted as the standard across the industry in the wake of tighter regulations governing transaction authentication which were due to roll out this month but have since been delayed in order to give the finance industry more time to prepare.