Comments: Penny Chat

Biometrics are even harder to change than your social security number. If you're looking for a system which is worse, biometrics look very promising.

Posted by Florian Weimer at April 9, 2005 04:01 PM

The problem with the SSN is not that it's out there or that it's hard to change it. The problem is with treating it as though it is secret, when it is not. Your name is out there, and it's pretty hard to change it, but that is not considered a security problem. Imagine if banks would make loans to someone just because they claimed to have a particular name. Would everyone suddenly focus on names as the problem, and talk about how important it was to keep them secret? No, the problem is with a policy of making loans and opening accounts based on treating public information (the SSN) as though it is private.

Biometrics are completely different. They are public and unchangeable, true. But the point is that they are much harder to fake. Anyone can recite someone else's SSN or name. But to fake someone else's biometric is hard, especially if it is being done in front of a human observer. Properly constructed, biometrics do not have the dangers of information-based identifiers like SSNs.

One problem with biometrics is that they can't be reliably used for online identification. The technology is not there, and may never be there, to create an unfakeable remote biometric sensor. This means that any identification which requires biometrics must be done in person. But that's fine. That's reality. The physical world is fundamentally primary and the information world is secondary. We should recognize that reality in designing our information security systems.

Posted by Cypherpunk at April 11, 2005 02:01 PM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x5601e7823c50) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.