If a hacker steals your password, you can create a new one, but if someone gains access to your fingerprint or iris data, you can hardly replace your fingers or eyes. A new study has offered a technique that would allow users to “update” their biometric information, potentially improving online safety.
Concern about the security of using biometrics instead of passwords has grown this month amid reports that scammers could extract close-ups of fingerprints from social media photos, “enhance them with AI” and use them to gain access to accounts or commit other cybercrimes, said Moneywise. It “sounds like the stuff out of spy novels or ‘Mission Impossible,’” said Vyas Sekar, a professor at Carnegie Mellon University, to CBS News. But in “theory, it’s possible, especially if people are posting high-resolution images.”
According to a study in the International Journal of Computational Vision and Robotics, “irreversible identity theft” can be “largely avoided” by allowing users to “reset” their biometrics, said TechXplore. The method is “similar to changing a password,” said Knowridge Science Report. Rather than storing a person’s original fingerprint or other biometric information directly, it transforms their data into a protected version “difficult to reverse-engineer.” The data is then “further scrambled and compressed” into a secure digital version.
In this form, a person’s identity can be verified, but the original biometric data is hidden. If the protected version is ever compromised, it can be “cancelled and replaced,” said Knowridge Science Report. Even if hackers gained access to the stored information, the user would not be permanently exposed.
|