Biometrics is to Password what Back door is to Front door
Let me try to make the relation of a biometrics and a default password clearer with the picture of a house with a front door of a deterministic password system, to which a back door of a probabilistic biometrics system was added as another entrance.
Residents are required to use the seemingly-convenient back door as the first choice for entry, until they get falsely rejected there. The residents rejected by the probabilistic biometrics authentication at the backdoor would be required to try the front door of a deterministic password authentication. The correct residents with correct memory will enter the house.
If the one-door house was not secure enough in the first place, the two-doored house is made even less secure. Bad guys, who are now given the chance to break the back door as well as the front door, can enjoy an increased attack surface., i.e., lowered defense.
Now, we have thus reconfirmed that the claim that biometrics contributes to identity security is falsity.
Incidentally, what ‘being probabilistic’ means is that it cannot escape the trade-off between False Acceptance (false positive/false match) and False Rejection (false negative/false non-match) and therefore it cannot be used on its own without sacrificing the availability, whereas ‘being deterministic’ means that it can be used on its own.
For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)
< Videos on YouTube>