Early models of smartphones were safer than newer models - How come?
Early iPhones with PINCODE alone were safer than the newer iPhones with TouchID and FaceID added. The same observation also applies to the newer models of all the other smartphones, PCs and tablets that come with biometrics.
The point is that even a perfectly hacking-proof biometrics could only provide the level of security lower than a PINCODE-only authentication when the biometrics is deployed in 'multi-entrance' method with a PINCODE as a default fallback measure against false rejection (false non-match).
This is what a logical reasoning inevitably leads us to, as illustrated in the picture above and in this brief video.
Biometrics might help security in physical space where there are competent managers who are ready to take care of falsely rejected people. But, in cyber space, the fallback measure against falsely rejection (an extra entrance) has to be provided by the falsely rejected people themselves.
The security effect of ‘multi-entrance’ deployment of 2 authenticators as against ‘multi-layer’ deployment is quantitatively examined in the article 'Quantitative Examination of Multiple Authenticator Deployment'
A huge amount of resources have been spent for a huge volume of biometrics products. We could say that the resources were well spent if all the users and consumers had knowingly adopted the biometrics solutions as a convenience-improving tool, not a security- enhancing solution. We doubt it is the case.
Sharing our observation may well be enormously embarrassing and inconvenient for the people who had advocated, promoted, recommended and marketed the biometrics products as a security enhancing tool.
Staying silent could be taken as opting to be complicit. We could be somewhat sympathetic in view of the collective pressure of the environment, but their children and grandchildren may be just unsympathetic. We would like to recommend them to come out and speak up sooner than later.
< Related Articles >