No Need to Wait - Already Defeated by Itself
“AI May Soon Defeat Biometric Security, Even Facial Recognition Software” In this article Artificial Intelligence is taken up as a major threat to biometrics security.
Biometrics is already defeated, however, by itself where it has to depend on a password/PIN as a fallback means against false rejection.
More specifically, biometrics vendors may be able to make their products much more fake-proof, but even the perfectly fake-proof biometrics would still be less secure than a password where it is co-used with a backup password; two entrances placed in parallel provide nice convenience not only to consumers but also to criminals as outlined in this video and closely explained in this article.
And yet, consumers are still adopting fingerprints and selfies. It is presumably because
1 placing a finger on a sensor and taking a selfie look far simpler and easier than feeding PIN/passwords for consumers
2. consumers are not informed that the biometrics and the PIN/password they had registered are deployed in ‘multi-entrance’ method that brings down the security to the level lower than a PIN/password-only login. (Reversely ‘multi-layer’ deployment brings up security)
While informed consent must be respected, misinformed consent must be corrected and disinformed consent punished, particularly when it brings a serious case of the false sense of security (illusion of safety).
Biometrics vendors are expected to explicitly tell the consumers that biometrics is a tool to improve convenience and must be used with a yet stronger password/Pin where they do not like to ruin the security that passwords/PIN have so far provided.
< URL >
AI May Soon Defeat Biometric Security, Even Facial Recognition Software
Biometrics in Cyber Space - "below-one" factor authentication
Confusion Still Persists With Biometrics And Passwords