Jump to content
The Dark Mod Forums

Why isn't a digital security fingerprint as bad as a fixed password?


Fidcal

Recommended Posts

Why isn't a digital security fingerprint as bad as a fixed password?

 

Fast forward 10 years. Suppose I join Amazon and have to input my fingerprint. Amazon would then have a digital representation of my fingerprint. Then I join Asda, fanfiction.net, Darkmod forums, credit card, bank account, whatever. After a few years there are scores, perhaps hundreds of copies of my fingerprint around the world. Now, it is recommended that you use a different password for every registration and even change it now and again, especially after a security breach. But we can't change our fingerprint. Should any hacker get a copy of my fingerprint then can they not upload that to hack into any of my accounts?

 

So... what am I missing here? Is it something to do with the fingerprint reader that authenticates itself as 'live'? What if that can be duplicated? I've bitten my fingernails down to the bone worrying about this! :D

  • Like 2
Link to comment
Share on other sites

I think, a digital fingerprint scan can work, if you transcribe the fingerprint into a password. That way, you create an individual password depending on the algorithm used. That way you do not really have the fingerprint itself stored, but a password. For increased security you could also change the algorithm with every login. That way the user changes the password everytime he uses it, without even knowing/realising it.

A similar way is used by a friend of mine. She creates her passwords including the use of it. That way she only needs to remember a key component, adds the use and still has an individual password for each service she uses. Of course with a transcrition algorithm the resulting password is way more complex, than what she does.

 

The only danger I can see here is, that you could recreate the fingerprint if you know the algorithm that was used to transcribe it. But that might also not be a problem, depending on which parts of the fingerprint is actually used. You could only recreate the points of the fingerprint used, but not the fingerprint itself. If one service always uses the same characteristics, but each other service a different set, you would need a lot of different services to recreate the whole fingerprint '(if at all possible)

 

So in short: as long as you do not store the whole fingerprint itself, but only use some key features for a password creation, it should be safe.

Link to comment
Share on other sites

Remember that puzzle from the first System Shock where you have to activate a retina scanner with some guy's severed head?

 

Yeah. :laugh:

Come the time of peril, did the ground gape, and did the dead rest unquiet 'gainst us. Our bands of iron and hammers of stone prevailed not, and some did doubt the Builder's plan. But the seals held strong, and the few did triumph, and the doubters were lain into the foundations of the new sanctum. -- Collected letters of the Smith-in-Exile, Civitas Approved

Link to comment
Share on other sites

Service with proper security measures never store their passwords in plain text. They store their passwords hashed. A hash is a function that scrambles a string uniquely, meaning the same string always becomes the same scramble, and no two strings have the same scramble. So rather than sending the password to the server, you sent your scrambled password to the server, which then compares it to the scrambled password it has stored in its database, all the while never knowing your actual password. Then also you want each hashed password to be salted, which means it uses a piece of unique info (like the website name) to influence the hashing function, so that even if two different users have identical passwords, they end up with a different scramble.

You can call me Phi, Numbers, Digits, Ratio, 16, 1618, or whatever really, as long as it's not Phil.

Link to comment
Share on other sites

So, Destined, the fingerprint scan is only local to the pc or device to authenticate the sending of a password and not the fingerprint itself? And the pc/device will only accept the fingerprint scan direct from the scanner.

 

So... a trojan reads that scan and uploads it to the hacker who stores it in his own fake scanner to trick Windows into thinking its a direct scan.

Link to comment
Share on other sites

So, Destined, the fingerprint scan is only local to the pc or device to authenticate the sending of a password and not the fingerprint itself? And the pc/device will only accept the fingerprint scan direct from the scanner.

 

So... a trojan reads that scan and uploads it to the hacker who stores it in his own fake scanner to trick Windows into thinking its a direct scan.

 

Hang on, you just moved the goalposts quite a bit there! If all those sites have a copy of your fingerprint, then it's far less secure than a password, agreed. But if they don't have a copy, they just have a unique one-way hash of your fingerprint that's generated by your own software, then your example problem is solved: someone hacking one of those sites will not have a copy of your FP and won't have access to any other of your logins.

 

Your original point is still a problem though: Identity theft is always incredibly hard to repair but biometric data theft is impossible to repair.

 

I have no idea how these systems work in reality, but (throwing out random ideas) suppose the fingerprint scanner is hardwired and non-programmable, so it's unhackable and only outputs hashes made using a public key supplied by each site. Problem solved?

 

None of this will stop someone stealing your finger or eye as suggested by Melan :)

Link to comment
Share on other sites

So, Destined, the fingerprint scan is only local to the pc or device to authenticate the sending of a password and not the fingerprint itself? And the pc/device will only accept the fingerprint scan direct from the scanner.

 

So... a trojan reads that scan and uploads it to the hacker who stores it in his own fake scanner to trick Windows into thinking its a direct scan.

 

I would agree with SteveL: As long as the scanner does not save the fingerprint itself, but only reads out the data it needs, it is not possible to save/reconstruct your print.

If a trojan (or keylogger) is in play here, you would have the same problem with any authentification. As soon as you enter your password, the third party can get it. It would not make the fingerprint scan less safe than any other password, but also not any safer. The only upside then is convenience: You would not have to type in your password and could make the generated password longer than most people would make it, if they have to type it in (and as afar as I know password safety is mostly dependent on password length).

The question now is: should we use biometric data for passwords? As SteveL said: If this data is stolen at any point, the damage is irreparable. So we might just stick with our "old style" passwords. But the problem is: people are lazy. And if the fingerprint scan is more convenient, I believe that there will be quite a lot of people who would risk the security of their biometric data for a bit of comfort.

 

All in all, I think any security measure can be circumvented if you are creative (or ruthless) enough and have the skills needed.

Link to comment
Share on other sites

That is a good question. As far as I know, in these cases they only use the fingerprint to unlock the phone and that is why it is stored on the phone itself and not in any cloud. But that is as far as my knowledge goes. I have no idea how it is stored or how easy or hard it is to steal the fingerprint from the phone. Most likely it is stored in some encrypted way. Anything else would be more than carless.

Link to comment
Share on other sites

I think the only time I've seen fingerprints being commonly used on their own is to unlock a device, and in those cases it doesn't go anywhere.

 

In almost every other case I've seen fingerprints being used to access sensitive data or applications, they were not used on their own. Instead I've almost always seen them being used in addition to something else (such as a password) as part of some form of multi-factor authentication.

Edited by Professor Paul1290
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recent Status Updates

    • datiswous

      Beta test(er) tip:
      Test your mission at least once with all lights on. This can be done using notarget in console. Maybe just quickly fly around with noclip.
      Also test all lights which are off by default (enable all lights via script?). Mission testers will miss a lot of light bugs, because they take out lights with water arrows etc. and don't turn on lights so they don't spot light leaks etc. I've seen this now in some recent new missions after they're released.
      · 0 replies
    • Bergante

      welcome back Sotha 🫠
      👻
      · 6 replies
    • JackFarmer

      This site is getting more popular by the day - ca. 870 bots online this morning CET!
      · 2 replies
    • Xolvix

      Personal reminder for me to actually get back to TDM and all the missions I missed.
      · 1 reply
    • JackFarmer

      What is actually grammatically correct when it happens in the future? “Paul Atreides is an idiot” or ‘Paul Atreides was an idiot’? or ‘Paul Atreides will be an idiot’? The latter would at least fit in with the whole psychic and providence stuff!
      · 2 replies
×
×
  • Create New...