The Risks of Biometry – Try to Revoke…

One thing I was always worried about when we talked about biometry: What do you do if the database which stores your credentials gets compromised? Well, it happened: Stolen OPM Fingerprints: What’s the Risk?

I am not aware of any successful and active attack so far as I guess nobody tried to replay the fingerprint but what do we do if this happens? You can hardly revoke your finger…. I know, it has to come from a trusted source as the machine asking for authentication has to be know but hey, there are a lot of ways to forge that as well. And then? Well, then we have a problem and most probably go for another authentication method…

Or do I misunderstand something?

Roger

Roger Halbheer

Roger Halbheer is an Executive Security Advisor at Microsoft in EMEA acting as a trusted advisor to CxO. Before that he was a Managing Director at Accenture's Financial Services. Before joining Accenture, he was the Chief Security Officer of Swisscom (Switzerland's largest telecom provider) and the global Chief Security Advisor for Microsoft.

Zero Trust
October 25, 2019

Still relying on the network? It is the user!
September 11, 2019

Using multi-factor authentication blocks 99.9% of account hacks
September 2, 2019

How to leverage “Secure Access Workstations” for the Cloud
August 16, 2019

Decentralized identity and the path to digital privacy
May 17, 2019

Shared Responsibility in the Cloud (and how to mess it up)
May 14, 2019