Biometric authentication seems to be the authentication technology of the future. Scan the finger on the finger print scanner and payment is done for your purchase. No need to type out your card details and enter OTPs. Scan your retina and your attendance is marked. No need to swipe cards and punch in passwords. Just speak into your phone and it gets unlocked based on your voice pattern. There is no need for complex PINs and patterns. But is it really as safe as it is made out to be?
How does biometric authentication work?
To understand the point of failure or point of the breach, it is important to understand how the biometric authentication system works. The authentication system is primarily composed of four sub-modules that communicate with each other.
Sensor: This is the device that scans the biological feature and converts it into a digital format. For example, the finger print or retina scanner, or camera for face recognition are most popular sensors.
Feature extractor: From the digital format, the key differentiable features of the said biological features are identified and extracted. This part identifies the fingerprint or the retina pattern etc.
Matcher: This module compares the scanned feature with the feature stored in a database for the closest match. It is usually not possible to get a 100% match due to various reasons. The matcher works based on a percentage of the match found. It could be as low as 70% to as high as 95% for critical systems. This is where the positive or a negative decision about the match is made and is sent to the down-stream application as authentication decision.
Template database: This database holds the feature scan of the genuine users, to be matched against. The volume of data may vary based on system users. For example, in a fingerprint based attendance marking system, the database would hold the fingerprint scan of all employees while in a smart phone, it would only have one record- of the smart phone user.
Each of these modules and communication between them is prone to hacking.
How does a breach occur?
Each of the modules can be hacked along with another module to trick the system into generating a positive authentication and gain access to the downstream application. Here are a few most popular mechanisms to breach such systems.
1. Sensor breach: Though possible, this one is supposed to be the toughest part to breach. The hacker fakes the feature being scanned and presents it to the sensor for the scan. Though rare, cutting a finger of the user and using it for the scan is not unheard of. Most of the technology development happens here. The more detailed the scan, the better is the authentication decision.
Read more: Impact of data breach on Startups
2. Template database: This is where reference feature scan or the data of feature scan of users who have access is stored. The breach here occurs in two ways:
- In the first one, the hacker’s biometric features are inserted into the database. The hacker can then just access the scanner like a normal user and access the protected system.
- In the second kind of hack, the database is hacked to obtain the feature record of an existing user. It is then used to create a fake biometric feature and present it to the sensor or in a much easier way present the hacked feature to the matcher module itself. The second method is preferred when physical access to the protected system (such as door access systems) is not required.
3. Matcher: This is also a popular target for hacks and can be done in two ways:
- In the first, more simple and effective way, the output of matcher is hacked and replaced with a positive authentication result and passed on to the downstream application.
- In the second or rather tricky way, the algorithm of the matcher is altered to produce positive authentication at a lower percentage of match. It could be as low as 5% or even 1%. In such case, every scan passes through as positively authenticated. The risk here is that since almost every scan passes is positive; the hack may be detected quickly.
4. Inter-module communication: In this kind of hack, the communication between any two modules is trapped and replaced with hacker’s data so that the next module produces the desired result for a positive match.
Biometric authentication systems are like any other IT system. They can be hacked to steal or alter the data or change their behavior. They need to be protected like any other IT system using firewalls, gateways and access management. It is only then that the biometrics system can show their true capability.