Emergent Chaos: You can't change your fingerprint

Navigate to next or previous posts:

« What If The Hokey Pokey Is What It's All About? | Emergent Chaos Main page | Emergent Chaos and Pirates »

You can't change your fingerprint

(Posted by adam)

One of the most useful things you can do to protect your passwords is to change them regularly. This bounds the effect of many attacks which obtain your password, by various cracking techniques or by mistakenly entering it in the wrong place. After you've changed your password, the old one doesn't do any good. This doesn't help if you're worried about spyware or a compromised server sharing your password, but it does help in many cases, and is the origin of many password change policies.

However, in cases where your finger is used to identify or authenticate you, it's much harder to change your password. To date, we haven't seen open market sales of biometric information captured by private sector companies like Disney or Seaworld, but Bob Sullivan identifies a case where a Disney "contractor [was] caught trying to sell Disney data:"

An employee who works for the company that processes Disney Movie Club transactions was caught trying to sell customer credit card information, Disney told its customers this week. The story echoes an incident revealed by Fidelity National Information Services earlier this month.

Now, we know about this because it was credit card data. If it was your fingerprints, you'd be entirely out of luck, and you wouldn't even know it.

Photo: PartyPig's password, on Flickr. I think he has a different title.

Posted by adam on July 14, 2007 at 8:08 PM in breach analysis . You can: comment, view comments (6), search Technorati.

Bookmark this post:

Comments

You'd be SOL in most states. In Florida, you'd be SOL unless unauthorized and fraudulent use occurred. In Nebraska, North Carolina, and Wisconsin, personal information includes biometric data (as I read the Perkins Coie chart).

http://www.digestiblelaw.com/64/s1088/news/www.perkinscoie.com/statebreachchart/chart.pdf

Posted by: Chris | July 14, 2007 8:28 PM

Your password identifies you because it is secret. Your fingerprint identifies you because it's permanently attached to your body. Your fingerprint doesn't have to be kept secret, but unlike a password it does need to be entered through a trustworthy path.

A useful biometric system would require a live finger and wouldn't be spoofable with a copy of someone's fingerprint. Real systems have often been spoofable, but that's a bug and not a feature.

Posted by: Frederick Wamsley | July 15, 2007 12:04 AM

History seems to suggest that relying entirely on the unspoofability (is that a word?) of a hardware device is a Bad Idea. They all get broken sooner or later. I'm willing to go out on a limb and suggest that a foolproof fingerprint scanner is not possible to build.

Posted by: David Brodbeck | July 15, 2007 3:03 AM

Fred,

Are you sure about that permanently attached claim?
http://www.emergentchaos.com/archives/2005/04/a_picture_is_wo.html

Posted by: Adam | July 15, 2007 5:07 PM

"out on a limb" is close enough to a pun when discussing fingerprints that I chuckled. Thanks, David!

Posted by: Chris | July 15, 2007 6:29 PM

heh.. right on! in fact a short while ago i wondered the very same thing (http://www.sensepost.com/blog/1114.html) re: being forced to use the only print i have, at relatively low security venues..

/mh

Posted by: haroon | July 16, 2007 7:08 PM