The Biomass Downside Of Biometrics :: Symblogogy

Many security systems use a confirmation “second entry” in order to verify the clearance of an individual through a specific pass gate in a secure environment.

In a biometric secure system, however, a “growing” problem is coming of age here in North America.

It seems that the incidents of false positive readings on biometrics devices where a “biometrics only” confirmation verification are on the rise and the reason is a little surprising.

These false acceptances are being triggered through weight creep against many DOD biometric databases.

This item excerpted from TechInsider Blog (Allan Holmes, Bob Brewin and Daniel Pulliam on what's happening and what's being discussed in the world of federal information technology.) -

The Risk of Using Biometrics: People Get Fat

By Allan Holmes Wednesday, June 06, 2007 11:34 AM

The following item was posted by Bob Brewin.

DISA has develop a new guide detailing how individuals gain access to Defense Department computers and networks, which contains pages of cautionary warnings about the use of biometric identifiers.

----

But the guide, which goes by the bureaucratic title “Access Control in Support of Information Systems Security Technical Implementation Guide (STIG),” also warns that current and planned biometric identification systems carry more than their share of risks.

“A compromised password can simply be changed, however once a biometric is compromised there is no going back or changing it,” according to the STIG. “For information systems that currently accept Biometrics-only for authentication, this must be combined with another authentication method such as a password.”

“The central risk of the verification process is that the technology will mistakenly verify a user’s identity when that person is actually someone else – a phenomena known as false acceptance,” according to the guide.