Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial DirectorWhen it comes to biometric security technology, almost all the commercial biometric devices have been breached at some point, government devices excluded. Whether digital photos where used to fool facial recognition systems, high-quality MP3 recorders were used to con voice recognition software, or fingerprints were lifted off of coffee cups for use on fingerprint scanners, nary a one was secure against persons seriously attempting to breach the device.
With that said, for each method that breached the biometric device, a lot of effort and resourcefulness was needed. If you're interested in general business office security for an environment that's unlikely to face such concerted efforts by attackers, using biometrics can be a fine option. The choice among types of biometric devices will depend on several factors: cost/benefit (some biometric products can cost as much as $1,000 per user), volume of flow (You wouldn't want to use a facial recognition system in a heavy traffic lobby area; fingerprint scanners would work better.), in-place physical security to limit access, social acceptability and, of course, business need.
With the details above in mind, there is little confidence differentiation between optic, fingerprint and audio biometrics. The larger differentiation will concern costs per user and support, volume of traffic, user acceptance and layout of the physical area to protect. All three offer low levels of false positives and negatives, but even the MythBusters were able to break these devices on nationwide TV.
This was first published in June 2010
Security Management Strategies for the CIO