Biometric systems are presumed to be a strong form of security because they authenticate users through fingerprints, retinal patterns and other unique physical characteristics. But, what happens if that information is compromised?
With biometrics, what's transmitted and compared isn't an image but a digital template. These templates, due to lack of standardization, are tied to a given solution, and their compromise currently won't create a widespread problem.
However, it's still possible to launch an attack against an individual enterprise by compromising the templates through theft or fraud, rigging the matching algorithm to always yield a desired response or attacking the communication channel to intercept and plant information. But these risks can be lessened with planning.
"It's really just a matter of taking industry-accepted standard protocols that we use every day for secure Web sites -- for example, to prevent man-in-the-middle attacks -- and making sure that the biometrics system, if it's server-based, uses those same protocols," says Greg Jensen, CTO of biometric solution vendor Saflink. Jensen says that such measures include using a secure server behind a firewall, encrypted templates and authentication to the biometric device itself.
What if the biometric solution is self-contained and maintains the template database itself? Information security managers must demand evidence that the systems and templates are secure and tamperproof. Otherwise, the situation would be similar to poor encryption key management.
"If the vendor of a biometric solution can't secure those templates, I'm sure as heck not going to buy it," says Rich Mogull, research director of Gartner Group's Information Security and Risk practice. "That's a must-have."