We're in the process of considering different biometrics options for access to highly sensitive information. Would you recommend one area of biometric recognition as more secure than others? For example, would facial recognition software offer greater security than a fingerprint scanner or voice recognition software?
When it comes to biometric security technology, almost all the commercial biometric devices have been breached at some point, government devices excluded. Whether digital photos where used to fool facial recognition systems, high-quality MP3 recorders were used to con voice recognition software, or fingerprints were lifted off of coffee cups for use on fingerprint scanners, nary a one was secure against persons seriously attempting to breach the device.
With that said, for each method that breached the biometric device, a lot of effort and resourcefulness was needed. If you're interested in general business office security for an environment that's unlikely to face such concerted efforts by attackers, using biometrics can be a fine option. The choice among types of biometric devices will depend on several factors: cost/benefit (some biometric products can cost as much as $1,000 per user), volume of flow (You wouldn't want to use a facial recognition system in a heavy traffic lobby area; fingerprint scanners would work better.), in-place physical security to limit access, social acceptability and, of course, business need.
With the details above in mind, there is little confidence differentiation between optic, fingerprint and audio biometrics. The larger differentiation will concern costs per user and support, volume of traffic, user acceptance and layout of the physical area to protect. All three offer low levels of false positives and negatives, but even the MythBusters were able to break these devices on nationwide TV.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Randall Gamby
Learn how to create account lockout policies that detail how many unsuccessful login attempts are allowed before a password lockout in order to ... Continue Reading
When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise ... Continue Reading
Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses. Continue Reading