How to store and protect captured data on the back end of a biometric application

In this Ask the Expert Q&A, our identity and access management guru discussses how to store and protect biometric data that is placed on database servers.

Joel Dubin

When developing a biometric application based on client-server technology, which back end is preferable to store the captured data?

All biometric data, when captured by biometric devices, starts out as analog data. Whether it comes from a fingerprint reader, a facial recognition camera or an iris scanner, for example, the data is collected in a form that can't be read by a computer system. In other words, it must be converted into a digital form -- meaning digitized -- that can be read and digested by a back end system.

The issue then isn't the back end system. It's the security of the back end platform that you choose. The choice...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

of platform should be driven by the business and technical requirements of your application, nothing more. The security of the back end can and should be baked-in simultaneously with the development of the application. Choose your back end, then make it secure, not the other way around.

Again, biometric data is no different than any other data moving across the wire to your back end. That means it should be protected from the same vulnerabilities as the data moving through your network. It should be protected from theft and replay. If captured, biometric data can be replayed to impersonate the legitimate user and gain unauthorized access into the system. That makes it easy for the attacker, who doesn't need to have the right fingerprint, face or iris pattern. All they need is the digitized biometric data.

Protect biometric data both en route to the back end and on the database where it's stored. At the same time, harden the database servers storing such data as you would any other server:

Turn off any unnecessary services on the database servers.
Restrict access to the servers, particularly administrative access through appropriate assignment of groups and roles.
Encrypt sensitive data, including biometric data, when in transit to or from the back end servers.

More Information

Visit our resource center for news, tips and expert advice on biometric systems as an access management and authentication method.

Uncover today's authentication challenges.

This was last published in November 2005

Dig Deeper on Biometric technology

Biometric authentication terms to know Consumers are on board with biometric authentication, but enterprises aren't so sure. Here's a breakdown of the must-know terms for companies considering biometric authentication.

biometrics Biometrics is the measurement and statistical analysis of people's unique physical and behavioral characteristics.

How mobile biometrics can strengthen security The eye-opening reality: iris scans, and other biometric authentication methods, will soon be used for enterprise mobile security, phasing out the old username and password.

Microsoft Windows Hello Microsoft Windows Hello is a Windows 10 authentication feature that allows users to access compatible hardware devices without a password.

image replay attack An image replay attack is the use of a picture to fool an authentication method. Image replay attacks are most commonly used by an attacker trying to gain entry to a system protected by less-than-secure biometric authentication technology implementations.

Specific Biometric Techniques: Glossary This glossary provides definitions for the most commonly encountered biometric techniques.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

Please create a username to comment.

AWS Access Analyzer aims to limit S3 bucket exposures

How to evaluate CASB tools for multi-cloud deployments

Juggling a multi-cloud security strategy takes work

Assess the Wi-Fi 6 features available in Wave 1 and Wave 2

3 networking startups rearchitect routing

A deep dive into the differences between 4G and 5G networks

Shell, Halliburton, Unibap AB execs share real-world AI strategies

What's the difference between RPA and IPA?

The technological evolution of IT industry leaders: 2000 - 2020

Windows 10 issues top list of most read stories for IT pros

How to fix printer problems after a Windows 10 update

HP rolls out new remote workstation product ZCentral

Review these Azure Service Bus best practices

Instill cloud change management best practices

How much cloud does an IT disaster recovery plan need?

UK financial services regulators tell banks to own their IT disasters

NetApp’s Keystone hybrid cloud storage ‘try-before-you-buy’ for on-prem

Mettis Aerospace completes world’s first phase-one Wi-Fi 6 4.0 trials

Related Resources

Dig Deeper on Biometric technology

Related Q&A from Joel Dubin

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.