As individuals, we are completely unique. No two people have the same fingerprints, faces or retinas, and as such we have started to use these body parts like keys to unlock devices instead of passwords.
Passwords can be easily forgotten, unlike our fingers…
Our digital and physical selves are becoming ever more intertwined. Our increasingly impatient nature and intrigue for futuristic tech has meant millions of people the world over have offered up their biometric data with hardly a second thought.
But, what happens if copies of your face or your fingerprints are stolen?
Antivirus firm Kaspersky Lab has designed a ring to address this key vulnerability with biometric authentication that comes with a built-in dummy fingerprint.
The company teamed up with Swedish jeweller Benjamin Waye to create the ring that is set with a 3D-printed rubber “biometric stone” made of “thousands of conductive fibres” containing a synthetic fingerprint.
Each ring comes with a unique fingerprint sourced to a software tool and the artificial prints are never stored to prevent leaks.
“That ring can be used to authenticate the user with biometric systems, such as a phone or a smart home door lock. And if the data of the ring fingerprint leaks, the user can block this particular ring and replace it with a new one—and their own unique biometric data won’t be compromised,” Kaspersky says.
While many may see the threat of hacked biometric data as simply scaremongering — it’s already happened.
Last year, fingerprint, facial recognition, username and password information for more than one million people were found on South Korean company Suprema’s publicly viewable database, BioStar 2. Their hacked database had been used by banks, defence contractors and the Metropolitan Police.
For now, the ring is only a concept device aimed purely to draw attention to the security risks of using our most unique assets for biometric authentication.
According to Kaspersky, a better solution is to build protections inside electronic devices to prevent fingerprint or facial data from ever leaking.
Thankfully, electronic devices such as smartphones generally store fingerprint or facial data on a dedicated chip in the hardware itself and not in an online server. Kaspersky, however, has said they have detected spyware that is potentially capable of stealing biometric data from computers, although the threat is relatively rare.