Biometric data as backdoor? Some thinking.

in #privacy8 years ago

More often I read the wish of our government to access our data with or without doing it openly. The biggest hurdle is encryption. The holy technic that seems to be the only barrier between us , the net citizen and governments.

The only way to be 100% sure to access the data after encryption is our password. But potential laws that demand you to give up your password is something that creates a lot of uproar. And will not happen overnight.

But somehow the discussion about biometric data is not often involved.
The last years we see tech companies moving to using biometrics for authentication. Fueled by the great amounts of leaks of normal username/passwords it looks like a good idea to the average user.

And indeed it looks handy. No need to remember your password. Just press your finger on your phone and it unlocks. Or show your sleepy head for your laptop and it unlocks.

But it it not only handy for you. But also for others who have access to your finger prints. We have seen some cleaver and funny hacks to replicate fingerprints, but that is all the discussion I read about it.

What about governments and companies who have our data and biometrics?
Some trends are interesting.

The demand of our governments to collect our biometrics is picking up speed.
The tech industry pursing us for using biometrics more and more. And one day it is the only way.

All approaches for human authentication rely on at least one of the following:
Something you know (eg. a password)
Something you have (eg. a smart card).
Something you are (eg. a fingerprint).

For me it is clear that your biometrics is the backdoor of the near future. It used to be "something you are" to "something the governments and companies owns". And it seems we(they) want to get rid of the "something you know"

And don't stop by thinking about what happens in your homeland. What about:

Leaving fingerprints in other countries when you enter for example.
What countries can access the data your homeland has asked from you?
How do we even know where the data will go?
How secure will the data be stored and handled?

1: If privacy is something you feel is important it seems to be unwise to protect your data with it.
2: And be sure what your right are when it comes to leaving your biometric data to some company or government. Al tough most of the time you will not have a choice. So that brings you back to point 1

Sort:  

That is a super good article. I wrote a paper about identity management a few weeks back and I will publish the essence of it on Steemit in a couple of days.
If you are interested in Data and stuff like that we should definitvely connect.
I follow you know.

Strangely it would seem that password is the only true secure authentication method.