Biometrics are inherently spoofable because key tokens are not linked to a particular individual.
Stephan Engberg, founder and CEO of Priway, in Lyngby, Denmark, said it is crucial that revocable biometrics be used.
He is a former member of the Strategic Advisory Board of the European Union Security & Dependability Taskforce and since 2001 has been involved in security road mapping for European Union FP7 research programs.
“Revocability of biometrics isn’t just ‘good’ for security — it is vital for security in a digital age,” Engberg said. “What happens to you, when your biometrics gets spoofed? Do we shut you down and blacklist you permanently? Any attempt to establish ‘security’ based on non-revocable biometrics, or more precisely using biometrics alone as proof of identification, is bound to fail.”
People seem to assume that biometrics are safe and constitute proof of identity, Engberg said. For instance, in banking there is a massive failure to focus on signatures for payment transactions as identification. Instead companies should focus on transaction authentication by ensuring that the person authorizing the transaction uses a biometric key to sign the transaction details.
To do this, users must move beyond biometrics for identification and integrate biometrics as part of encryption or cryptographic signatures.
A company in Colorado Springs is doing just that.
Securics Inc is developing and supplying revocable biometrics, said Dr. Terrance Boult, the company’s CEO and El Pomar endowed chair of innovation and security at the University of Colorado at Colorado Springs.
Securics’ trademarked, patent-pending “Biotope” tokens are revocable, cryptographically secure biometric tokens — or “biotokens.” Biotope tokens have multiple components, or keys, and changing any one key produces radical changes in the Biotope representation.
“We transfer the biometric data of a fingerprint, or facial or voice recognition, into a revocable identity token, without storing the fingerprint — or raw data,” Boult said.
Securics’ technology supports the unique ability to determine a match between stored and live Biotope tokens while in “encoded” form, so raw data is never decrypted.
Revocable tokens can be given expiration dates. If data in a system is compromised, that database can be revoked (similar to canceling a credit card) and new tokens reissued to each user — without requiring individuals to be re-fingerprinted.
“No one serious about security would use a password or ID card, which could not be changed or revoked,” Boult said. “Why expect less of biometric security? When the public becomes aware of the risks to their privacy and the potential for identification theft — without recourse — they will demand revocability.”