Risk of Biometric Data For Authentication
Exposed biometric data is a serious authentication risk for digital solutions, including the Metaverse.
A study by Trend Micro reveals threats from stolen or leaked biometric data. These are facial, voice, iris, palm and fingerprint patterns that can be used to fool authentication systems. Images and audio content posted daily on social media and messaging platforms, news sites, and government portals are becoming valuable assets for cybercriminals
There are numerous attack scenarios that show how threat actors use stolen or leaked biometric data. For example, personal data can be used to create deepfakes and influence polls or elections. Cybercriminals also have the ability to authenticate fraudulent transactions, fake accounts or purchases online. In addition, connected devices such as virtual or augmented reality (VR/AR) headsets pose a threat. When manipulated by threat actors, they serve as a tool to bypass authentication systems.
High-resolution images increase risk
Biometrics play a much more important role today than they did a decade ago. The higher resolution of smartphone cameras, support for 4K video and high-resolution images through media platforms, the cloud, data mining, and artificial intelligence or machine learning (AI/ML) capabilities are leading to an increase in risk. Surveillance cameras can track people based on facial recognition algorithms. These are trained based on data uploaded to social media by users.
“The use of biometrics has been widely advocated as a more secure and simple alternative to passwords. However, unlike passwords, physical features cannot be easily changed,” warns Udo Schneider, IoT security expert at Trend Micro ” Thus, compromise has long-term implications for the user.”