Guiding consumers since 2009

Biometric authentication may not be safe

By Jessica Anne Wood

It is common knowledge that skimmers and similar devices gather the data on your bank card when swiped through the machine, or even just placed near it. To combat this, a number of changes to bank security have been made, including the introduction of chipped cards, while these are harder to clone, it is not impossible. And it seems biometrics are no better.

A recent Kaspersky Lab report found that at least 12 sellers in the cybercrime world are already offering skimmers capable of stealing victims’ fingerprints.

“While many financial organisations consider biometric-based solutions to be one of the most promising additions to current authentication methods, if not a complete replacement for them, cybercriminals see biometrics as a new opportunity to steal sensitive information,” revealed Kaspersky Lab.

The technology

A Kaspersky Lab investigation discovered that there are at least three underground sellers who are already researching devices that could illegally obtain data for palm vein and iris recognition systems.

In September 2015, the first wave of biometric skimmers appeared in ‘presale testing’. However, evidence suggested that there were several bugs in the early designs, among them the slow transfer of the large volume of data obtained. Kaspersky Lab highlighted that due to this, new versions of these devices will use data transfer technologies.

Furthermore, there are indications of ongoing discussions in underground communities relating to the development of mobile applications based on placing masks over a human face, according to Kaspersky Lab. “With such an app, attackers can take a person’s photo posted on social media and use it to fool a facial recognition system.”

Olga Kochetova, security expert at Kaspersky Lab, highlighted: “The problem with biometrics is that, unlike passwords or pin codes which can be easily modified in the event of compromise, it is impossible to change your fingerprint or iris image. Thus if your data is compromised once, it won’t be safe to use that authentication method again. That is why it is extremely important to keep such data secure and transmit it in a secure way. Biometric data is also recorded in modern passports – called e-passports - and visas. So, if an attacker steals an e-passport, they don’t just possess the document, but also that person’s biometric data. They have stolen a person’s identity.”

Other threats to ATMs

Kaspersky Lab has noted that compromising biometric data is not the only potential cyber-threat facing ATMs. According to them, hackers will continue to conduct malware-based attacks, as well as blackbox and network attacks to capture data that can later be used to steal money from banks and their customers.

 

 Handy tip: You can compare banking products on Justmoney by clicking here.

 

Recent Articles

Featured Are you entitled to your spouse’s pension after divorce?

Divorce means more than just parting ways with your partner. It may also involve parting ways with your assets. The Divorce Act states that your retirement fund forms part of your assets. This means that it will be considered when dividing up your assets.

Retrenched – what payments are you entitled to?

In the current struggling economic climate, retrenchments are a regular occurrence and not everyone survives the cut. If you find yourself on the receiving end of retrenchment you may have questions about the payments that are due to you.

Do you want to settle your debt?

You may be considering settling your credit account, whether it’s a credit card or various store accounts, now may be as good a time as any. This especially if you have saved, or you received a tax return or salary bonus. 

Can you afford a personal loan?

Taking out new debt is not always a choice. However, if you’re not pressed by a medical emergency or an unforeseen disaster, it’s worthwhile considering whether you can actually afford it. But what does it mean to “be able to afford a personal loan”? What percentage of your income should you not exceed dedicating to it? 

Deals

Eat for less on Tuesdays at Panarotti’s

Price: R59.99
When: Tuesdays
Where: Nationwide

Get discounts with Clicks ClubCard Seniors Programme

Price: Available on request
When: Daily
Where: Nationwide

Amani Spa Voucher Special

Price: R1000
When: Daily
Where: Cape Town, Jhb, and Port Elizabeth