Guiding consumers since 2009

Biometric authentication may not be safe

By Jessica Anne Wood

It is common knowledge that skimmers and similar devices gather the data on your bank card when swiped through the machine, or even just placed near it. To combat this, a number of changes to bank security have been made, including the introduction of chipped cards, while these are harder to clone, it is not impossible. And it seems biometrics are no better.

A recent Kaspersky Lab report found that at least 12 sellers in the cybercrime world are already offering skimmers capable of stealing victims’ fingerprints.

“While many financial organisations consider biometric-based solutions to be one of the most promising additions to current authentication methods, if not a complete replacement for them, cybercriminals see biometrics as a new opportunity to steal sensitive information,” revealed Kaspersky Lab.

The technology

A Kaspersky Lab investigation discovered that there are at least three underground sellers who are already researching devices that could illegally obtain data for palm vein and iris recognition systems.

In September 2015, the first wave of biometric skimmers appeared in ‘presale testing’. However, evidence suggested that there were several bugs in the early designs, among them the slow transfer of the large volume of data obtained. Kaspersky Lab highlighted that due to this, new versions of these devices will use data transfer technologies.

Furthermore, there are indications of ongoing discussions in underground communities relating to the development of mobile applications based on placing masks over a human face, according to Kaspersky Lab. “With such an app, attackers can take a person’s photo posted on social media and use it to fool a facial recognition system.”

Olga Kochetova, security expert at Kaspersky Lab, highlighted: “The problem with biometrics is that, unlike passwords or pin codes which can be easily modified in the event of compromise, it is impossible to change your fingerprint or iris image. Thus if your data is compromised once, it won’t be safe to use that authentication method again. That is why it is extremely important to keep such data secure and transmit it in a secure way. Biometric data is also recorded in modern passports – called e-passports - and visas. So, if an attacker steals an e-passport, they don’t just possess the document, but also that person’s biometric data. They have stolen a person’s identity.”

Other threats to ATMs

Kaspersky Lab has noted that compromising biometric data is not the only potential cyber-threat facing ATMs. According to them, hackers will continue to conduct malware-based attacks, as well as blackbox and network attacks to capture data that can later be used to steal money from banks and their customers.


 Handy tip: You can compare banking products on Justmoney by clicking here.


Recent Articles

Featured What to do when you’ve been denied a home loan

After months of scanning property sites and attending showhouse after showhouse, you’ve finally found what you’ve been looking for. But your dream of owning a home comes crumbling down when you receive the news that you’ve been denied a home loan. So, what now?

Can your retirement annuity be used as collateral for a loan?

If you have a retirement annuity, you may have wondered whether you can use this as collateral when you take out a loan. We decided to do the leg work and find out whether this is possible or not.

Best travel cards offered by top South African banks

Planning a trip abroad involves a lot of administration. You need to consider travelling arrangements, reasonable accommodation, and a daily itinerary. But have you considered how you’re going to pay your bills once you arrive? Besides considering bank costs, you also need to consider exchange rates.

Best ways to save your money short-term

For many, it seems close to impossible to save when spending on holiday getaways, Christmas gifts, while also trying to ensure there’s money left to survive January. Justmoney takes a look at the best ways you can save during the short term.


Takealot January Big Sale

Price: Available on request
When: Until 31 January 2020
Where: Online

Annique Restore Package Special

Price: From R600
When: Until 31 January 2020
Where: Centurion

Ster-Kinekor Senior Citizens Discount

Price: Available on request
When: Daily
Where: Nationwide