biometrics authentication not entirely secure?

_act_

hero member

Activity: 868

Merit: 1094

Quote from: NotATether on February 07, 2023, 06:09:36 AM

No

Biometric auth is, among other things:

1. Fingerprints
2. Iris scans
3. Facial recognition

Deepfakes obviously cannot replicate fingerprints. The irises in deepfakes are also too small to be detected by a camera (and even then, it can trivially detect its presence on an electronic screen, thereby defeating those attempts to break in. Same with facial recognition).

The only thing deepfakes are, are a nuisance to politicians and public figures.

But person's finger can be cut, it can be used.

The person's eyes can be removed for the purpose.

The person's face can be used with force.

If it is just password or pin, it is from the mind and no one may know it expect the person, unlike biometry that makes it easier to steal something from someone.

Do not forget that someone's fingerprint can be gotten too. Also if you are sleeping, I may become your enemy and use your finger to unlock your phone and your wallet and steal from you and I will be able to and become your friend again, not knowing of the evil work that I have done until you see it, but you never known who did it.

You are right with what you said but biometrics are not recommended in security than password or pin.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

Quote from: kamvreto on February 05, 2023, 05:35:42 PM

Deepfake technology has the potential to create highly realistic video and audio that can be used to bypass biometric authentication systems.

No

Biometric auth is, among other things:

1. Fingerprints
2. Iris scans
3. Facial recognition

Deepfakes obviously cannot replicate fingerprints. The irises in deepfakes are also too small to be detected by a camera (and even then, it can trivially detect its presence on an electronic screen, thereby defeating those attempts to break in. Same with facial recognition).

The only thing deepfakes are, are a nuisance to politicians and public figures.

Z390

sr. member

Activity: 714

Merit: 296

Cashback 15%

Do you even know what biometric authentication is? If you know what it is then you won't ever think that it can be hacked, thats impossible.

Biometric authentication involves using some part of your physical makeup to authenticate you. This could be a fingerprint, an iris scan, a retina scan, or some other physical characteristic.

I have never seen or heard that someone fingerprint was hacked, unless your hand is cut off with a machete, or we are talking about passwords here. Even in movies they either use a latex on a fingerprint to copy it or some kind of fingerprint stealing scanner.

Leviathan.007

hero member

Activity: 1582

Merit: 722

Leading Crypto Sports Betting & Casino Platform

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

Was thinking about how bitcoin and crypto currency can be made more secure using biometrics authentication though some of the biometrics are easily hacks but it's depends to the uniqueness to a particular individual but still yet all biometrics can be hacked even iris and retinal scanning.
There are several ways which this can be done :

By using fake generated biometrics
Stealing someone's biometrics from database

using deepfake technology
finding means of bypassing biometrics check

Will like to know though if biometrics authentication can be made more secure

If you ask me as a developer who used biometric authentications in many services I can say in the first place biometric authentications weren't made to be super safe for users and the services provider its just an authentication method to make things easier for the people who want to pass the authentication phase of systems so instead of using patterns of using a password they can use their fingerprint or face shape or even their eyes to make the authentication easier for them not safer so I don't expect a lot from it.

franky1

legendary

Activity: 4214

Merit: 4458

biometric security is not a flaw of technology. its the flaw of biology

if you want to use fingerprints. .. hope you dont get your thumbs messed up with scars later in life

if you want to use retinal scans. .. hope you dont get your eyes messed up with cataracts or other eye diseases later in life

many sophisticated tech dont just take 1 scan 10 years ago and compare it to todays biology. they do instead take a scan and then with each next read/scan compare the two to a high probability of a match, to gain access and then use said new scan as the comparer for the next. thus updating, incase of change of biology, to reduce the variances of life/biological changes over time which can cause access lock-outs

but beware, some greedy people that can access to steal your funds via some bio scan. can go old-school and just take your thumb. or threaten you to get your eye scanned..
(yea people are murdered for alot less)
greed and scumbags are a flaw of biology. and no code can change that

yazher

hero member

Activity: 2184

Merit: 585

You own the pen

I think biometrics is just one way to secure your funds in an exchange like Binance and most of the time they will gonna send your confirmation text message with codes to finalize your transactions. If they only have the biometric data, they cannot do anything with your funds in the exchanges anyway, also most of the exchanges nowadays have tightened their security features and when you only have a few amounts of cryptocurrencies in those exchanges, you don't really need to worry much except when you are holding a huge amount of cryptocurrencies.

aylabadia05

hero member

Activity: 1512

Merit: 768

Everything online is not completely secure including biometric authentication even if it's designed to be as good as possible.
Hackers have the ability to have advanced knowledge that we don't have.

I'm trying to understand the meaning of what you're writing, it's probably related to the seed phrase. So don't store Bitcoin in a centralized exchange wallet even if the exchange has a big name. Not only could the asset be lost but it could be frozen.
One of the most secure storage efforts lies in offline storage.

Ucy

sr. member

Activity: 2576

Merit: 401

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

Was thinking about how bitcoin and crypto currency can be made more secure using biometrics authentication though some of the biometrics are easily hacks but it's depends to the uniqueness to a particular individual but still yet all biometrics can be hacked even iris and retinal scanning.
There are several ways which this can be done :

By using fake generated biometrics
Stealing someone's biometrics from database

using deepfake technology
finding means of bypassing biometrics check

Will like to know though if biometrics authentication can be made more secure

Biometric authentication can be made more secure if you could only store the hash and well encrypted biometric data in decentralized system after the data has been verified and linked to a user. I prefer the verification to be done peer-to-peer in at a physical location by randomly selected verifier, or done online via a split method I illustrated in the past. The first method requires a user & the verifier to be physically present in a safe location or location authorized by a Decentralized Community. Once the verification is completed offline with special equipment or equipment own by the biometric owner (this's to ensure the the data only remains with the owner or never copied by the verifier), the data is hashed, properly encrypted and stored on the decentralized system. But if you don't want to store the data on the shared system you can store only the hash.

You can use the verified data for online/offline authentication.

_BlackStar

legendary

Activity: 1064

Merit: 1228

Quote from: Sarah Azhari on February 06, 2023, 02:42:09 AM

I just look at the movie spy on how the cheater triking biometrics authentication on system security. And, I still don't know today if that is true, because we know the movie is full of drama and intrigue. So, If biometrics authentication is not secure, why does the big company still continue to use it for the system?.

If not save, we can't see the phone, bank and other company use it for the system now,

We do not worry, AI is create by human, certainly not smarter than creator. So if we think biometrics authentication can cheat by AI, it's just your imagined after watch a sci-fi movie.

I don't know how secure my wallet is when I enable biometric authentication as a security measure. I tend to think about the risk of device damage or maybe the risk of losing the device rather than the expected security. I may prefer to remove the wallet from my android as way to minimize risk, but only after I have backed up the private key or wallet seed and stored it in a safe place.

But what is clear, every security measure made must have its own vulnerabilities to solve. To be honest, I don't know if this biometric authentication can be broken, but maybe someone can practice it on their respective android manually. After all there are many ways to fake fingerprints and some people may have duplicated them for some reason. Youtube can give you some information about it.

Sarah Azhari

hero member

Activity: 868

Merit: 737

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

Was thinking about how bitcoin and crypto currency can be made more secure using biometrics authentication though some of the biometrics are easily hacks but it's depends to the uniqueness to a particular individual but still yet all biometrics can be hacked even iris and retinal scanning.
There are several ways which this can be done :

By using fake generated biometrics
Stealing someone's biometrics from database

using deepfake technology
finding means of bypassing biometrics check

Will like to know though if biometrics authentication can be made more secure

I just look at the movie spy on how the cheater triking biometrics authentication on system security. And, I still don't know today if that is true, because we know the movie is full of drama and intrigue. So, If biometrics authentication is not secure, why does the big company still continue to use it for the system?.

If not save, we can't see the phone, bank and other company use it for the system now,

We do not worry, AI is create by human, certainly not smarter than creator. So if we think biometrics authentication can cheat by AI, it's just your imagined after watch a sci-fi movie.

xSkylarx

hero member

Activity: 2352

Merit: 593

There are still a lot of things to discuss here, not just those bullet points you stated, as it is almost the same as how they hack our wallets with passwords. Biometrics could be used, but only in the 2nd layer of protection, meaning that after entering the password, it needs 2FA, and after that, biometrics, but the problem is that some people are lazy, and those processes to open the wallet are a lot. Biometrics alone can't be implemented only one as it would be easy for the hacker to get, but if it has another layer of security, it would be good.

DaveF

legendary

Activity: 3458

Merit: 6231

Crypto Swap Exchange

There is a lot of wiggle room here.
Consumer grade biometric things are not secure think cell phone, cheap fingerprint scanner for door access.
There are better ones that you can get for securing physical access to things but they get expensive quick (read $1000s and $1000s)

But, as a 2nd form of security for small amounts of crypto they are fine. You should not store any life altering amounts of money with just that as security.
The amount will vary person to person. What I care a lot about and consider life altering amounts of money is what Bill Gates would not waste his time looking for if he did not remember where he left it YMWV on the amount. But it's all the same in the end for using fingerprint or face recognition for security.

-Dave

Hispo

legendary

Activity: 1162

Merit: 2025

Leading Crypto Sports Betting & Casino Platform

Quote from: GreatArkansas on February 05, 2023, 09:06:45 PM

I think biometrics authentication we have now on some cryptocurrency software or apps is only for local device, it will be only secure you to someone using your device to do something on app that where you set up the biometrics authentication, overall if your private keys, password, email that connected to some apps or software are compromised, your biometrics authentication is useless.

I was about to mention it.
Even if there was a decentralized way to apply biometrics within the blockchain for authentication and security purposes, still people would not feel comfortable with such data being out there, so a way to solve it could be encrypt it with our own private keys.
However, that would bring us to the beginning of the issue: we already use private and public keys so verify our identity, so it is pointless to add the biometrics aspect in that manner.

GreatArkansas

legendary

Activity: 2282

Merit: 1344

Buy/Sell crypto at BestChange

I think biometrics authentication we have now on some cryptocurrency software or apps is only for local device, it will be only secure you to someone using your device to do something on app that where you set up the biometrics authentication, overall if your private keys, password, email that connected to some apps or software are compromised, your biometrics authentication is useless.

PX-Z

hero member

Activity: 1428

Merit: 836

Top Crypto Casino

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

Was thinking about how bitcoin and crypto currency can be made more secure using biometrics authentication though some of the biometrics are easily hacks but it's depends to the uniqueness to a particular individual but still yet all biometrics can be hacked even iris and retinal scanning.
There are several ways which this can be done :

It's secure but not unhackable, well everything is, but it All depend on the practice on how it can be implemented and it needs another layer of security. Software dependent on biometric security is probably easy to get compromised.

theskillzdatklls

hero member

Activity: 1328

Merit: 563

MintDice.com | TG: t.me/MintDice

Biometrics are absolutely not a good end all be all solution. Perhaps as part of a 2FA, it could be considered. But you posted the drawbacks. They can be stolen from people, then what?

I think really what society needs are two major fundamental solutions. Cold storage for people sophisticated enough to do this and accept the risk with doing so. And custodial (banking) type solutions for people that are not.

Similar to how someone can have cash in their position if they want to or use the banking electronic system if they want to.

kamvreto

legendary

Activity: 1946

Merit: 1157

Undeads.com - P2E Runner Game

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

~snip~

using deepfake technology

Deepfake technology has the potential to create highly realistic video and audio that can be used to bypass biometric authentication systems. In this case, a deepfake can manipulate video or sound so that the biometric authentication system is unable to distinguish between genuine and fake.
To avoid this problem, it is important to use more sophisticated biometric recognition technologies and verify user identity with other authentication methods, such as multi-factor validation. The system should also have mechanisms in place to monitor and identify abnormal behavior, such as hacking attempts or unauthorized access.

This shows that while biometric recognition technology can be a secure and practical solution for authentication, it is important to continuously monitor and update the technology and ensure that security systems are kept up-to-date and effective.

pawel7777

legendary

Activity: 2436

Merit: 1561

Quote from: hugeblack on February 05, 2023, 03:56:51 PM

When you say safer, what do you mean? What does it mean that the private key is encrypted using your biometrics? Or encrypt the password so that decryption is done using biometrics or just a tool to unlock the wallet using your biometric data? or create wallet seed using your biometrics?

There are a lot of wallets that you can unlock or decrypt using a fingerprint or eye, but the question is how can this enhance protection?

Biometrics could work well but only as a second layer of security (i.e. as a 2FA), but generating wallets from fingerprints or eye scans is probably a horrible idea. They could be easily replicated, or you could lose access to it i.e. if you burn or cut your finger, leaving scars that change your prints etc.

eaLiTy

hero member

Activity: 2814

Merit: 911

Have Fun )@@( Stay Safe

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

Was thinking about how bitcoin and crypto currency can be made more secure using biometrics authentication though some of the biometrics are easily hacks but it's depends to the uniqueness to a particular individual but still yet all biometrics can be hacked even iris and retinal scanning.

The biometric security is safe as long as the company storing the data is well calibrated to avoid any major hacks. If you are planning to securely store your cryptocurrency, always go for a hardware wallet or a cold wallet rather than storing your coins in any online wallet in your mobile, it is not secure even with biometric facility as it is easier to hack a mobile and hijack your biometric data stored in it.

un_rank

hero member

Activity: 644

Merit: 661

- Leo -

Quote from: Amphenomenon on February 05, 2023, 01:46:02 PM

Will like to know though if biometrics authentication can be made more secure

Bio-metrics is an insecure way of protecting your assets, it provides less security than a password or a pin. Bitcoin does not need biometric authentication to become more secure, so we do not need to discuss ways to make it more secure.

Explore existing ways to make bitcoin more secure such as avoiding electronic back ups, using fully airgapped device and generating keys safely.

- Jay -

Topic: biometrics authentication not entirely secure? (Read 175 times)