Subscribe by Email

Your email:

Browse By Date

Biometric Security and Control Blog

Current Articles | RSS Feed RSS Feed

Can Biometrics Be Used to Thwart Identity Fraud?

  
  
  

Identity fraud is a crime that costs all of us.  As measures have been increased in recent years to mitigate identity fraud, so too has the level of sophistication of the fraudulent acts.  Persons that were dedicated to committing fraud had the upper hand for some time, but technology is now catching up to these predators.

The Case to Utilize Fingerprint Biometrics:

Fingerprint biometrics are a leading digital technology that can be utilized in digital identity authentication.  Those in a point of service setting that use fingerprint biometrics do so by scanning a customer's ID through a system and instructing the customer to use a keypad to match fingerprints with a stored fingerprint identity.  Fingerprint biometrics can help increase the chances that the person in front of you presenting an ID is that ID's true identity.  The result is an ability to capture and link fingerprints to a single ID record, which will increase fraud prevention and help ensure fraudsters do not attempt to use multiple identities.

The Case to Implement Biometric Verification:

Those in a point of service setting pay for fraud twice, once stemming from the initial act of fraud and a second time as a result of cost of goods, services and even insurance rates increases.  Biometric verification can help resolve the problem of ID fraud and provide the point of service person that the customer presented is the actual person represented on the ID.  The benefit of a biometric verification is that legitimate multiple IDs can be linked to a single person through one unique biometric fingerprint record.  The additional benefit is that this unique biometric fingerprint cannot be utilized in multiple fraudulent IDs.

Security Elements Needed for Acceptance of Fingerprint Biometrics:

A sound fingerprint authentication system needs to have inherent protection against a number of types of common attacks and other compromised situations:

  1. The system should enforce trusted attended enrollment to establish a chain of trust as to whose fingers were enrolled for any given UserID.  This cannot be accomplished by self-enrollment.
  2. The system should not allow any given fingerprint to be authenticated to identify more than a single User.
  3. The system should have a secure exception mode to support emergency access when no working device is available.
  4. The system should support a duress function for a limited subset of the User base.
  5. The system should adequately secure the biometric identifiers both at rest and in transit to prevent replay, man-in-the-middle and denial-of-service attacks.
  6. The system should be adaptable to a variety of authentication interfaces.
  7. The system should support interoperability of devices from multiple manufacturers.
  8. The system should allow for actual elimination of passwords, not just releasing them to an existing password-authentication mechanism.

Technologies and products do exist which enable secure biometric systems to be implemented that meet these criteria to significantly reduce identity fraud potential.

Comments

Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics