Cameras can steal your fingerprints from a photo itself!

The tech industry is known for its herd-like following. When trend setter Apple introduced biometrics with fingerprint scanning for the iPhone, we didn't take too long to figure out that biometrics is the way forward for the mobile industry. Today, it is a standard among phone makers, including some phones priced well below Rs 10,000.

 

In fact, the government has been demanding phones priced as low as Rs 2000 to feature biometrics, which clearly could come at the cost of efficiency and a decent phone. However, the goal is to align biometrics as a security feature for mobile payments, and precisely Aadhaar-based biometric payment. 

 

Today, biometric technology is used in everyday life more often than before. Biometric identification technology exists and is widely adopted for both personal and business use. Besides, there is unique iris scanning technology and we've also seen laptops implement facial recognition technology. 

 

In a nutshell, the big shift to biometric-enabled security has already begun, and accelerating at a high speed. However, we cannot ignore the profound threats it brings in terms of privacy and security. 

 

The implications of simple things like a casual peace sign while being snapped could be worrisome. Now, that may sound weird, but it's true. Research by a team at Japan's National Institute of Informatics (NII), according to AFP, has warned users that high-quality cameras can easily copy the fingerprints in such photos. NII researchers were able to do so. So, think twice before casually making a peace sign in front of camera. 

 

Biometrics is a great way to avoid problems like identity theft and fraud, but that doesn't mean biometrics cannot be misused. In India, we barely talk about laws for biometric security. The legal status over if a person can store someone's biometric data without their knowledge is still unclear. 

 

Biometrics is touted as the most secure way to safeguard private information. But, on the other hand, it is believed to be more public. Alvaro Bedoya, Professor of Law at Georgetown University told Wired, “A password is inherently private. The whole point of a password is that you don’t tell anyone about it. A credit card is inherently private in the sense that you only have one credit card. I know what your fingerprint looks like if we have a drink and you leave your fingerprints on the pint glass."

 

In India, the buzz is around Aadhaar-based payment system that will allow users to pay with the tap of a finger. Deep penetration of smartphones could further give a boost to the biometric system. But, Aadhaar isn’t impeccable and the system could face identification issues. A BloombergQuint report, citing an official from UIDAI, points out the possibility of failures due to biometric mismatch. In the past 16 lakh Aadhaar authentication requests have failed, and there is a good chance that these vulnerabilities would be passed on to the digital payments method too. 

 

As the usage of Aadhaar and other mobile payment methods increases, there is a broader scope of problems like identity theft, on contrary to the belief that biometrics can curb identity thefts. And, once the biometric information is compromised, issues such as phishing and so on arise.

 

Moreover, the biometric data collected on the authentication device or say a merchant's smartphone can be stored, again risking your information in case of a breach.