Tim points us to a fascinating article by Ben Goldacre on faking fingerprints. This is not particularly new – the idea has been around for a while. Indeed, I recall reading about the technique pretty much as soon as the execrable Big Blunkett first came up with his abhorrent “entitlement” cards scheme. However, Goldacre serves to remind us that ministers who continue to spout “biometrics” as if they are, somehow, a panacea to their inability to cope with the simplest of data management are lying, deluded or ignorant.
Sometimes just throwing a few long words around can make people think you know what you’re talking about. Words like “biometric”. When Alistair Darling was asked if the government will ditch ID cards in the light of this week’s data cock-up, he replied: “The key thing about identity cards is, of course, that information is protected by personal biometric information. The problem at present is that, because we do not have that protection, information is much more vulnerable than it should be.”
Yes, that’s the problem. We need biometric identification. Fingerprints. Iris scans. Gordon Brown says so too: “What we must ensure is that identity fraud is avoided, and the way to avoid identity fraud is to say that for passport information we will have the biometric support that is necessary.”
Alastair Darling and Incapability Brown are not the only ones. Their sock puppets come out with the same ignorant bollocks (although what this discussion has to do with the original post about football, I don’t know):
…if all a fraudster needs is a few details like name, address, bank sort and account number, NI number and they can obtain loans etc in your name. It says to me that the system is wrong. Surely this info should not be enough? When I see supermarkets in Germany where customers pay with their fingerprints (and this makes it more secure for both) I think surely we can make it a bit harder for the fraudster and biometrics seem ideal for this task. The biometric pin seems a good idea.
Sure. If you want to. However, if these things take off, then don’t be too surprised when the criminal fraternity breaks the system. They could use the Goldacre method for capturing prints:
Tsutomu Matsumoto is a Japanese mathematician, a cryptographer who works on security, and he decided to see if he could fool the machines which identify you by your fingerprint. This home science project costs about £20. Take a finger and make a cast with the moulding plastic sold in hobby shops. Then pour some liquid gelatin (ordinary food gelatin) into that mould and let it harden. Stick this over your finger pad: it fools fingerprint detectors about 80% of the time. The joy is, once you’ve fooled the machine, your fake fingerprint is made of the same stuff as fruit pastilles, so you can simply eat the evidence.
Or, if you have neither the time nor inclination, you can be a little more brutal:
But what if you can’t get the finger? Well, you can chop one off, of course – another risk with biometrics.
The downside of this is that the victim will be aware of the theft, so the usefulness of the finger is going to be limited. For the victim, of course there is the matter of having had the biometric identifier compromised, it can never be un compromised – not to mention the loss of dexterity. It is for this purely pragmatic reason that I am opposed to any system of biometric shopping. I can change a PIN at will, just as I can change a password, so, if compromised, I can limit my losses. Once lost or compromised, a fingerprint is compromised forever.
Goldacre goes on to explain just how simple it is to steal a fingerprint without the owner being aware of it:
But there is an easier way. Find a fingerprint on glass. Sorry, I should have pointed out that every time you touch something, if your security systems rely on biometric ID, then you’re essentially leaving your pin number on a post-it note.
You can make a fingerprint image on glass more visible by painting over it with some cyanoacrylate adhesive. That’s a posh word for superglue. Photograph that with a digital camera. Improve the contrast in a picture editing program, and print the image on to a transparency sheet, then use that to etch the fingerprint on to a copper-plated printed circuit board (it sounds difficult, but you can buy a beginner’s etching set at Maplin for £10.67). This gives an image with some three-dimensional relief. You can now make your gelatin fingerpad using this as a mould.
I like the analogy of leaving one’s password on a post-it note. It really is that insecure. Only the technologically illiterate will believe that this is a suitable mechanism of security in a mass market. In a limited population (such as a workplace) then, yes, it has its uses. But for securing the financial information – or, if ministers get their way, personal and private information – of a whole population, such reliance on immature and unreliable technology is pure bullheadedness in the face of the evidence.
Neil in the same discussion accuses me of being obsessive:
As for this obsession with cutting off fingers – it is you that is not using common sense. By the time the criminal has made his elaborate finger moulds – the biometric pin would have been changed. Anyhow most muggers might opportunistically nick a wallet or even drag someone to the cashpoint with a knife – but cut their fingers off for a small chance of a few quid – no way.
Sigh… I am not the one touting biometrics as a panacea. Neil is also assuming that muggers will always behave rationally. They behave irrationally for a few quid now, why should they change in the future?
Security is best achieved with simple methods. Robust alphanumeric passwords (preferably not involving proper nouns), for instance. Keeping information in separate compartments, so that a compromise causes limited damage. Frankly, I am not happy with the supposedly secure Chip ‘n’ PIN as this places the onus back on the customer – like that was never intended…
While my objection to the government’s obsession with our personal information is, indeed a moral one, my objection to giving biometric information to private companies is a consequence of choice based upon pragmatism.
If you want to take advantage of fingerprint technology to simplify your shopping, then go ahead, be my guest. Just bear in mind that it is not a guarantee of security. I trust also, that you will understand why I choose not to engage…
Incidentally… My new Toshiba notebook has a fingerprint scanner much like the unsued one on my iPAQ. I gave up with the iPAQ one as it was so unreliable. I have to admit, the technology on the Toshiba is vastly improved and seems to be reliable. However, having played with it for a bit, I don’t use it; preferring a simple (well, not that simple) password. If someone does decide to mug me for the computer, at least they won’t need to have my fingerprints too.
“…but cut their fingers off for a small chance of a few quid – no way”
Oh, really?
The thing that really sickens about toadies like Neil is that you know quite well that if these things were being proposed by a Tory government he would be utterly opposed to them (as indeed Labour themselves were, when in Opposition). Basically, he’s without any guiding principles beyond ‘Labour good, Tories bad’. It’s pathetic. And despicable.
That story was the one I was thinking of… Thanks for the link.
The writer Michael Marshall Smith has foreseen this. In one of his books a small-time criminal wants some untraceable cash, so visits a purveyor of illegal but interesting things of this nature.
One such item is a finger, detached from its previous (and now extremely deceased) owner and attached to a mini life support unit. Said finger can be used to access the biometric cashpoints of this future time, until such time as the deceased’s relatives get wind of the scam and freeze the account.
If you use a biometric which cannot be rescinded such as an iris scan (film the iris and replay the film at high resolution to any biometric scanner) or a fingerprint, then you are asking some fraudster to copy the biometric, sequester the victim if at all possible in some way (and by sequester I mean imprison or kill) then go away merrily using the biometric to exploit the victim’s account.
Biometrics are only any good if accompanied by some other secret key, one which CAN be changed. They’re only good as confirmation, not as the entire key. The sooner politicians realise this, the better.
Yet, for all that, ministers and their toadies (love that expression) still spout “biometrics” as if it is a cure all, rather like a bottle of Dr Good’s snake oil. In the discussion, Neil now tells me that thieves will not take all of someone’s biometrics. That’s good, if they chop off my thumb, at least I have another one, eh? Nice caring folk these socialists…