As we can see from above discussions, biometric technology is far from mature as it is portrayed to be. In practice, it will inevitably commit various errors. These errors are likely to be compounded by the frequent absence of “fall-backs” in the event of identity theft (Wilson, 2005, p. 18). No security system is perfect, and a truly secure system always contains a well-functioning fall-back measure when critical breach happens. Generally, once a biometric is compromised, it is compromised forever. In the event of biometric identity theft, there would appear to be no alternative but to withdraw the user from the system.
It has been reported, though, that some research has shown it is possible to trans- form a biometric iris template so that it assumes a new format that is unique to a particular application. Thus, a template generated in a format corresponding to a particular application A could not be misappropriated and used to authenticate a user for application B.55 In addition, there also are reports about research on cancel-
lable biometrics.56 Instead of enrolling with your true finger (or other biometric),
the fingerprint is intentionally distorted in a repeatable manner and this new print is used. If, for some reason, your original fingerprint is stolen, an essentially “new”
fingerprint can be issued by simply changing the parameters of the distortion proc-
ess. This technology may enhance the security level of biometric technology, but several problems still remain:
• It might not protect against replay attack, if the attacker has copied the user’s actual biometric character (by, e.g., photographing the iris).57
• In the first method of using different formats in extracting the iris template, it
may mean some information is thrown away. If each template from the one character is different, then each template has fewer bits of entropy that it would have if it were only one. That is, each template is “fuzzy” and this has to erode the accuracy, leading to higher false match rates.58 Generally accuracy and
whole image are required for biometric identification.59
• These methods are still very much at experimental level, and are not ready for commercial deployment for the next several years.60
• It is not known for sure how much correlation there is between one template and another. If an attacker can get hold of a template (and/or the original bio- metric character) they may be able to predict what the next generated template will look like.61
Besides these problems, it is clear from many existing biometric applications and biometrics advocates that building up a centralised personal database with links to
identification and verification systems is supposed to be a fundamental part of the
whole biometric system. This also creates a great “honey net” for crackers. The implementation of a centralised system would require widespread access from
various remote locations. This may generate significant numbers of failures and
make the system prone to be cracked by “physically accessing one of the sites,
by finding some communication-based vulnerability, or by bribing or corrupting
someone with access to the system” (Kent, 2006).Through this access, identity theft
or alteration of data could be achieved without many difficulties. Moreover, with
such a complex centralised “security” system, a failure at one location is likely to cause cascading effects throughout the whole system. Such kinds of failures can be achieved either through a physical attack on the infrastructure or a cyber-attack.62
It has been noted that especially in the absence of costly dedicated networks, an Internet-based system would “inevitably be the target of malicious attacks as well as subject to unintentional or incidental damage”.63 In other words, the so-called
“security” system would actually generate less security and more vulnerability. Will it then be more secure to store the biometric templates in a portable device? It has been argued that the best method to avoid central storage and to be both secure and privacy friendly, is to store the biometric information on a portable device, such as a mouse, mobile, laptop computer, or smart card. However, this solution has been criticized as “a worrying gimmick, closely equivalent to writing the PIN on the back
of your credit card” (Wilson & Prints, 2004). A majority of commercial fingerprint
detectors can be fooled by replica prints. So if you lose your phone or smart card
a clever thief will find your biometric security information very conveniently left
behind all over the keypad (Wilson & Prints, 2004) A robust liveness detection system is needed to combat such fraud, yet in commercial practice, it remains uncommon
in fingerprinting systems (Wilson, 2005, p. 12–20).
Another major security concern is that biometric technology adds a new dimension to identity theft (Clarke, 2001). For instance, when a national ID card with bio-
metric identifier is used, the weaknesses of a card system may increase the risk of
identity theft. Criminals and others could masquerade as someone else at the point when the card is issued--this could become a very effective form of identity theft
(Neill, 2005). A widely used biometric identifier at various occasions may actually
facilitate easier identity theft at one place. Once this happens, it will be extremely
difficult to issue another biometric identifier or prove it actually happens. Although
some people argue that biometric technology will be a good solution for combating
identity theft, biometric identifiers will not solve the problem of identity theft facing
the elderly community. Biometric systems in use now are successful because the number of people enrolled is limited. When the system fails, human administrators
are available to assist in the authentication process. Creating an automated system on a national scale is beyond the capability of any of the existing technologies. Simply by merging the existing systems into a single central database would cause the reliability of those systems to be lost. Further, biometric databases would be
subject to new forms of abuse which may be more difficult to correct and will pose significant consequences for individuals whose biometric identifier is compromised
(Rotenberg, 2002).