Speaking at the AusCERT conference in the Gold Coast this week, Colin Whittaker said biometric technologies won’t be ready for use until at least 2016.
“We don’t think, at this moment [biometrics] are right yet,” Whittaker said in reference to the UK’s banking and payment industry. “Our gut reaction is that this technology is not yet mature to fit the purpose for face-to-face verification."
Whittaker said safety concerns are a big factor, and cited a BBC report about incidents of finger chopping in Malaysia - an act where criminals chop off fingers in order to access savings accounts and cars secured with finger recognition.
“If we put fingerprints as the replacement for PIN on the card, is that not fuelling crime?” asked Whittaker while also questioning the bank’s responsibility in such horrific cases.
“What would the bank’s responsibility be when it’s deploying technology that is actually putting customers in harms way?”
Even more concerning, fingerprints are often left all over cards all the time, so cybercriminals can easily recover the fingerprint he said
According to Whittaker, deciding between existing techniques such as fingerprint biometrics, iris recognition or voice recognition also contributes to the hold up.
“We actually don’t even know what biometric technology we would use. [Personally] we would be looking at the sort of things that the Japanese are doing, such as finger vein technology,” Whittaker said.
Meanwhile, iris recognition is no better, according to Whittaker who said it currently works poorly in the airports where it’s used.
Instead, he said the industry has to choose a biometric solution that will give the right quality of performance and stop people from getting through, such as voice based technology
“Let’s look at something more promising. Voice based biometrics are wonderful technology in its essence of what it's trying to do," he said. "We use people’s voices all the time."
"It’s a very exciting technology to consider despite the possibility of mispronouncing words but it’s starting to look more and more attractive providing it's used in conjunction with other technologies," Whittaker said.
However, it’s also not yet ready for prime time, he added.
Matters of standardisation and interoperability also concerned Whittaker.
“Can we do it in a standard way globally?" he asked.
Biometrics far from ready when it comes to authentication
By Negar Salek on May 23, 2008 4:21PM