[ISN] Firms' biometric records are 'insecure'

From: InfoSec News (alerts@private)
Date: Wed Mar 19 2008 - 22:13:42 PST


http://www.computerworlduk.com/management/security/data-control/news/index.cfm?newsid=8058

By Computerworld UK reporter
March 18, 2008

The growing use of biometrics to identify individuals is "insecure and 
in need of immediate attention", according to an IT systems company.

Fujitsu Siemens said biometrics is increasingly being used in the 
business world to verify whether individuals really are who they say. By 
2013, Fujitsu Siemens predicts biometric identity technology will be so 
widespread in the private sector that the number of people included 
would rival that of the proposed national ID schemes.

Within five years, 95 percent of the UK population will be identifiable 
through biometrics and other means.

But the tracking and monitoring of people could be a risk if security 
controls were not tightened up, the IT company said.

"From a security perspective, we have already seen that criminals can 
create a number of different personae for themselves and more methods of 
identification means more openings for them. Whether it's issued by a 
company or a government, once an individual can associate their 
biometric characteristics with an identity, they effectively own that 
identity," said David Pritchard, senior technology analyst.

"People are already carrying around several identifying documents or 
artefacts car keys, passports, driving licences, bank cards," said 
Pritchard.

"Biometrics are being added to these items, making them uniquely 
identifiable and traceable to the individual."

The government recently commissioned a report in which former banker Sir 
James Crosby said that within five years people were likely to be 
carrying several biometric identifiers. In the report, Crosby called on 
the government to work with banks to create a universal ID assurance 
scheme, led by the private sector, which would result in a more secure 
system.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Wed Mar 19 2008 - 22:28:46 PST