Biometrics, which includes fingerprints, voice recognition, facial recognition, or retina identification, is a way to measure a person’s biological characteristics. It has found widespread applications in identity authentication, forensics, and other areas. However, systems dealing with biometric data also come the radar of cybercriminals due to the sensitive nature of the data.
The wide use of biometric data
Biometric data is used widely by government agencies and special services such as police or customs to simplify their investigation process. Besides this, the data has become a part of our everyday lives as it has replaced the traditional authentication methods such as those based on logins and passwords.
With so many applications and software relying on the biometric-based process for authentication, it has raised serious security concerns in the cybersecurity world.
How widespread is the threat?
According to Kaspersky researchers, around 37% of computers that perform the functions of collecting, processing and storing biometric data had suffered malware attack attempts in the third quarter of 2019. This indicates that one in three computers was at risk of malware infection.
The malware in question included spyware and RATs which accounted for 5.4 percent of all computers analyzed. This was followed by malware used in phishing attacks (5.1 percent), ransomware (1.9 percent) and trojans (1.5 percent).
Common threat sources
Exposure of biometric systems to cyber threats poses a huge risk for both the service provider and the people who have entrusted them with their biometric data. With a vast trove of identification data available in biometric databases, it is high time for data processing organizations to enhance the security of their critical systems that handle, store, and process such data.