Unlocking your phone with your face ID or fingerprint is undoubtedly convenient, but a potential security risk lies behind that quick glance or tap. While biometrics like facial recognition and fingerprint scanners add a layer of security, they are far from foolproof.
Using biometrics as a security infrastructure is not as unique as you may think. Here's why you might want to reconsider relying solely on your own body as the key to your digital life:
1. Fingerprints: Fingerprints can be lifted from surfaces you touch or replicated with the right materials. Online hackers can easily replicate same and use your information to carry out nefarious activities. They are also able to obtain your fingerprints through the photos you share online including social media.
Lukenn Sabellano/Unsplash
2. Facial Recognition: Advancements in 3D imaging and Artificial Intelligence can sometimes trick facial recognition systems with high-quality photographs or sophisticated masks. Hackers can obtain iris recognition from a picture using highly sophisticated equipment and software.
Gary Yost/Unsplash
When They're Compromised, They're Compromised for Good
Unlike a password you can change if stolen, your biometric data is permanent. If it's compromised, you can't just grow a new fingerprint, and once a hacker has your fingerprint or a usable image of your face, they could access other accounts linked to those biometrics.
Here are other reasons you may consider when using biometrics to secure your phone:
1. When You Can Be Compelled to Unlock: Legal Gray Areas: While legal precedent on this issue is still developing, there might be situations where law enforcement can compel you to unlock your phone with your face or thumbprint. Passwords often offer greater legal protection against this.
2. Dirty or Damaged Biometrics: Something as simple as a stained finger or smudged camera lens can prevent unlocking. Frustrated, users often revert to less secure methods like backup PINs out of convenience.
3. Public Spaces: Entering a password discreetly is easier than overtly using your face or fingerprint, reducing the chance of someone snooping.
Tips for Stronger Security: Here's how you can better protect yourself and your information.
Ed Hardie/Unsplash
1. Use a Strong, Unique Passcode: Yes, it's less convenient, but it's a lot harder to guess or lift from a surface.
2. Two-Factor Authentication: Supplement biometrics with a second authentication factor (like a code sent via text), adding another layer of protection. Alternatively, you can use Authentication software like Google Authenticator, Microsoft Authenticator, Duo Mobile, LastPass Authenticator, Okta Verify, amongst others, to generate authentication codes for logins.
3. Minimize What's on Your Phone: Limit access to highly private or sensitive accounts and data if you're concerned about unlocking methods.
4. Stay Informed: Security technologies and threats continue to evolve every day. Stay up-to-date on loopholes and best practices.
Biometrics can be useful tools, but they shouldn't be your sole line of defense for your smartphone. By understanding the limitations and supplementing their use with other security precautions, you create a more robust barrier against unwanted access to your private digital world.
