Well this is quite scary as biometrics are touted as the ultimate in security and two factor authentication with biometrics is about as ‘heavy’ as most places get.<\/p>\n
The fact that the biometric data can be ‘sniffed’ reconstructed and re-used…is worrying to say the least. Do any of you have biometric measures in your workplace?<\/p>\n
A British researcher has developed a biometric keylogger of sorts that can capture fingerprints required to unlock building doors or gain access to computer networks or other restricted systems.<\/p>\n
For now, the Biologger is a proof-of-concept aimed at showing the insecurity of many biometric systems, according to Matthew Lewis, who demonstrated the tool at last month’s Black Hat Amsterdam conference. But the researcher, who works for Information Risk Management, warns the attack could become commonplace if current practices don’t change and could be used to log images of retinas, facial features and any other physical characteristics used by biometric systems.<\/p>\n
“Biometric device manufacturers and system integrators cannot rely on security through obscurity alone for the overall security of their devices and systems,” he writes in this white paper<\/a> (PDF). “Without adequate protection of the confidentiality, integrity and availability of biometric access control devices and their data, the threat of “Biologging” activities within those enterprises employing such access controls is real.”<\/p><\/blockquote>\n