Reply to post: Re: "Biometrics." It's a security "feature"

Biometric data stolen from corporate lunch rooms system

Anonymous Coward
Anonymous Coward

Re: "Biometrics." It's a security "feature"

I've worked on biometrics.

Rule 1 is to NEVER, EVER even transport the raw data - you pre-process at the point of collection.

You hash and encrypt before transport, if possible salted, and salt the storage yet again. That way, only your local interpretation of the biometrics can ever leak, and that cannot be used to reconstruct the raw source data for use somewhere else. Anyone doing it differently should get hit with the maximum possible fines, something that will make new incoming EU privacy laws extra interesting.

That goes for fingers, eyes, face geometrics, rectal scans, gait analysis* - the works. Not mentioning voice prints because they're too easy to replicate to be of any use (natural variation alone already mandates significant forgiveness in what you accept, rendering it pointless).

* No, gait. Not goat. That's still "something you have" :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019