Identity, Security, Payments, Biometrics, Smart Cards and Authentication News

Biometric hack unveiled

Wednesday, April 2, 2008

A UK-based hacker has demonstrated a man in the middle attack aimed at biometrics. Matthew Lewis, of London-based Information Risk Management, unveiled the biologging attack at a Black Hat hacker conference in Amsterdam.

Lewis says biometric data is vulnerable because it isn’t encrypted between the sensor and the processor, according to the story in Techworld. The biologger captures the biometric data while its in transit between the two.

“Organizations across a number of different sectors are beginning to implement biometric systems as part of their physical and logical access controls, while a number of these systems and devices are configured to integrate with existing infrastructures for ease of deployment, such as through the use of IP protocols,” Lewis said in a recent white paper on biologging. “It is properties such as this that we seek to explore and exploit as part of a proof of concept construction of a biologger.”

The attacks would still be difficult to carry out, with the main obstacle being insertion of the biologic into the network, Lewis said.

Read the full story here[end] 

Related Articles
Biometrics app wins Idea Transform Weekend competition

Sim-Prints’ biometrics app for improving patient care in the developing world won the first Idea Transform Weekend held in Cambridge, UK, reports Business Weekly.

With this mobile phone-based app, health care workers can collect and check patient information in a variety of environments. The project was developed by Shruti Badwar, Mariy Chhatriwala, Toby Norman for the Global Health Hack Day in March. James Crosby, Marcos Ikegame and Gail Mayhew joined the team for this competition.

read more »
Isis takes the longview

Mobile payments joint-venture Isis is taking the slow road to mobile wallet adoption, rather than going full steam ahead like rival Google Wallet, reports GigaOM.

read more »
Calgary pilots smart card payments for public transit

Calgary, Alberta is pushing forward with the anticipated summer launch of a new smart card payment system for public transit, according to the Calgary Herald.

read more »
NJ Transit reports 'overwhelming' success with Google Wallet

New Jersey Transit’s use of NFC payments with Google Wallet has been an “overwhelming and resounding success,” according to NJ Transit spokesman John Durson.

Introduced on the NJ Transit network in October 2011, Google Wallet enables riders to purchase tickets with the tap of an NFC-enabled phone at New York Penn Station, Newark Liberty Airport’s rail station and on 7 city bus lines.

read more »
Security breach at New York college puts credit cards at risk

If you want to use a credit or debit card at College of Brockport dining halls, forget it. Until the end of the school term, it’s mostly cash only due to a security breach which affected hundreds of credit and debit cards from students, staff and faculty.

read more »
Sprint launches Galaxy Nexus at $200 with Google Wallet

Sprint has set an April 22 launch date for the Samsung Galaxy Nexus, the network’s first NFC-enabled Android 4.0 smart phone with 4G LTE capability.

read more »

Copyright © 2012, AVISIAN, Inc. All rights reserved.