Biometrics is to Password what Back door is to Front door

Let me try to make the relation of a biometrics and a default password clearer with the picture of a house with a front door of a deterministic password system, to which a back door of a probabilistic biometrics system was added as another entrance.

Residents are required to use the seemingly-convenient back door as the first choice for entry, until they get falsely rejected there. The residents rejected by the probabilistic biometrics authentication at the backdoor would be required to try the front door of a deterministic password authentication. The correct residents with correct memory will enter the house.

If the one-door house was not secure enough in the first place, the two-doored house is made even less secure. Bad guys, who are now given the chance to break the back door as well as the front door, can enjoy an increased attack surface., i.e., lowered defense.

Now, we have thus reconfirmed that the claim that biometrics contributes to identity security is falsity.

Ref: “What’s driving those people to keep spreading the biometrics misinformation”

Incidentally, what ‘being probabilistic’ means is that it cannot escape the trade-off between False Acceptance (false positive/false match) and False Rejection (false negative/false non-match) and therefore it cannot be used on its own without sacrificing the availability, whereas ‘being deterministic’ means that it can be used on its own.

Key References

“What we need to do for NOT achieving Solid Digital Identity”

Removal of Passwords and Its Security Effect

Negative Security Effect of Biometrics Deployed in Cyberspace

External Body Features Viewed as ‘What We Are’

Additional References

For Achieving Solid Digital Identity on Information Security Buzz (Mar/2021)

What We Know for Certain about Authentication Factors

Digital Identity for Global Citizens
Image-to-Code Conversion by Expanded Password System

Summary and Brief History — Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

Account Recovery with Expanded Password System

History, Current Status and Future Scenarios of Expanded Password System

Availability-First Approach

Update: Questions and Answers — Expanded Password System and Related Issues

< Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Digital Identity for Global Citizens (10minutes — narrated)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space — “below-one” factor authentication

Advocate of ‘Identity Assurance by Our Own Volition and Memory’, Inventor of Expanded Password System and Founder of Mnemonic Identity Solutions Limited in UK.