Biometrics — No Good for MFA
I missed last week weekly cyber weekly a week ago but not this week ! Was it weak ?
https://www.linkedin.com/pulse/i-missed-last-week-weekly-cyber-ago-weak-blanc-cyber-security/
I would like to comment on “8 — Apple Zero-Day Actively Exploited on iPhone” of this Weekly Cyber newsletter.
Apple could have made it clear that FaceID and TouchID were provided for better availability and convenience, not for security, and they should not be recommended where security matters.
This also means that biometrics must not be a component of two/multi-factor authentication schemes to be deployed for better security.
Curious? — Refer to “Biometrics in Cyber Space (2-minute video)
https://www.youtube.com/watch?v=wuhB5vxKYlg
Thanks, Alexandre BLANC Cyber Security
………………………………………………………………
PS Below is my reply to a reader’s comment on this message posted elsewhere.
Indeed! Being unique’ is entirely different to ‘being secret’. I do not understand how it was possible for those people to think of using ‘publicly-available information’ for the business that needs to be protected by secret information. Moreover, ‘being unique’ itself is dubious in view of the false acceptance which inevitably has to be very high where the corresponding false rejection is set to be very low, and vice versa.
Website — https://www.mnemonicidentitysolutions.com/
Digital identity blogs collected at https://www.linkedin.com/pulse/collection-digital-identity-comments-hitoshi-kokumai-posted-kokumai/
