|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ken Pfeil (Ken
infosec101.org)Date: Thu Jun 28 2001 - 14:09:14 CDT
> Just one more:
> You can't revoke a biometric key. If a BadGuy(tm) gets a
> hold of the digital representation of, say, your finger- he
> might be able to impersonate you. And poor you, you
> can't revoke your finger, right?
>
> Best Regards,
>
> Yonatan Bokovza
> IT Security Consultant
> Xpert Systems
You can revoke the enrollment of the fingerprint simply by clearing the
captured template from the
storage directory. I'd be more worried about someone getting hold of my
social security number than I would
fingerprint template that SHOULD be detected as a replay attack anyway...
My .002
Ken
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]