. While many financial institutions believe biometric solution for one of the most promising players of modern technology, criminals perceive them as a new opportunity to steal sensitive information.
ATMs for many years are in the crosshairs of scammers, hunting for data about payment cards. It all started with primitive skimmerów – Amateur przymocowywanych devices to ATMs that can steal information from the magnetic stripe card and PIN code through a fake keyboard, or webcam. Eventually fixed the appearance of such devices so that less conspicuous.
the Introduction of a card containing a chip instead of magnetic stripes has led to the fact that their cloning has become much more difficult, but not impossible. Skimmery evolved in the so-called shimmerów, whose functionality is the same as their predecessors, but they may collect information from the chip card. The response of the banking industry on the developments must be new methods, some of which are based on biometric technology.
the study of cybercrime, conducted by Kaspersky Lab shows that there are already at least twelve of the sellers offering skimmery able to steal fingerprints. Moreover, at least three vendors from the underground cyberprzestępczego conducts research on devices that can illegally obtain data from the systems of recognition palm veins and iris.
the First wave of biometric skimmerów was observed in the stage of “testing our” in September 2015. From evidence gathered by scholars Kaspersky Lab “, it follows that during the preliminary testing, the developers found a few bugs. However, the main problem was the use of GSM modules to transmit biometric data – they were too free to download huge amount of data obtained. Therefore, the new version skimmerów will use other, faster transmission technologies.
In communities cyberprzestępczych discussions are also continuing regarding the development of mobile applications on the basis of the mask on the face of the human. In the case of such applications, an attacker can upload a photo of the man posted on the social networking site and use their deceptive system of face recognition.
“the Problem with biometric data is that unlike password or PIN s, which can be easily changed in case of break-in, you change your fingerprint or iris image is impossible. So, if someone will get illegal access to data, reuse of this method of authentication will not be secure. Therefore it is extremely important the protection of such data and their transfer accordingly. Biometric data are also stored in modern passports and visas. Thus, if someone steals an electronic passport will be available to not only this document, but also biometric data of its owner. In principle, steal the identity of such a person,” said Olga Koczetowa, expert in it security, Kaspersky Lab.
No comments:
Post a Comment