Successfully reported this slideshow.
Your SlideShare is downloading. ×

php[tek] 2018 - Biometrics, fantastic failure point of the future

Jun. 01, 2018
1 like 146 views
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
ConFoo Vancouver 2017 - Biometrics: Fantastic Failure Point of the Future
ConFoo Vancouver 2017 - Biometrics: Fantastic Failure Point of the Future
Loading in …3
×

Check these out next

Practical API Security - PyCon 2019
Adam Englander
Threat Modeling for Dummies
Adam Englander
ZendCon 2018 - Practical API Security
Adam Englander
ZendCon 2018 - Cryptography in Depth
Adam Englander
Threat Modeling for Dummies - Cascadia PHP 2018
Adam Englander
Dutch PHP 2018 - Cryptography for Beginners
Adam Englander
php[tek] 2108 - Cryptography Advances in PHP 7.2
Adam Englander
Biometrics: Sexy, Secure and... Stupid - RSAC 2018
Adam Englander
1 of 40 Ad

php[tek] 2018 - Biometrics, fantastic failure point of the future

Jun. 01, 2018
1 like 146 views

Download to read offline

Technology

This presentation attempts to prepare developers for the coming storm of biometric authentication. It is coming; for many, it is already here. Unfortunately, few of us have been prepared to select tools for utilizing biometric authentication properly. In this presentation, Adam Englander will express the special dangers of biometrics with regards to lifespan and storage. Due to the user's inability to change a biomteric, it is much more valuable to bad actors as the lifespan will undoubtedly exceed the lifespan of the cryptography. Any biometric database stolen today will likely be able to be cracked by the average computer in 20 years. This creates a unique problem many of us have not had to tackle before. We need a different mindset when thinking about biometrics. This presentation will try and give that much-needed perspective.

This presentation attempts to prepare developers for the coming storm of biometric authentication. It is coming; for many, it is already here. Unfortunately, few of us have been prepared to select tools for utilizing biometric authentication properly. In this presentation, Adam Englander will express the special dangers of biometrics with regards to lifespan and storage. Due to the user's inability to change a biomteric, it is much more valuable to bad actors as the lifespan will undoubtedly exceed the lifespan of the cryptography. Any biometric database stolen today will likely be able to be cracked by the average computer in 20 years. This creates a unique problem many of us have not had to tackle before. We need a different mindset when thinking about biometrics. This presentation will try and give that much-needed perspective.

Technology
Advertisement

Recommended

ConFoo Vancouver 2017 - Biometrics: Fantastic Failure Point of the Future
Adam Englander
171 views
26 slides
Biometrics - Fantastic Failure Point of the Future
Adam Englander
263 views
24 slides
Continuous Security
Equal Experts
505 views
28 slides
Kim
Knight Center
222 views
7 slides
The Top Password Security Trends
Cloudswave
1.1k views
35 slides
Assignment 3
Anne Petraro
3 views
63 slides
Cryptography for Beginners - Midwest PHP 2018
Adam Englander
230 views
94 slides
Cryptography for Beginners - Sunshine PHP 2018
Adam Englander
405 views
94 slides
Advertisement

More Related Content

More from Adam Englander (20)

Practical API Security - PyCon 2019
Adam Englander
316 views
Threat Modeling for Dummies
Adam Englander
227 views
ZendCon 2018 - Practical API Security
Adam Englander
310 views
ZendCon 2018 - Cryptography in Depth
Adam Englander
243 views
Threat Modeling for Dummies - Cascadia PHP 2018
Adam Englander
1.2k views
Dutch PHP 2018 - Cryptography for Beginners
Adam Englander
262 views
php[tek] 2108 - Cryptography Advances in PHP 7.2
Adam Englander
240 views
Biometrics: Sexy, Secure and... Stupid - RSAC 2018
Adam Englander
169 views
Practical API Security - PyCon 2018
Adam Englander
492 views
Practical API Security - Midwest PHP 2018
Adam Englander
270 views
Con Foo 2017 - Don't Loose Sleep - Secure Your REST
Adam Englander
231 views
ZendCon 2017 - Cryptography for Beginners
Adam Englander
689 views
ZendCon 2017: The Red Team is Coming
Adam Englander
327 views
ZendCon 2017 - Build a Bot Workshop - Async Primer
Adam Englander
332 views
Symfony Live San Franciso 2017 - BDD API Development with Symfony and Behat
Adam Englander
251 views
Coder Cruise 2017 - The Red Team Is Coming
Adam Englander
225 views
Don't Loose Sleep - Secure Your Rest - php[tek] 2017
Adam Englander
330 views
Build a bot workshop async primer - php[tek]
Adam Englander
212 views
Python and Docker
Adam Englander
197 views
Concurrent Programming in Python
Adam Englander
349 views
Practical API Security - PyCon 2019
Adam Englander
316 views
84 slides
Threat Modeling for Dummies
Adam Englander
227 views
56 slides
ZendCon 2018 - Practical API Security
Adam Englander
310 views
77 slides
ZendCon 2018 - Cryptography in Depth
Adam Englander
243 views
275 slides
Threat Modeling for Dummies - Cascadia PHP 2018
Adam Englander
1.2k views
58 slides
Dutch PHP 2018 - Cryptography for Beginners
Adam Englander
262 views
96 slides

Recently uploaded (20)

ShareChat's Journey Migrating 100TB of Data to ScyllaDB with NO Downtime
ScyllaDB
0 views
Quoram Blockchain Development
Mobiloitte Technologies
0 views
K7 Total Security Datasheet
K7 Computing Pvt Ltd
0 views
project.pptx
ThomasLalnuntluanga
0 views
Strategies For Migrating From SQL to NoSQL — The Apache Kafka Way
ScyllaDB
0 views
clg_assgn.pptx
AjayMishra617858
0 views
Hydroponics PPT.pdf
riswanrashid
0 views
WordPress vs Laravel.pdf
WPWeb Infotech
0 views
IT Consulting & Digital Transformation Solutions
Caprium .com
0 views
Optimizing ScyllaDB Performance via Observability
ScyllaDB
0 views
Metaverse Education.pptx
AnbuNesan1
0 views
K7 Total Security Datasheet
K7 Computing Pvt Ltd
0 views
Automating the Hunt for Non-Obvious Sources of Latency Spreads
ScyllaDB
0 views
OptiClean Product Specifications_tcm177-106163.pdf
Carriermalaysia
0 views
How Discord Migrated Trillions of Messages from Cassandra to ScyllaDB
ScyllaDB
0 views
Unlocking the Power of ChatGPT
Kristine Schachinger SEO and Online Marketing
0 views
B1(1).ppt
adelhlilou
0 views
Using ScyllaDB for Distribution of Game Assets in Unreal Engine
ScyllaDB
0 views
Integrating ScyllaDB with Quarkus
ScyllaDB
0 views
Codes.docx
RobeliaJoyVillaruz
0 views
ShareChat's Journey Migrating 100TB of Data to ScyllaDB with NO Downtime
ScyllaDB
0 views
17 slides
Quoram Blockchain Development
Mobiloitte Technologies
0 views
2 slides
K7 Total Security Datasheet
K7 Computing Pvt Ltd
0 views
2 slides
project.pptx
ThomasLalnuntluanga
0 views
27 slides
Strategies For Migrating From SQL to NoSQL — The Apache Kafka Way
ScyllaDB
0 views
31 slides
clg_assgn.pptx
AjayMishra617858
0 views
45 slides
Advertisement

php[tek] 2018 - Biometrics, fantastic failure point of the future

  1. 1. @adam_englander PHP[TEK] 2018 Wifi: Sheraton Conference Pass: phptek2018 Twitter: #phptek Rate the Talks https://joind.in/event/phptek-2018
  2. 2. @adam_englander Biometrics: Fantastic Failure Point of the Future Adam Englander, iovation @adam_englander php[tek] 2018
  3. 3. @adam_englander A Quick History of Biometrics
  4. 4. @adam_englander Fingerprint used to prevent forgery 2000 BC
  5. 5. @adam_englander Fingerprints used to solve crimes As early as 650 AD
  6. 6. @adam_englander Fingerprint Identification Mid 1800’s
  7. 7. @adam_englander Voice Recognition 1960s
  8. 8. @adam_englander Retina/Iris Scan 1980s
  9. 9. @adam_englander Facial Recognition 2000’s
  10. 10. @adam_englander Biometrics Are Sexy!
  11. 11. @adam_englander Sexy Like a Tesla
  12. 12. @adam_englander Transaction Complete
  13. 13. @adam_englander Biometrics Are Everywhere
  14. 14. @adam_englander Biometrics are Secure
  15. 15. @adam_englander Biometrics Are Inherently You
  16. 16. @adam_englander Biometrics Have No Bias –Keeper Security: The Most Common Passwords of 2016 https://keepersecurity.com/public/Most-Common-Passwords-of-2016- Keeper-Security-Study.pdf NEARLY 17% OF USERS ARE SAFEGUARDING THEIR ACCOUNTS WITH "123456."
  17. 17. @adam_englander Biometrics Can't Be Socially Derived
  18. 18. @adam_englander Biometrics Cannot Be Unknowingly Stolen
  19. 19. @adam_englander Biometrics Cannot Be Transferred
  20. 20. @adam_englander So, What’s The Problem?
  21. 21. @adam_englander 21.5 million records 2015
  22. 22. @adam_englander 3 billion records 2014
  23. 23. @adam_englander 78.8 million records 2015
  24. 24. @adam_englander 57 Million Records 2016
  25. 25. @adam_englander 143 Million Records
  26. 26. @adam_englander Biometrics are more valuable than passwords over time
  27. 27. @adam_englander Password lists drop in value quickly Early Yield 0 25 50 75 100
  28. 28. @adam_englander Biometrics will increase in value over time Long Haul Password Encrypted Biometric Plain Biometric
  29. 29. @adam_englander Biometrics must be better protected than passwords
  30. 30. @adam_englander Knowledge based entropy a.k.a. Private Biometrics
  31. 31. @adam_englander Visual Cryptography Veridium
  32. 32. @adam_englander Obfuscate the relationship to the biometric Hash the link with a knowledge item
  33. 33. @adam_englander Decentralized Biometric Stores
  34. 34. @adam_englander Which brings us back to…
  35. 35. @adam_englander Decentralized Biometric Store Mobile devices as secure stores on the periphery
  36. 36. @adam_englander Decentralized Isn't Just For Cryptocurrency
  37. 37. @adam_englander Decentralized Systems of Tomorrow
  38. 38. @adam_englander Questions?
  39. 39. @adam_englander Thanks to Our Sponsors
  40. 40. @adam_englander Rate This Talk https://joind.in/talk/7892b

×