Password Protection, Biometrics, Technology

The usage of passwords to protect against privacy infringements and identity theft is virtually universal. Using one to log into an e-mail account, bank account, social networking site, even your computer itself, is common. While some password users stick to tried, true and predictable favorites, such as “1234” or “password,” others go through great pains to construct some that are long, incorporate both letters as well as numbers and are hard to guess.The usage of passwords to protect against privacy infringements and identity theft is virtually universal.  Using one to log into an e-mail account, bank account, social networking site, even your computer itself, is common.  While some password users stick to tried, true and predictable favorites, such as "1234" or "password," others go through great pains to construct some that are long, incorporate both letters as well as numbers and are hard to guess.  Either way Americans are increasingly finding that their passwords are being hacked.  Accordingly, markets are responding with technologies that are newer and harder for identity thieves to penetrate.  Biometrics and contactless smart card technology appear to be two of today’s frontrunners.

Biometrics.org defines biometrics as "automated methods of recognizing a person based on a physiological or behavioral characteristic. Among the features measured are face, fingerprints, hand geometry, handwriting, iris, retinal, vein, and voice."  While some types have high failure rates, generally speaking the future of biometrics appears to be promising.

Because passwords can be easily obtained through new ways (hacking software) and old (peering over your shoulder at a local coffee shop while you check to see if a payment to your Visa card has posted), biometrics is thought to provide greater security by procedures termed "enrolling" and "testing."  To "enroll," an employee, for example, will have to submit to a retinal or fingerprint scan.  To "test," the employee will then have to present his eye or finger on an electronic pad to see if the traits inherent to his body match with the data that was stored during the "enrollment" stage.  When a match occurs, access is allowed.  Conversely, when no match occurs, access is denied with the possibility of even greater security measures getting triggered.

Like biometrics, contactless smart technology may be the way of the future.  According to Smartcardalliance.org, it includes "an embedded smart card secure microcontroller or equivalent intelligence, internal memory and a small antenna and communicates with a reader through a contactless radio frequency (RF) interface."  When a smart card is put within a close-enough proximity of its attendant reader (for example, a transit toll pass), a series of events occurs.  First, in order to activate the chip built into the card, there must be a transfer of energy.  Second, a clock signal transfer begins.  Lastly, data gets transferred to and from the contactless card.

Some key attributes of it include: identifying itself to the user who will then have to identify herself as well; preventing eavesdropping by encrypting stored data; presenting great difficulty with regard to replication and, implanting a personal firewall for a given individual who only wants certain information released upon specific request.  

Noting the limitations of both potential password replacements and/or supplements is important, however.  No technology is flawless.  Engineering students have been able to mold fingers similar enough to human ones such that they have been able to thwart biometric finger scanning technology.  Additionally, while contactless smart cards usually have added metal layers to further protect sensitive information, they, too, have been hacked by particularly technologically savvy criminals.  

While the future indubitably holds many possibilities with regard to keeping one's information safe, current safety precautions are still among the most effective.  Being aware of phishing scams, refusing to speak your Social Security Number over the phone to a person who claims to be calling from a credit card company or governmental agency and keeping up with annual credit checks are just a few ways Americans can self-protect against identity theft.  Also, obtaining identity theft prevention services such as ID SECURE provides added peace of mind by detecting the worst types of fraud and preventing unauthorized accounts from being opened in your good name.  Lastly, creating complicated passwords and changing them periodically is a good way to reduce the likelihood of identity fraud.