November 3, 2016 — Banking biometrics: hacking into your account is easier than you think
This Financial Times article discusses why fake fingerprints, selfie masks and voice tapping mean the wealthy should be worried. With comments from NuData’s Robert Capps.
Anyone who has ever struggled to remember the password for their banking app or fumbled with a card-reading device can appreciate the sheer joy of using their fingerprint, voice or face to access their bank account quickly via their smartphone. Most big high street lenders now use the latest biometric technology to give customers a more convenient way to check their account balance or make payments. However, one big question remains unanswered: is it safe? A cyber security expert from consultancy NCC recently visited the Financial Times to give a demonstration of how to hack into a smartphone’s biometric authentication software. Matt Lewis, NCC research director, showed how to make a copy of his own fingerprint using wood glue, candle wax and a printed circuit board that allowed your correspondent to hack into his smartphone.
Robert Capps at NuData, which tracks people’s behaviour through their phone to authenticate them, says most biometric checks are no safer than a traditional password. If hackers gain access to your password, they can set up a new mobile account pretending to be you. “It all comes down to the enrolment process — and that is back to the username and password,” he says. “This is not the great panacea.”
For the complete article, go here.