STOCK MARKET BSE NSE

Cyber security experts flag ‘biometric hazard’

Access systems being installed at offices and apartments in the city could infringe upon the privacy of an individual and pose a safety issue.

Published: 19th May 2022 10:50 AM  |   Last Updated: 19th May 2022 10:50 AM   |  A+A-

Image used for representational purpose only. (File Photo)

Image used for representational purpose only. (File Photo)

Express News Service

KOCHI:  Thomas Kurian, 45, recently moved out of an apartment complex at Kakkanad, where he and his family had been staying for the past two years. The reason: the apartment association installed a biometric access system and insisted that every resident scan their fingerprints for entry into the building. 

A cyber-forensic expert and patron of Kerala Police’s international cyber conference ‘Cocon’, Thomas said no to the association’s decision. He believes these types of biometric access systems being installed at offices and apartments in the city are infringing upon the privacy of an individual and pose a major security issue. 

Express Illustration

“These systems do not have any proper data protection protocols,” notes Thomas. “The fingerprint data collected by these systems can easily be hacked into and used by criminals. A fingerprint is a unique identity of a person and if it is stolen, one is at the risk of being made as a party to a crime. A criminal can easily dump your fingerprint at a crime scene.” 

New-gen cyber-crooks can clone one’s fingerprint and use it for other purposes, he cautions, adding that there have been cases of online crimes and frauds using this modus operandi.Cyber security expert and Data Security Council of India member Manu Zacharia says if an organisation or an association collects biometric data of an individual, the onus of protecting the data lies fully on them.

“Any leak of such data could put them in a legal tangle,” he adds. “Collecting personal data involves a bigger responsibility of protecting it. We can find a lot of incidents in which criminals used personal data such as fingerprints for committing crimes. Also, a person has the right to know the purpose for which his biometric data is collected and also the safety protocols put in place.”

Thomas points out that even the Unique Identification Authority of India (UIDAI) has decided not to share Aadhaar biometric data even for crime investigations. Recently, the UIDAI made it clear that, as per Section 29 of the Aadhaar Act, the biometrics data it collects would be used only for generating Aadhaar and authentication purposes. 

‘FINGERPRINT CLONING TECHNIQUES VIA YOUTUBE’
A cyber police unit in Gwalior, Madhya Pradesh, recently nabbed a four-member gang involved in cloning fingerprints and withdrawing money through Aadhaar Enabled Payment System (AEPS).  According to reports, the accused were misusing AEPS by using thumb impressions stolen from people. Sleuths recovered fingerprints of many people from the gang, which had mastered hacking and cloning techniques from YouTube. They also seized biometric machines, a rubber thumb impression printer, gelatin, temperature modulator and other chemicals that were used to make clones.

What about Aadhaar?
Recently, the UIDAI made it clear that, the biometrics data it collects would be used only for generating Aadhaar and authentication purposes.



Comments

Disclaimer : We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the newindianexpress.com editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.

The views expressed in comments published on newindianexpress.com are those of the comment writers alone. They do not represent the views or opinions of newindianexpress.com or its staff, nor do they represent the views or opinions of The New Indian Express Group, or any entity of, or affiliated with, The New Indian Express Group. newindianexpress.com reserves the right to take any or all comments down at any time.

flipboard facebook twitter whatsapp