A massive biometric breach is only a matter of time



[ad_1]

I signed up for CLEAR about 2 years ago while flying to Seattle from Washington.

CLEAR is like a "PRE TSA PRE for VIPs". Basically, you pay $ 100 a year and in many airports – but not all – you can go directly to the TSA PRE line. In addition, you do not have to show ID when your biometric data is scanned into the system, which proves the identity.

I had noticed in previous years that more and more people were getting a TSA PREA. Same for Global Entry. I alone have probably had 50 people to sign up for the first and maybe 20 for the last one. They save a lot of time. I would say that CLEAR saves me an average of 10 to 20 minutes on every flight I take. Given how much I was flying, it was worth it when I signed up.

Whenever I use the CLEAR line, it takes an average of 1 to 2 minutes to get to the X-ray screening area.

Until Monday, March 11th.

When I arrived at Dulles at 7:10 am for my boarding flight of 7:35 am, I was confronted with a CLEAR line of at least 45 people.

It never happened to me.

I asked questions about it and, apparently, the rush on Monday morning is like that. I do not travel on Monday mornings as often.

Yet other pbadengers made the same remark, namely that the volume was unusually high.

I immediately concluded that CLEAR was experiencing mbadive growth and that there would eventually be an even more exclusive and better service. In fact, we will privatize airport security based on price.

Then I caught myself and realized that maybe it was only one data point. A rush hour for businessmen on Monday morning makes a lot of sense. So, that might have been an anomaly.

Anyway, while I was queuing, I had a terrifying thought.

CLEAR is able to treat people much more quickly because they use biometric data (retina and fingerprint) to identify people, such as Global Entry.

Now, when I signed up for the service, I recognized that I was giving up some privacy for the sake of convenience. A compromise that we are making more and more as a society.

I did it anyway.

But when I saw the number of people who had made the same decision, I realized that the CLEAR and Global Entry databases were becoming an Equifax biometric system.

As you know, Equifax has been a victim of a serious crime and the personal and financial data of more than 100 million Americans have been stolen. It remains to be seen what will be the impact of this long-term flight.

As these two biometric databases become more popular, they will become a bigger target for hackers. There is no doubt that individual biometric data is a black market.

Any security expert will tell you that a hack is not a question of "if", but just a question of "when". Ultimately, if this has not happened already, these two databases will be compromised. Likewise, the consequences will be unknown and of far-reaching significance.

For something as important as individual biometric identity, a centralized system, vulnerable to compromise, should be a non-starter. In the end, we will see decentralized blockchain systems such as Everest siting because of the way they uniquely address the 2 most important components of Identity: Authentication and Authorization. (Everest does not offer airports like CLEAR, but its technology – and similar startups based on block chains – responds to similar use cases – Civic and uPort are also there.)

Everyone understands "authentication". "Are you really who you say you are?

However, it is "authorization" that is really more important. In this scenario, the owner of the identity is the owner of the data and he totally controls who he shares with and what he shares.

With this type of control, users are free to create a transaction history and ultimately a true "credit score". In Everest, for example, transactions are made via EverWallet and are immutably written in the EverChain ledger, which is the source of the "credit score".

Everest is already working with several ministries in several Asian countries.

As governments and citizens become increasingly aware of privacy issues, they will be increasingly willing to consider alternatives. At the same time, blockchain technology will continue to grow in terms of security, robustness, adaptability to new threats and scalability. When this happens, it will provide higher order solutions and more effectively balance the need for biometric data as unique identifiers with the need for maximum security. of these biometric data to protect individuals.

Ultimately, global personal identity systems will only live on blockchain systems.

It's pretty CLEAR for me, at least.

Jeremy Epstein is CEO of Never Stop Marketing and author of The CMO Primer for the Blockchain World. He is currently working with blockchain and decentralization startups including OpenBazaar, Zcash, ARK, Gladius, Peer Mountain and DAOstack.

[ad_2]
Source link