Fingerprint scan at nursery door

The BBC reports that a nursery has installed fingerprint scanning at its entrance to increase the safety of its young pupils.

In an interesting quote, UK Biometrics director Ryan Hole said: “By fitting a biometric access system they now have the one key that cannot be lost, stolen, forged or hacked – the human fingerprint”.

Some ways I can think of subverting a biometric access system:

  • Go in the window
  • Kick the door in
  • Lift a fingerprint (needs sellotape, google for it)
  • Bribe, con or coerce an authorised user. For example, “My finger doesn’t work, I need to get my kid to the doctor now!” (Given that there is a Felinfoel pub just up the road, there is good beer available for bribery).
  • Wear a bandaid, bemoan the office shredder/photocopier/rabid secretary. Repeat the above con.
  • Tailgate behind an authorised user
  • Use someone else’s authorised finger, having first thoughtfully removed it from their body
  • Exploit the software. All software has bugs, some bugs are interesting security holes. (attributed to Muffett).
  • Get a rogue fingerprint on the database.
  • Grab a kid before (or after they go in the door). Better still, push the parents in the door, and shut it after them, so they have to use the fiddly biometric lock to get out.
  • Put superglue on the sensor. Wait until lock is removed. Enter.

The point about all of this is that security “point solutions” don’t work, neither in the physical world, nor in the exciting online world where all of our bank details slush about. Its essential that all risks are assessed, and solutions combined to make sure you don’t just shift a threat from one attack point to the other (for example, no window locks means that the expensive biometric lock will actually remove very little risk).

The other things to think about are that when a failure of the security device occurs (not if), how will the nursery audit who went in and out of the nursery, and when? More importantly, if a “rogue” fingerprint gets into the database, how easy is it to detect and remove? Can I register my index finger under the print for the left little finger of the headmistress?

Most importantly, the risk of biometric systems is that the credentials can be stolen. Fingerprints can be copied, and facsimile “fakers” make that duplicate the print of the target. Now if you find out that stanley’s password is “yelnats”, he can change it. But how do you change your fingerprint once its been lifted off a glass you drank from?