Biometric Security...Maybe Not

A lot of people are very excited about the idea of biometric information—physical information about a person such as your fingerprint, voice, retina, or image—as a better form of security or at least as a nice substitute for passwords. I thought I liked this idea as well. However, for the very first time (at least to my knowledge), the US Office of Personnel Management (OPM) system breach has leaked a great deal of other very sensitive and personal information including 5.6 millions fingerprints which are now in the "ether". We've all seen movies that included a clever way to get someone's fingerprints, and I never thought much about it. Now a huge number of these biometric signatures are in the dark side of society. (I have no idea about the risk to which these folks have been exposed or what they can do for remediation, but I doubt they’re very happy right now.)