Biometric authentication has a lot of appeal; the idea of not having to remember passwords or PIN numbers and not having to use a physical key fob or smart token sounds great. However, everyone seems to overlook a major problem with biometrics.
Suppose you have a network system with a large user base. Your large network uses biometric authentication only. In the computer world everything is represented in bits and bytes, meaning your fingerprint or retina scan becomes a series of bits and bytes just like a password or a picture. Suppose due to phishing, malware, virus, etc. the biometric byte pattern is acquired by a hacker (or maybe just a teenage script-kiddie at Starbucks running something like Firesheep), now a hacker can submit the same byte pattern as if they are the real physical person and gain access to data. How do you stop this attack? Have everyone re-register with toe prints? The problem would warrant a change to the encoding algorithm used to encode the biometrics into bits and bytes. Since the encoding algorithm changes everyone has to “enroll” their biometric info again…securely. Such a change would be large undertaking and could not be done quickly, thus leaving the network susceptible to another attack . Maybe PKI could make it easier but it would still require pretty major changes to the system.
Suppose it is decade into the future and all internet systems use biometrics for end user login. Now imagine there is a security compromise with LinkedIn or another major vendor and all of the “biometric patterns” used for authentication has been acquired by an outside party- a hacker or group of hackers. How does LinkedIn handle this? They cannot tell you to change your fingerprint making the only choice is to change the encoding mechanism so the biometrics are encoded as a different pattern. Now everyone has to re-enroll- or maybe for a while run dual authentication systems and get a login like this:
Passwords can change instantly and biometrics cannot. In a perfect world with no security compromises biometrics would be great but in the real world passwords will be needed for a long time.