This kind of biometric security is getting a bit ridiculous. It would be different if it was done in a secure way and by that I mean secure in the sense that the person who provides the biometric data you had the ability to secure it wherever it went. This could absolutely be done but the reason it's not is companies totally want to gather this data from people and then sell it to other companies for machine learning and other purposes. Same with our government that wants to gather this kind of data.
It would be quite straightforward to make your biometric identity a public private key kind of setup. Companies have access to your public key and you yourself carry your private key as some sort of physical identification that is unlocked with a two-factor method. This way any physical biometric thing is done on a device you own that could be mandated to be open technology completely auditable to be secure and all you do is use your physical doodad to interface with their thing to authenticate that yes you are the private key holder for this given public key.
It would be much more secure than identification cards that we have now such as driver's licenses or passports. It would also be far more secure than the biometric style authentication they want to do now with them essentially owning a copy of your biometric data. But there is no profitability in true security and privacy for the citizens.
Worth remembering the US Army built a biometric database of Afghan officials (police officers included) and they lost control of it to the Taliban. They sold it as a "for your own safety", and now it's a kill list.
- "The biometrics initiative was initially tested in 2002. Its goals then were to prevent criminals and Taliban insurgents from infiltrating the Afghan army and police force[...]"
- "The Taliban may also be using the Afghan government’s biometric-based ID card known as the Tazkira to track and target people, Ramanjit Singh Chima, Asia Pacific Policy Director at Access Now, told news agency Reuters."
- "Particularly at risk are individuals in central positions in the Afghan military, police and investigative units."
All of those things can be part of it. You're totally forgetting where we're coming from right now which is your identification or attestation is a little plastic card that is issued by the government based upon some other pieces of paper. There is no rotation of that either. The primary thing people use to identify you is your social security number in the United States which was never even envisioned as a way to identify someone it was simply an account number.
What I'm proposing puts the private key in your hands and requires you to locally do some sort of second Factor authentication to release it so it can be validated against the public key that the government or another entity has.
To issue or reissue or key rotate as you say can support the same methods we have now for determining identity and it also provides a better more secure method for determining identity.
You have to keep in mind perfect is the enemy of good and any solution that puts your identity in your own hands is massively better than what we have now and what any country has now.
The main issue there is that the mantra something you know, something you own, something you are is completely wrong in the authentication context. The issue there is that the biometric “something you are” cannot be revoked and also depends on the relying system having some kind of secure path to whatever sensor measured it. So in the end as an authentication it is only useful as convenience feature (eg. how TouchID/FaceID works on Apple platforms). Identification is another thing and obviously biometrics are useful there, but well, there are not that many ethical uses for system that does identification without authentication.
Seems like the key issue here is this: what is the purpose of conducting the authentication? In the case of personal accounts, it's for the benefit of the individual. They get their own account to safely store personal data. Here, the individual management of biometric authentication devices, as you described, is a great thing. A passkey can be generated without exposing biometric data. The individual has the responsibility and incentive to keep their devices secure.
But the above article is an example of the opposite case, where the authentication is for public security. In this situation, the individual cannot be entrusted with their own auth, so if each person were to use their own device, it would need to be quite tamper-proof. Seems far simpler at this point to do face / fingerprint auth, where the security guard ensures that no one is wearing a mask or fake finger. Yes, there is the concern that the bio-data could be stolen / misused, and for that reason I think that bio-auth for public safety should be limited to a single standard type (e.g. face), with the others being reserved only for private auth. That way, a compromise can be reached between public safety and individual privacy.
> It would be quite straightforward to make your biometric identity a public private key kind of setup.
How would that work? Maybe the biometric part acts as a domain name from which the public key might be downloaded? Who is the custodian of face-public key pairs?
The Apple and Google pushes for digital IDs are basically that, but support is limited at best since it's depending on 50+ different local governments to get up to speed on all this tech stuff.
It would be quite straightforward to make your biometric identity a public private key kind of setup. Companies have access to your public key and you yourself carry your private key as some sort of physical identification that is unlocked with a two-factor method. This way any physical biometric thing is done on a device you own that could be mandated to be open technology completely auditable to be secure and all you do is use your physical doodad to interface with their thing to authenticate that yes you are the private key holder for this given public key.
It would be much more secure than identification cards that we have now such as driver's licenses or passports. It would also be far more secure than the biometric style authentication they want to do now with them essentially owning a copy of your biometric data. But there is no profitability in true security and privacy for the citizens.