Concerns regarding the security of biometric authentication

security biometric authenticationMore and more gadgets that we use these days (smart phones, smart watches, etc) try to make a personal connection with the owner via his biometric characteristics.

Using biometric measures for authentication purposes is a fast growing trend in the IT world, but there are genuine security concerns regarding the maturity level of these methods and their security faults. How safe is it to use biometrics for authentication? Can they be bypassed? Let’s find out!

How to find a good biometric characteristic?

At this moment, we have 3 main possibilities for verifying a user’s identity: something that the user knows (like a code or a passphrase), something that the user has (a smart card or a token) or something that the user is (a biometric characteristic).

For a biometric characteristic to be considered a valid authentication method, it should have the following properties: Continue reading

5 Benefits of a penetration test

benefits of penetration test imagePenetration testing projects are definitely fun for the passionate pentesters.

However, the question is what are the real benefits of a pentest for the client company?

What is the real value of a penetration test?

 

Many clients have misconceptions and false assumptions about penetration testing and they are engaging this type of projects for the wrong reasons, like:

  • After a penetration test I will be safe
  • A penetration test will find all of my vulnerabilities
  • I’ve heard that pentesting is ‘sexy’ so I would like one myself

Companies who do penetration tests for these reasons do not get the real benefits of this service and they are practically throwing away the money.

From my perspective, a penetration test has the following true benefits for the client company:

Continue reading