With the rapid development of science and technology, fingerprint cryptography is more and more widely used in life. In view of this, some people say that fingerprint is so widely used, does it mean that it is more secure than password?
Fingerprint and password are identity authentication methods
'fingerprints and passwords are both methods of identity authentication. From the perspective of technology, identity authentication technology can be divided into identity authentication based on information secret, identity authentication based on biometrics and identity authentication based on trusted objects. " Professor Zhang lejun of the school of Information Engineering (School of artificial intelligence) of Yangzhou University said.
Zhang lejun introduced that identity authentication based on information secret is based on the known information, and password is a typical method. Biometric based identity authentication refers to a technology of identity authentication through measurable body parts (such as fingerprint, iris, etc.) or behavioral biometrics. Use a sensor or scanner to read the biometric information, compare the read information with the user's characteristic information in the database, and pass the authentication if it is consistent. At the same time, identity authentication based on trusted objects is based on what they have. Typical methods include smart card, SMS authentication, Youdun authentication and so on.
Which is safer varies from person to person
In people's daily work and life, from the earliest wallet to the current mobile phone fingerprint quick payment, from the necessity to bring the key to the fingerprint unlocking, the embarrassment of losing the key is saved. Doesn't this prove that the fingerprint is safer?
Zang Yali, associate researcher of the Institute of automation of the Chinese Academy of Sciences, previously told the media that there are 6 billion people in the world, each of whom has 10 fingers, and the fingerprint is unique. Calculated, the security of the fingerprint (the probability of fingerprint identification error) should be one in 60 billion. It seems to be absolutely safe, but it is not. At present, the rejection rate of commercial fingerprint algorithms (such as mobile phone unlocking) is less than 3% when the error rate is 1 / 50000. In other words, on the premise that someone else's fingers can illegally pass the certification once after 50000 attempts, their fingers will be rejected by the system three times for every 100 attempts. If the false identification rate is reduced, the rejection rate will be high. Therefore, the security of the fingerprint system is about one in 50000, and better ones may reach one in 100000 or one in 200000, but the current technology is over.
There are 100 million schemes for an 8-digit random password. In other words, the probability of randomly generating an 8-digit password is one in 100 million. If you mix uppercase and lowercase letters and symbols, there will be 600 billion possibilities. On the contrary, the password system is more secure? But neither.
Because the password we set is not random, even if it is random, it is difficult for us to remember. Our password settings are generally their own habitual combinations, so if others have a certain understanding of your password setting habits, it is also easy to crack.
Zhou Zhiping, a professor at the school of Internet of things engineering of Jiangnan University, said: "from the perspective of the digital world, fingerprints and passwords are digitized information content, but there is actually no obvious difference." Fingerprint and password are two locks with different shapes, structures and principles. Which lock is' better 'depends on what kind of door to lock.
Zhang lejun told reporters that for people who are particularly careful and have a good memory, the password may be more secure; For the elderly, the long-term use of fixed and easy to remember passwords has great security risks, and it is very inconvenient to change passwords frequently and dynamically. At this time, fingerprint technology is more appropriate.
Fingerprint is widely used because it is more convenient
Zhou Zhiping said that the key reason why fingerprint applications are becoming more and more common in work and life now is that fingerprint belongs to biological characteristics, which can be better unique relative to password. Especially with the development of some devices, fingerprint applications are becoming more and more convenient, users do not need professional knowledge, and the use threshold is also low.
In order to achieve higher security and convenience of identity authentication, a variety of identity recognition technologies will be mixed in some scenarios, that is, the so-called 'dual multi factor authentication'. Typical applications are some mobile banking apps, which divide identity recognition into two scenarios. When used for the first time and not used for a long time, the relatively complex authentication method of "static login password + SMS authentication + U shield" is adopted. " For short-term and frequent use, most of them use fingerprint identification technology, which not only facilitates use, but also increases security. " Zhang lejun said, "if the security level in the application scenario is high, we need to adopt dynamic and complex multiple authentication technology. If convenience is more important, we can choose the fingerprint technology that automatically completes all authentication work with a finger."