Assuming that you use it, of course. It is a persistently bad idea:
Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first.
A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB's researchers, started distributing trojanized smartphone apps in June 2023, however, the latest GoldPickaxe version has been around since October.
...
Once the biometrics scans were captured, attackers then used these scans, along with deepfake software, to generate models of the victim's face.
Attackers would download the target banking app onto their own devices and use the deepfake models, along with the stolen identity documents and intercepted SMS messages, to remotely break into victims' banks.
You can change a compromised password, but you cannot change your face.
I'm not even happy having others see my face. I sure as hell am not going to be stupid enough to record it somewhere and then have it be my access code. Wake up people. Thousands of books, hundreds of movies, hundreds of songs, have ALL WARNED US more than enough.
ReplyDeleteMrLiberty, the point of authentication credentials is that they have to be revocable in the event of a compromise. You can't revoke any biometric.
ReplyDeleteYou *can* change your face, but it is a lot of work and painful.
ReplyDeleteEither takes a doc, a car wreck, or someone with a shovel or a baseball bat.
I have had various accounts compromised over the years. It has yet to be a problem on my end. It was always the corporate server that got hacked. I suppose there is always a first time but why steal one credential when you can steal a million.
ReplyDelete