NordPass Password Manager Adds Biometric Authentication for Mac

NordPass is introducing biometric authentication to Windows and macOS applications. This new feature, which previously was available on mobile devices only, will add flexibility and convenience to the login process. Instead of typing in their master password, users will be able to use their fingerprint or face ID to sign in. According to a report published by NordPass, the most common password is 123456. and relying more on biometrics would help eliminate such weak passwords. But many cybersecurity professionals note that biometric authentication on its own is not enough. The best way to ensure maximum security for your accounts is to use it along with multi-factor authentication (MFA).

TikTok Will Collect Biometric Data From US Users

TikTok updated its privacy policy on Wednesday, adding a new section about collecting biometric data from users. This data includes “faceprints and voiceprints.”

The statement itself is vague, as it doesn’t specify whether it’s considering federal law, states laws, or both. It also doesn’t explain, as the other part did, why TikTok needs this data. It doesn’t define the terms “faceprints” or “voiceprints.” Nor does it explain how it would go about seeking the “required permissions” from users, or if it would look to either state or federal laws to guide that process of gaining consent.

Researchers Spoof Face ID Using Tape and Glasses

During the Black Hat 2019 conference, researchers demonstrated a way to spoof Face ID using nothing more than glasses and tape.

To launch the attack, researchers with Tencent tapped into a feature behind biometrics called “liveness” detection, which is part of the biometric authentication process that sifts through “real” versus “fake” features on people. It works by detecting background noise, response distortion or focus blur. One such biometrics tool that utilizes liveness detection is FaceID, which is designed and utilized by Apple for the iPhone and iPad Pro.

Google Investigation Shows Apple Was Right About Face ID

Take this with a grain of salt because this tweet is all I’ve seen about this. But David Ruddock of AndroidPolice mentioned a Google investigation trying to determine if certain types of fingerprint sensors are secure.

Another CES Story: I’ve heard Google is currently investigating whether current optical fingerprint sensor designs are secure enough to be used for TrustZone auth (mobile payments, banking apps, etc). There is real concern optical FPRs may be too easy to spoof.

Although facial recognition came to Android first, it was there for convenience as a way to unlock your device. But Apple added it for security, and it looks like they bet on the right horse.