Hackers ‘steal your face’ to create deepfakes that rob bank accounts

With no way to validate identity from users' biometric, financial systems are massively exposed to identity theft fraud.

=> Biometric authentication are handy PIN code replacement but not more secure. Why? Because your fingerprints, your face, and your voice are not secrets.

=> Biometrics are increasingly being scraped, stored, and analyzed by threat actors.

=> By exploiting IP cameras' video databases, hackers can gather bits of iris and fingerprint and "with enough repetition, compute power, and time, they can potentially crack a person’s full biometrics."

=> "Biometric data is useful for in-person authentication, and really dangerous for remote authentication". Biometric data are like a complex key. Once transmitted, users aren’t authenticating the actual biometric, they are verifying something that looks a lot like a password.

our financial system is built in a lot of assumed-but-not-verified trust.will continue to be exacerbated by technologies like deep fakes as long as our banking institutions trust transmitted copies of a biometric.”