Cybersecurity: Experts discussing mobile phone security warn against bio-metric verifications

Cybersecurity experts Aaron Turner and Georgia Weidman spoke at the RSA Conference in San Francisco to discuss mobile security. The two discussed 2-factor authentication (2FA) as well as biometric as a means of securing mobile data. While they agree that authentication is the better choice, such apps including Gooogle Authenticator work depending on the device running them.

Cybersecurity and mobile phones

Turner clears the rumor that iPhones are more secure compared to Android devices and warned people against using any iOS but the current one: iOS 13. Amongst Android, Turner favored Pixel devices while claiming that he has “good experience” with Motorola ad Nokia.

Meanwhile, Weidman stated that iOS is good but, for somebody who is building exploits, Android  SELinux is the “bane” of his existence. 

On the other hand, Turner showed a clear reluctance of using Samsung devices. He stated that “Karsten Nohl” exposed Samsung for faking device updates in 2019 so people should stop using those devices. However, the source cited by Turner later admitted that some of their findings were not true.

Regardless, neither of the two was a fan of biometric security. Weidman stated that Fingerprint and facial recognition were “better than nothing” when they are used in addition to passwords.

However, Turner was “fundamentally opposed” to using fingerprints as they are non-revocable. He cited a case in which a gang cut off a man’s finger to gain access to his fingerprint-protected cars. He believes that finger[ront readers are merely biometric toys.

As per Turner, the only secure 2FA method without vulnerabilities is a hardware security key.

Featured image by pixabay.