If a mere speculation is to be believed, the biometric data of millions of Americans could be at the risk of being compromised by Russian hackers. They could “even compromise wider national security and law enforcement computer systems,” says a detailed BuzzFeed report citing some documents and two whistleblowers as the source.
The fingerprints recognition software used by the Federal Bureau of Investigation and around 18,000 US law enforcement agencies include a piece of code made by a Russia-based firm called Papillon AO.
The fingerprint analysis software was purchased from the French company called Morpho (earlier known as Sagem Sécurité) which “deliberately concealed” the existence of the secretly sourced Russian code, the report claims.
However, the reason why it was kept a secret is due to a non-disclosure agreement between Morpho and Papillion that happened almost 10 years ago when the code was sold for $6 million. Morpho is now owned by a US firm and its name has been changed to Idemia.
Maybe, a backdoor in the fingerprint recognition software is just a possibility. Becuase none of the sources and cybersecurity experts the website contacted have claimed the existence of the same in the code.
But what could raise eyebrows is that Papillion, in the past, has openly talked about their collaborations with Kremlin-fueled bodies including the Ministry of Defence and Federal Security Service, also known as FSB.
Papillion has denied the allegations of any backdoor in the code. The FBI didn’t address the website’s request for a comment on the matter but said that the all the software are well-checked and reviewed before they’re deployed.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.