As the technology we use becomes ever more entwined with our daily lives, security is a primary concern. The lowly password, even with its combination of numbers and special characters, continues to be questioned. With the very real threat of document fraud and identity theft knocking at our doors, whether for a business or an individual, we want to ensure our data is secure. To combat the threats, biometrics has come forward as a way to define an individual based on their unique physical characteristics. Many applications are already making use of the technology and more are on their way.
Biometrics enables a person to be identified and authenticated based on their unique personal data. There are two principal types of biometrics:
With the threats to our digital identities, biometrics has quickly established itself as the most opportune means of authenticating individuals in a fast and reliable way. Biometric identifiers can be broken down into physiological and behavioural characteristics. Physiological characteristics, which are more stable throughout the lifetime of an individual, relate to the shape of the body including the likes of fingerprints and facial recognition. Behavioural characteristics, on the other hand, relate to the pattern of behaviour of a person such as their typing rhythm and voice. The different techniques used for the application of biometrics are subject to continual research and development with new applications coming to the forefront every day. In fact, it’s been predicted that nearly 90% of businesses will deploy biometric authentication technologies by 2020, with 62% already using some form of biometrics today.
The most common use of biometric authentication is, without doubt, finger authentication on mobile devices. As well as to simply unlock our phones, fingerprints are also used for online banking security. Some devices have started to use facial scanning recognition although this isn’t as common just yet. The other application of biometrics that most of us come into contact with is voice, used by popular devices such as Alexa and Siri. Now, while they don’t use voice recognition as such, they do require biometrics and will no doubt evolve as security concerns of the devices increase.
While as individuals we may recognize the use of biometric authentication predominantly for use with our smartphones and handheld devices, the technology is big business for the security of national authorities. The following industries are using biometric authentication to help them adhere to the tightly regulated framework in which they operate:
The primary benefit of biometric authentication is without doubt the added layer of security it adds. With fingerprint authentication on our mobile devices, the combination of biometrics with a passcode increases the level of protection. Whereas passwords can be forgotten, exchanged or stolen, biometric data can’t be forged. The majority of data hacks leverage weak passwords and can lead to identity theft. To increase security even further, multimodal biometrics are used, requiring two biometric credentials simultaneously. The other key benefit is time-saving. With touch ID we are able to operate technology and interact with apps more quickly than ever before.
Cybercriminals will always adapt their methods to try to attack new security measures. There is some level of converse thinking with regards to biometric data. While passwords are created privately and at least not supposed to be shared, biometrics are much more public; we display them wherever we go and leave our fingerprints on everything we touch. It is certainly a lot harder for a hacker to steal your fingerprints, but it is not beyond the realms of possibility.
The other more likely point of concern lies in the fact that our biometric data needs to be stored somewhere. When we let devices record our biometric data, it is incredible invasive, especially when we don’t know where that data will be stored and ultimately the extent of what it will be used for. To avoid the risk of a central biometric database being stolen by hackers, supporting infrastructure has now been decentralized. However, to enable this, the authentication is now based on a key-based exchange. Hackers can obtain a user’s identity without needing any biometric data at all; they just need the key.
Ultimately each biometric solution is only as secure as it needs to be for its individual challenges. The justice system can’t tolerate any level of error so needs to implement the highest quality technology with cost and time being secondary. Individuals, on the other hand,will seek out low cost accessible options to secure their personal property. The reliability of any authentication depends on the acquisition tools and algorithms that are used. Many biometric systems still suffer from accuracy issues; however, the use of several biometrics in combination can reduce these error rates considerably.
Biometrics offers many advantages to security in the workplace and at home, and although it can’t be entirely reliable on its own as it relies on statistical algorithms, multimodal biometrics can go a long way towards solving this. The real challenge lies in the privacy of individuals and their ability to fully control their personal biometric information.
While there are challenges that need to be overcome, it is clear that passwords are no longer an acceptable form of security on their own. For businesses to protect company assets, employees and their customers, they need to seriously consider additional security measures. Biometric authentication is a strong contender that will no doubt evolve further allowing it to empower security into the future.