As the security of passwords continues to be questioned, developers have introduced new ways to unlock our devices and accounts. One of the most common of these new methods involves biometrics, which Homeland Security defines as “unique physical characteristics, such as fingerprints that can be used for automated recognition.” In this article we'll look at biometric authentication, its benefits, and its security concerns.
How are Biometrics Used?
Biometric authentication is incredibly popular in mobile devices. One of the most popular method we use is fingerprint authentication. There are some mobile devices that utilize facial scanning recognition, but this isn’t quite as common as a touch-based I.D. Though, as the quality of mobile phone cameras progress, facial scanning will likely become more popular. In addition, voice signals are increasingly being used by devices like Alexa and Siri. These don’t necessarily use voice recognition yet, but they do use biometrics to be alerted of a command.
An increasingly common trend is using biometrics as authentication for online banking. Using an individual fingerprint to unlock a banking account, for many people, feels much more secure than typing in a password. And as of 2017, most major banks give customers the option for touch I.D. in mobile banking systems.
But mobile devices are not the only things that are being accessed through biometric authentication. In fact, the Los Angeles International airport has installed kiosks that enable passengers to check into their flights through fingerprint or retina scans. Retina scanning is also being implemented in southern Texas to increase U.S. border security. High security business might apply biometrics authentication for employees. Is this a glimpse of the future of all interactions that require identification?
What are Some Benefits of Biometric Authentication?
In regards to biometrics in mobile devices, the benefits seem black and white. There is an added degree of security in relying, at least in part, on an extremity (e.g. finger) that only you have access to at all times. With the demand for a standard passcode, together with your fingerprint, the sense of security increases. Beyond smartphone security, using features like touch ID make interacting with your device much more convenient. With Apple Pay, instead of having to manually enter your payment information, all you need to do is swipe your finger across your device. It's simple and saves time.
Using biometric authentication for security purposes also works to better secure information, processes, and establishments. Some organizations implement biometric scanning as a modern method of "punching in" to work. This assures that all employees are honest in terms of the hours they've worked. In turn, this saves the organization money.
What are the Security Concerns of Biometric Authentication?
In a recent article on smartphone security, we discussed a group at New York University and Michigan State who discovered a way to generate faux fingerprints to trick touch I.D. systems on smartphones. Whether or not this is a likely evolution for hackers, the possibility of it is something to be aware of going-forwards.
Professor of Law at Georgetown University, Alvaro Bedoya told Wired that while passwords are inherently private in that they are not meant to be shared whatsoever, biometrics are not private at all. Odd as that sounds, considering we've always been told that we're the only ones who have our fingerprints, it's true. All a hacker has to do is steal a glass, or maybe use some tape on a doorknob to capture your fingerprint. Then they're in. Though it is unlikely that the typical, modern hackers will go out of their way to seek out your unique fingerprint. But it may not be so unlikely for it to become a common occurrence in the future, as biometric authentication continues to expand in relevance.
There's also some concern in knowing that databases somewhere have your fingerprints or retinas stored. For some, letting devices record their biometrics is incredibly invasive. And considering the location of a great deal of that biometric data is unknown, being apprehensive to share yours is understandable. Remember that what you share of your information and body is completely and utterly up to you. Always do your own research before doing something you're uncomfortable with.
So, What's Next?
In theory, any of our biometrics can eventually become tools for security authentication. Maybe in a year we'll be licking sensors before we board airplanes. The truth is, we have no idea how biometric authentication is going to evolve in the future, all we can do is be ready to evolve our security measures along with it.
Where do you think biometric authentication is going to take us in the coming years? Are you concerned about using your fingerprints to unlock your devices? Let us know on our Facebook page!