Even if you don’t know the term, you’ve probably used biometric data at some point for authentication purposes. Maybe you’re using fingerprints or face-scanning on a daily basis to access your smart phone or make payments, but regardless of your current use (or not), one thing is for sure, biometric data, as part of increased multi-factor authentication methods is set to be a big part of our future.
What exactly are biometrics?
Biometric authentication is a security method that’s being increasingly used to verify user identities.
Biometric authentication methods help restrict unauthorised access to bank accounts, residential buildings, hardware devices, software apps, and much, much more. It’s been around for longer than you might think. Though it’s usually associated with law enforcement, the government, or airport security, the public has become much more aware of it thanks to smartphones and the shift to online banking.
Common biometric uses
There are a vast number of applications and services that utilize biometric technology for authentication purposes. Common ones that people use on a daily basis include:
Such as phones, laptops, PCs,
Purchases and payments like bank/wire transfers can use biometric authentication based on physical characteristics in order to authorize the deduction of funds.
Biometric data can help doctor’s, clinicians and hospitals to keep better records of patients, as well prevent the disclosure of medical records to non-approved parties.
Many airports use facial recognition biometrics. Travelers can enrol by having a photo of their eyes and face captured by a camera. When traveling, passengers simply look into a camera that compares their face to their biometric database, and approve entry.
Common types of biometric authentication
Biometric authentication methods use physical and behavioural characteristics to verify the identity of an individual. Let’s take a look at the most common types used right now:
This authentication method involves scanning a user’s fingerprint and matching it against a registered list of fingerprint data to verify the user’s identity. Fingerprint scanning is a common and widely used biometric authentication technique.
A facial recognition system captures and compares the features and measurements of a human’s face against a database of facial data. If you own a recent smartphone you may already be using this technology.
Voice scans authenticate a person’s identity based on voice modalities such as pitch and intensity. These are compared against an existing database of voice samples.
Hand or fingertip scan
Hand or fingertip scans identify individuals from the shape of their hands and use measurements such as the height, width, angle, and deviation for identity verification.
The unique pattern of an individual’s eye is used for identity authentication.
Did you know? A massive 90% of smartphones can use facial recognition software and 80% support voice-activated identification. The iPhone X’s neural engine alone uses 30,000 dots and infrared imaging to confirm a user’s identity.
Three of the most common misconceptions around biometrics are:
- Biometric data is stored as images in easy-to-hack databases. While it’s true that not all databases are secure, most that store biometric data are. If in doubt, always check to see if breaches have occurred by using such websites as ‘have I pawned’.
- Fingerprints can be easily replicated to ‘trick’ devices. This is extremely difficult to do and involves using Artificial Intelligence (AI) to create a biometric style attack on devices that don’t have fake detection safeguards).
- Physical changes to my facial appearance will prohibit access to my device. Not true. Self-learning’ algorithms in modern-day biometric systems are able to keep up with our changing physical looks.
Biometrics and your privacy
While many people say that authenticating their identities via biometrics is easier than remembering passwords or security keys, others consider it an invasion of their privacy.
Interestingly, recent research suggests that more people are concerned about Government use of biometric data collected because of a fear of “state control and surveillance”, than banks or payment providers using this technology to keep us safer online.
Concerns are mainly centred on how biometric data is used, especially as it doesn’t get more personal than fingerprints and facial scans. However, the truth is, while not 100% fool-proof biometric authentication can be much safer than more traditional methods such as PIN numbers.
Victims of identity theft often point out that it’s difficult to prove that the theft has occurred. With biometric data, however, there is no room for confusion.
The above said, it’s worth noting that although biometric data isn’t something you forget (like a PIN), it’s also not something you can replace. That means if it is hacked, you can’t do too much about it.
The reality of today’s biometric data is that it’s best used as part of an overall multifactor authentication process, which uses a blend of methods including biometrics. With all authentication methods carrying some level of risk, it’s important that individuals also regularly monitor the status of their accounts using account breach services such as ‘have you been pawned’. This proactive approach will help further ensure protection.
Although biometric data technology isn’t perfect, and nothing digital is 100% secure, this method of authentication continues to improve, and with it the opportunity to revolutionise the payment industry. But that’s not all, it also has implications for other industries. For example, when you look at the shared/autonomous vehicle market globally, proof of identity will be really important. Eventually, even items like credit cards, insurance cards and driver’s licenses could also become more easily and securely represented by your biometrics instead of a plastic card.
There is no doubt that attitudes towards biometric data are shifting for the better, however, people continue to have real concerns around how this technology could be misused in the wrong hands, so there is the need for further evidence to disprove common biometric myths and showcase how these solutions can safely and securely protect our personal and sensitive data.