In-depth

What are biometrics?

Your face, iris, DNA, and typing style can all be used as a password

Weak passwords account for a staggering amount of security incidents, including data breaches, with many so ill-thought that it would come as no surprise to see them cracked.

Many of the techniques used by hackers include phishing and social engineering, while many of the passwords themsleves are as straightforward as 'football' or '123456'.

On the flip side, the benefits of using a strong password are negated if this password is then reused across all logins for all devices and systems - underming a user's information security in one fell swoop. Any security strategy must take into account how prone we, as human beings, are to undermining our own protections with decisions such as this.

Biometric security can go a long way towards resolving many of the problems caused by passwords. Instead of entering a special code you need to remember, or that you store in a password manager, you can simply use your fingerprint, or your face, to sign-in to an account, or your device. This is arguably the most secure method of authentication - using a piece of your own biology to verify you are who you claim to be. This can extent to an scan of your iris, or even behavioural data.

Biometrics, or biometry, is the statistical analysis of behavioural characteristics in humans. In technology, its mostly used for identification, where it gathers information about a user to verify their identity. 

This extra layer of authentication has presented a few morbid examples of its success in recent years, with various police forces failing in attempts to open smartphones with a dead person's finger.

There are also numbers concerns with facial recognition technology, with authorities around the world weighing up its benefits and its impact on our privacy.

Biometric authentication

Facial recognition is often used in CCTV evidence gathering

Biometric authentication is the process of turning captured human characteristics and behaviour, into a digital format. It is by far the most common form of biometric identification, and the most common authentication method is fingerprint scanning; although this can also include face, iris, voice, DNA, and even the way we move or perform tasks, such as typing.

Related Resource

Leadership compass: Privileged Access Management

Securing privileged accounts in a high-risk environment

Download now

Unlike traditional measures, biometric authentication requires the person be present while data is captured. This means that it's almost impossible for a hacker to steal a person's credentials, as they are intrinsically tied to an individual.

What's great about biometrics is that not only is it considered the most secure form of authentication, it's also the simplest from an end-user perspective. It frees the user from having to remember ID numbers or complex password strings, and best of all, there's no need to come up with ridiculous password recovery questions and answers - there's no way to lose your DNA, outside of some adventurous scientific experimentation.

Can biometrics be hacked?

Although the idea of biometrics sounds incredible in principle, it hasn’t always been the pillar of success. In fact, early attempts at rolling out biometric authentication managed to generate rather mixed results.

Despite fingerprint scanners being widely available for some time now, innovations such as voice-based authentication for banking have proven less feasible. In 2017 BBC reporter Dan Simmons famously discovered he was able to sign into HSBC's mobile banking system by mimicking his twin brother’s voice.

Facial recognition isn’t without faults either. In April 2017 it was reported that a Samsung Galaxy S8 user was able to log in through the device’s facial scanner using a printed-out selfie – a trick which could be very easily exploited by criminals.

A more recent incident involving Samsung devices occurred last year, when it was discovered that the Galaxy S10's ultrasonic sensor could be easily unlocked using a 3D-printed fingerprint.

Apple's iPhone X onwards boasts the latest in smartphone facial recognition technology

Apple promised to solve such problems with its now-discontinued iPhone X, which was released in late 2017. Using infrared and visible light scans, the device’s Face ID technology was able to almost instantaneously analyse a person's face and hide the onscreen notification messages if the phone was picked up by a stranger. In fact, Apple stated that the chance of a stranger being able to unlock someone else’s phone was 1 in 1,000,000, making it increasingly safer than other methods of biometric authentication.

By contrast, the same likelihood of unlocking a phone using a fingerprint scanner was estimated to be 1 in 50,000.

The PIN is still king

While the underlying principles of biometric authentication would likely prove to be incredibly effective at keeping out hackers, its development has been dictated by the pace of technology. Unfortunately, industry has yet to come up with a highly accurate system that's also cost effective for mass deployment.

For better or worse, passwords and two factor authentication still rules the day.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

Black Friday's best antivirus deals
Security

Black Friday's best antivirus deals

27 Nov 2020
Veritas Access Appliance with IBM Spectrum® Protect
Server & storage

Veritas Access Appliance with IBM Spectrum® Protect

27 Nov 2020
Ransomware protection with Veritas NetBackup Appliances
Security

Ransomware protection with Veritas NetBackup Appliances

27 Nov 2020
Ransomware resiliency: The risks associated with an attack and the reward of recovery planning
Security

Ransomware resiliency: The risks associated with an attack and the reward of recovery planning

27 Nov 2020

Most Popular

46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
Huawei Mate 40 Pro 5G review: A tragically brilliant Mate
Mobile Phones

Huawei Mate 40 Pro 5G review: A tragically brilliant Mate

26 Nov 2020