What are biometrics?
Face, iris, DNA, typing style... it can all be used as a password
If the daily occurence of data leaks and malware attacks have proved anything it's that traditional security measures are proving inadequate for the modern age. A simple password or ID number is no longer safe online, and no matter how complex you make the string, there's still a need for layers and layers of security.
Biometric technology is able to solve all of that, and is being called upon to provide some of the most robust methods of authentication, tying a system to a specific individual rather than a disposable code that can be used by anyone.
Simply put, biometrics, or biometry, is the statistical analysis of behavioural characteristics in humans. In relation to technology, it's the process of measuring and collecting biological data that is typically unique to an individual. It's most common application is within the field of identification, where technology is being deployed to gather biometric data and verify an individual's identity.
Voice waveform recognition has already been deployed by law enforcement agencies using wiretap surveillance, while facial recognition scanning is often used to hunt for individuals on CCTV recordings.
Facial recognition is often used in CCTV evidence gathering
Biometric authentication is the process of turning captured human characteristics and behaviour, into a digital format. It is by far the most common form of biometric identification, and the most common authentication method is fingerprint scanning; although this can also include face, iris, voice, DNA, and even the way we move or perform tasks, such as typing.
Unlike traditional measures, biometric authentication requires the person be present while data is captured. This means that it's almost impossible for a hacker to steal a person's credentials, as they are intrinsically tied to an individual.
What's great about biometrics is that not only is it considered the most secure form of authentication, it's also the simplest from an end-user perspective. It frees the user from having to remember ID numbers or complex password strings, and best of all, there's no need to come up with ridiculous password recovery questions and answers - there's no way to lose your DNA, outside of some adventurous scientific experimentation.
Can biometrics be hacked?
Early attempts at biometric authentication have produced mixed results. While consumers have been able to unlock their smartphones with their fingerprints for a number of years now, the rollout of voice-based biometrics for banking has proved less successful. For example, HSBC implemented voice recognition across its mobile banking system, only for it to be bypassed in May when BBC reporter Dan Simmons asked his twin brother to mimic his voice.
Facial recognition has also proven to be less than perfect in Samsung's smartphones. In April, the facial scanner of the Galaxy S8 was fooled when a user printed out a selfie and showed it to the camera, and in May it's iris scanner was tricked into thinking a 3D printed eye belonged to its registered user.
Apple's iPhone X boasts the latest in smartphone facial recognition technology
Apple's iPhone X promises to solve these problems and refine facial recognition enough to be useful. Its Face ID technology uses infrared and visible light scans to almost instantaneously analyse a person's face, and claims some impressive features, such as hiding notification messages if the phone scans a stranger's face, or keeping your biometric data updated as you get older.
Apple also claims that the odds someone will be able to use their fingerprint to unlock your phone is 1 in 50,000, while Face ID will stretch that to 1 in 1,000,000. Suffice to say, if it works, it will be almost impossible for someone to randomly unlock your phone.
The PIN is still king
While the underlying principles of biometric authentication would likely prove to be incredibly effective at keeping out hackers, its development has been dictated by the pace of technology. Unfortunately, industry has yet to come up with a highly accurate system that's also cost effective for mass deployment.
For better or worse, passwords and two factor authentication still rules the day.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now