People prefer biometric security authentication to passwords because PINS and passwords readily get hacked and are challenging to remember. While passwords are the current what you know method, your physical characteristics are "what you are."
And there's only one you. (Read New Advances in Biometrics: A More Secure Password.)
But, picture this: a four-year-old child noticed that Amazon dropped gifts on their doorstep after her mother swiped her pinkie on the iPad's touchpad. So, the child used her sleeping mother's pinkie to unlock the device and, going to Amazon.com, one-clicked that beautiful pink bike.
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
True story. Incidents like that happen all the time. (Read How Passive Biometrics Can Help in IT Data Security.)
Gartner, a leading research and advisory company, claims certain physical and behavioral characteristics, like your facial features or the way you type, are more secure than your password.
In contrast, critics count millions of data breaches and they're growing every day.
Over the last decade, scientists unleashed various biometric verification identifiers to dramatically improve enterprise security.
The most common biometric identifiers are:
Join this interactive round table to learn more about HCI and how this technology helped a mid-sized, service-oriented, and process-intensive company to simplify its IT while providing better services, aligned to increasing business needs.
Used to unlock door panels, devices or computers of approved users, among other user cases.
More specifically the iris, sclera or retina, where devices equipped with cameras scan the unique patterns of your eyes.
For example, prompt server room doors to swing open automatically when cameras recognize the faces of trusted system administrators.
For example, digital assistants and telephone-based service portals use voice recognition to identify users and verify customers. (Read Voice Recognition Technology: Helpful or Painful?)
Other image-based authentication methods include facial contortions, veins in your hand, the shape of that hand, body odors, and the shape of your ears.
More recently, researchers at the University of Buffalo developed a way that you can use heartbeats for your new pass-code, while, at the same time, a $1,000 pocket-sized scanner hit the market for scanning DNA.
According to a recent Ping Identity survey, 92% of IT and security respondents rated biometric authentication as two of the top five most effective security controls, and 80% said it is effective for protecting data stored in a public cloud.
Around the same time, a Spiceworks survey reported that 62% of companies are already using biometric authentication, and another 24% plan to deploy it within the next two years.
The Amazon-grubbing child is one of scores of incidents that plays havoc with biometrics authentication. Two years ago, on a Qatar Airways flight a woman used her husbands fingerprint to unlock his phone while he was asleep, to divulge his infidelity.
It's super easy to copy fingerprints as cybersecurity and emerging technologies advisor, Joseph Steinberg remarks:
For well over a decade, I have been outspoken against the widespread use of fingerprints and most other forms of biometric authentication as a means for authenticating people among the serious problems with such schemes are the fact that biometric information is not secret (you leave your fingerprints on everything that you touch, and often show them in pictures, for example).
You want to know the cheapest simplest fastest way to crack into your boss iPad? Use play-dough.
And look for high-definition photos where your boss high-fives, makes the Vulcan peace sign or raises his hand to ask a question just like the hacker who recreated a German ministers fingerprints using photos of her hands in 2014.
There are bundles of other tricks that include researchers using voice scanners to impersonate your voice, iris scanners that match your retinas and face scanners that trick facial recognition login with photos from, say, Facebook even 3D-printed heads.
Aside from that, facial recognition devices can readily be fooled by false positives, such as if your voice is hoarse, you switch hair-styles, you wear sunglasses, or don a mask for Halloween.
So, fingerprints, voices and faces are out, but so, too, are heart-beats, DNA, body odors, and eyes. If they get compromised, you can't just roll out your eyeball and replace it with another
Biometric authentication is convenient, but privacy advocates fear biometric security erodes your privacy. Companies could easily collect and exploit your data on, say, where and when you typically use your phones.
Hackers could replicate and sell these biometrics for tracking and marketing your behavior and movements. As Robert Capps, VP of Business Development at NuData Security warns, Once biometric data is stolen and resold on the Dark Web, the risk of inappropriate access to a users accounts and identity will persist for that persons lifetime.
Even the multi-factor security model of Indias Aadhaar the worlds largest biometric identification system succumbed to hackers in 2018.
Had you been interested, you could have bought the personal data of more than one million citizens of India on WhatsApp for less than $10.
Susan Rebner, CEO of Cyleron, national security company, said she believes that's the next step and something her company's working on.
For example: devices analyze the way typists slide their fingers across desktops while sliding doors discern the person's stride; computers kick up at a person's finger impact on the keyboard, while mobiles recognize a user's hand tremor when punching numbers, among other items.
Other methods include speech recognition (used, for example, by USAAs mobile app) , well as signature verification (used, for instance, by banks on letterheads and other documents).
Any user behavior that veers from their norms and the device or system locks those users out.
You can protect passwords by hashing them into chains of digits and letters. Scientists say you can do the same with biometrics, encrypting them on a secure server.
In an interview for Biometric Update, Infinitys CEO Alfred Chan said their company's Quantum-Crypt technology developed hashed solutions for iris, fingerprints, and 2D face modalities, and is now exploring 3D modalities.
You can combine biometrics authentication with blockchain technology, or the decentralized ledger, where platforms are open-ended and shared by other participants. (Read Can the Blockchain Be Hacked?)
This means, any attempt to modify the data is detected by other users who subscribe to the platform.
While behavioral biometrics seems the most secure by far, analysts warn that the system needs to be regulated for data privacy and security and that the method needs broader testing to screen out false positives or false negatives.
On blockchain technology and hashed biometrics, MIT researchers recently showed how hackers could breach the allegedly "unhackable" blockchains.
Certainly, the same goes for cracking your hashed password to retrieve those biometrics.
Europeans have the General Data Protection Regulation (GDPR) that gives consumers protection over their personal data including biometrics. (Read How Cybercriminals Use GDPR as Leverage to Extort Companies.)
The U.S., to date, only has a hodgepodge of overlapping and contradictory laws from industry groups and federal as well as local government agencies - and that's despite its June 2015 hack of the US Office of Personnel Management where cybercriminals pilfered more than 5.6 million fingerprints of government officials.
If you're a business that wants to use biometrics authentication to shield your data, you're likely to benefit from this 1-2-3 proactive approach.
Regularly educate your staff on the biometrics security system you use and on how to ensure data privacy. You would also want to use strong passwords and store your biometrics in three places at best. Further, keep your operating system and Internet security software current so hackers can't crack it.
For greater security, use a combo of identifiers, so, for example, add fingerprints to facial recognition, like the new LG V30 smartphone that combines facial and voice recognition with fingerprint scanning. Some security systems also include additional features, such as age, gender, and height, in biometric data to thwart hackers.
Humans can dupe facial scanners by wearing a mask or makeup. Add a human to your security checkpoint for ultimate security.
Oh, and by the way...
You may want to observe the Illinois 2008 Biometric Information Privacy Act, where a company that collects its employees data must notify them on how the data will be used and stored and get their consent. Doing so saves you from privacy lawsuits from employees and customers whose biometric data you store.
Hackers are always going to be one step ahead of you.
Beat them to the trick by combining passwords with biometrics authentication systems and putting humans in the loop to improve security.
Also remember those privacy concerns.
While biometrics authentication technology is not foolproof, you may find it gives you less problems than passwords - as long as you keep on top of the system.
- Get In Depth Analysis Of How Covid-19 Is Impacting The Internet Security Software Market - The Daily Chronicle - September 12th, 2020
- Better late than never: Zoom boosts security with 2FA - Verdict - September 12th, 2020
- Show and Tell: The Gryphon Tower Mesh Wi-Fi Security Router - Grit Daily - September 12th, 2020
- Internet of Things (IoT) Security Market 2020 Trends, Market Share, Industry Size, Opportunities, Drivers, Outlook, Analysis And Forecast To 2028 -... - September 12th, 2020
- Ensuring cyber awareness in the healthcare sector - Help Net Security - September 12th, 2020
- Internet of Things (IoT) Security Market Size, Regional Outlook, Competitive Strategies and Forecast by 2026 - The Daily Chronicle - September 12th, 2020
- Internet of Things Security Market, Share, Growth, Trends And Forecast To 2027: Dataintelo - Scientect - September 12th, 2020
- Kaspersky: 37% of internet users in SEA think they won't be targeted by cybercriminals - SoyaCincau.com - September 12th, 2020
- TikTok and WeChat may raise security concerns, but Trump's knee-jerk reaction isn't the way to deal with them - NewsChannel 3-12 - KEYT - September 12th, 2020
- Helping companies prioritize their cybersecurity investments - MIT News - September 6th, 2020
- Rapid7 NICER - starting a conversation on internet security | Company Report - FinTech Magazine - The FinTech & InsurTech Platform - September 6th, 2020
- Kansans are getting letters saying they applied for unemployment. The problem? Some never did. - Pittsburg Morning Sun - September 6th, 2020
- Embedded Security For Internet Of Things Market 2025 Opportunities, Applications, Drivers, Limitations, Companies, Countries, & Forecast - Express... - September 6th, 2020
- Why should you use a VPN on your iPhone and Mac? - Cult of Mac - September 6th, 2020
- 'No longer safe in their classroom:' NHCS remote-learning session hacked, sexualized profanity used - Port City Daily - September 6th, 2020
- How Romania is Solving Technology and Poverty Disparities - Borgen Project - September 6th, 2020
- How government is delivering better election security - GCN.com - September 6th, 2020
- Internet of Things (IoT) Security Market Report: Regional Data Analysis By Production, Revenue, Price And Gross Margin - Kewaskum Statesman News... - September 6th, 2020
- What is the quantum internet? Everything you need to know about the weird future of quantum networks - ZDNet - September 6th, 2020
- How automation testing stays crucial to the future of Internet of Things (IoT) - Latest Digital Transformation Trends | Cloud News - Wire19 - September 6th, 2020
- One of the largest internet outages ever recorded occurred this weekend - TechRadar - September 6th, 2020
- A third of companies are exposing unsafe network services to the internet - BetaNews - September 6th, 2020
- Meet The New Anonymous100 Million BTS ARMY And K-Pop Stans, A Cyber Threat To Be Reckoned With - Forbes - September 6th, 2020
- Is Wall Street winning in China? - The Economist - September 6th, 2020
- 60 Seconds In Cybersecurity: Heres What Happens In Just One Malicious Internet Minute - Forbes - August 28th, 2020
- Research Report prospects the Internet Security Software Market - Owned - August 28th, 2020
- Cyber Security Market to Benefit from Increasing Application of AI and IoT Technologies - GlobeNewswire - August 28th, 2020
- Hackers are exploiting the 'Internet of Things' - ITProPortal - August 28th, 2020
- Distributed Denial of Service (DDoS) Protection Market Will Generate New Growth Opportunities in the next upcoming year - The Daily Chronicle - August 28th, 2020
- IT Security Market to Remain Competitive | Major Giants Continuously Expanding Market - The News Brok - August 28th, 2020
- Internet Of Things Iot Security Market : Global Industry Analysis And Opportunity Assessment 2026 Cisco Systems, Inc., Ibm Corporation, Intel... - August 28th, 2020
- Click Fraud Risk as Smartphone Is Discovered with Pre-Installed Malware - Infosecurity Magazine - August 28th, 2020
- The ability to hear, be heard and be understood is vital The importance of audio communication devices in security - IFSEC Global - August 28th, 2020
- Wrap your ears around Episode 451 of the Two Blokes Talking Tech podcast - Tech Guide - August 28th, 2020
- Taking stock of the Chinese factor in American elections - Arab News - August 28th, 2020
- How to choose and set up a business VPN - TechRadar - August 28th, 2020
- Internet Grows to 370.1 Million Domain Name Registrations at the End of the Second Quarter of 2020 - Social News XYZ - August 28th, 2020
- Internet of Things Security Market Analysis by Size, Share, Growth, Latest Innovation, Trends and Forecast 2019 2025 - Scientect - August 28th, 2020
- The TikTok Ban Should Worry Every Company - Harvard Business Review - August 28th, 2020
- TLS and VPN Flaws Offer Most Pen Tester Access - Infosecurity Magazine - August 28th, 2020
- The Center for Internet Security (CIS) Use Cases and Cost Justification - Security Boulevard - August 10th, 2020
- Peering into the Future of Sino-Russian Cyber Security Cooperation - War on the Rocks - August 10th, 2020
- Internet of Things Security Industry Market Sales, Price, Revenue, Gross Margin and Industry Share 2020-2025 - Express Journal - August 10th, 2020
- Insights on the Cyber Security Global Market to 2028 - Featuring Dell Technologies, Fireeye & Fortinet Among Others - GlobeNewswire - August 10th, 2020
- So What Does Trump Have Against TikTok? - The New York Times - August 10th, 2020
- Internet of Things (IoT) Security Market Size, Development, Key Opportunity, Application & Forecast to 2025 - Chelanpress - August 10th, 2020
- Someone just dumped 20GB of internal Intel data on the Internet - TechSpot - August 10th, 2020
- Malaysia Internet of Things (IoT) Security Market Size, Global Future Trend, Segmentation, Business Growth, Top Key Players, Opportunities and... - August 10th, 2020
- Global Internet of Things (IoT) Security Market 2020 Competitive Analysis Cisco Systems, Intel Corporation, IBM Corporation - Owned - August 10th, 2020
- Common Internet of Things security pitfalls Urgent Comms - Urgent Communications - July 29th, 2020
- US starts work on making virtually unhackable internet a reality; All you need to know about Quantum Internet - The Financial Express - July 29th, 2020
- Internet Of Everything (IoE) Market Growth Analysis By Manufacturers, Regions, Types and Application Forecast - Market Research Posts - July 29th, 2020
- What are you giving away on social media? | IT PRO - IT PRO - July 29th, 2020
- Explained: Why is spyware, stalkerware gaining traction during the pandemic? - The Indian Express - July 29th, 2020
- Are we seeing the beginnings of an Indian internet? - Deccan Herald - July 29th, 2020
- What the Tech? Check Your Internet Security When Working from Home - Alabama News Network - July 27th, 2020
- Security of the internet is improving, but there is work to be done - Security Magazine - July 27th, 2020
- Outlook on the Internet Security Software Market to 2025 by Application, End-user and Geography - CueReport - July 27th, 2020
- U.S. Government Says Its Building A Virtually Unhackable Quantum Internet - Forbes - July 27th, 2020
- Amid 'heightened tensions,' US government issues warning to critical infrastructure providers - Utility Dive - July 27th, 2020
- The global Internet of Things (IoT) security market size is expected to grow from USD 12.5 billion in 2020 to USD 36.6 billion by 2025, at a Compound... - July 27th, 2020
- WISeKey to Showcase its Cybersecurity Solutions for Artificial Intelligence Used in Drones and Robots at SIDO 2020 - GlobeNewswire - July 27th, 2020
- Various Politicians, Companies, And Activists Are Targeted By A Secretive Industry - See How India Has Become A Hire-for-hack Place For Other... - July 27th, 2020
- Internet of Things (IoT) Security Product Market Forecasts and Opportunity Assessment Analysis 2019-2025 - Owned - July 27th, 2020
- ESET scores high in the Business Security Test 2020 - My Startup World - July 27th, 2020
- Global Internet of Things (IoT) Security Market 2020 Trends Analysis and Coronavirus (COVID-19) Effect Analysis | KEY PLAYERS MARKET WITH COVID-19... - July 27th, 2020
- The 12 Coolest AWS Tools Of 2020 (So Far) - CRN - July 27th, 2020
- Smart Home Market with COVID-19 Impact Analysis by Product, Software & Services, and Region - Global Forecast to 2025 - GlobeNewswire - July 27th, 2020
- MailVault ties up with BD Soft as the National Distributor, for the Indian Markets - CRN.in - July 27th, 2020
- WISeKey Appoints Ben Stump as Chief Revenue Officer to Drive the Next Phase of its Global Growth - GlobeNewswire - July 27th, 2020
- 4G internet not a security concern, no objection restoring it: JK admin tells Centre - The Kashmir Walla - July 27th, 2020
- This Is a Good Time to Buy Fastly Stock on the Dip - InvestorPlace - July 27th, 2020
- How firms are keeping staff and secrets safe from hackers now everyone is working remotely - CNBC - July 27th, 2020
- Cloudflare goes down, and takes the internet's security blanket with it - Mashable - July 23rd, 2020
- Should You Connect Your Brain to the Internet? - Security Boulevard - July 23rd, 2020
- Global Internet Security Market Growth Rate and Opportunities By 2025 With COVID-19 Outbreak, Top Players: HPE, IBM, Intel, Symantec, AlienVault,... - July 23rd, 2020
- Global Internet Security Market 2020 Growth Rate, Gross Margin, Competitive Situation and Trends, Forecast To 2026 - 3rd Watch News - July 23rd, 2020
- How Coronavirus Pandemic Will Impact Internet Security Software Market Size, Growth Opportunitis, Current trends, Forecast By 2026 - 3rd Watch News - July 23rd, 2020
- IT Security Consulting Services Market 2020: Potential Growth, Challenges, and Know the Companies List Could Potentially Benefit or Loose out From the... - July 23rd, 2020
- Scammers prey on Coronavirus fears - The Tomahawk - July 23rd, 2020