Biometric authentication: the good, the bad and the ugly

Claire Hatcher, Kaspersky’s Global Head of Business Development for Fraud prevention, assesses the current state of biometric authentication and evaluates whether we are truly ready to embrace biometrics at our current rate.

Today, our physical characteristics are becoming the key to digital authentication, gradually replacing PINs and passwords. With many services becoming digital and automated, our unique biometric data is becoming a vital element in unlocking them. Biometric authentication is used to access mobile phones, personal and corporate laptops, industrial systems, commercial and government offices – but the number and the variety of applications for these technologies is growing. Whether customers are unlocking a shared vehicle using a fingerprint scanner or accessing their Spotify or Netflix account via facial recognition, biometrics enable developers to create detailed, digital customer profiles and a truly seamless user experience. The popularity of solutions such as Apple’s TouchID can certainly be considered proof that biometrics are well trusted by consumers – but should they be? 

While the use of fingerprint or facial recognition for device authentication is now commonplace on smartphones and tablets, it’s not just the biometrics that you see on your device. Biometrics can be embedded within a multitude of devices, including GPS, touch screens and cameras. However, despite biometrics becoming increasingly popular among everyday consumers, there are still risks to individuals around fraud and identity theft. Based on its growing popularity, it’s safe to assume that biometric authentication is here to stay. But its rising prevalence also comes with rising concerns about the technology’s level of security, and the possible implications that can stem from it if compromised. It is therefore extremely important to elevate the conversation now within the relevant industries to educate consumers and develop a collaborative approach to ensure this data is protected. 

Securing biometric authentication for the future 

Biometric identification is playing a growing role in our everyday security. Physical characteristics are relatively fixed and individualised — even in the case of twins. Each person’s unique biometric identity can be used to replace or at least augment password systems for computers, phones, and restricted access rooms and buildings. Given the importance of authentication in online transactions, and the key role played by passwords in authentication, this is data that cybercriminals have been consistently interested in since the advent of online transactions.  

New technologies are always vulnerable — because they are new. Biometric data stored by a service provider is just as valuable a target for cybercriminals as a database containing usernames and passwords. Any security breach resulting in leakage of this information is likely to have much more serious consequences than the theft of a password: after all, we can change a weak password or PIN, but we cannot change a compromised fingerprint, or other biometric. There are also privacy implications of replacing an ID to verify someone’s age with biometrics.  

Biometric data, unlike a username or password, is persistent: we carry it with us for life. Therefore, it’s important that people are informed about the way biometric data is used and held, and under what circumstances it might be passed on to other agencies. Biometrics of all kinds are an effective way of identifying a customer, but this technology should be used as a secondary protection method that complements other security measures rather than replaces them completely. People should have the ability to use technologies free from worries, unnecessary limitations and other obstacles brought by cybersecurity risks.   

Biometrics will become an increasing part of authentication options, with more sophisticated technologies and approaches to secure its development in the future. The use of behavioural biometrics for authentication can make a real difference – making the task of authenticating almost frictionless. Behavioural biometrics also enable the financial industry to view the user activity, analysing typical navigation and time patterns, how the user acts and their interaction with the device, including mouse movements, clicks, touches, swipe speeds and more, to detect whether a device is being used by a legitimate user or not. The technology is also often used to detect either a bot or script. For example, the financial industry uses behavioural biometrics to help distinguish between legitimate users and cybercriminals, identifying people by how they behave and interact online rather than by static information or physical characteristics. 

Are we entering the age of biometrics? 

Biometric technology has the potential to be used in a variety of sectors and provides endless opportunities for innovation. Use of biometrics on mobile devices is becoming increasingly common, as most recent smartphone models have at least one built-in mechanism for biometric authentication. Biometrics has become so embedded in our devices and the way we live that it is almost invisible to the end consumer. However, it’s important that these security vulnerabilities are made visible – and then eliminated, before we entrust sensitive data unsafely.  

READ MORE:

As these concerns are addressed, we can expect to see adoption of biometric technology increase significantly, like the adoption patterns of other technology such as smartphones and online banking. For example, people were initially wary of online banking, but now it’s hard to find anyone who doesn’t bank online. There will always be early adopters of new technologies, but in time biometric technology will become mainstream across all industries. After all, the possibilities are endless. 

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Luke Conrad

Technology & Marketing Enthusiast

Choose an AI solution to transform beyond technology

Kit Cox • 09th December 2024

The first step is knowing exactly what your business wants to achieve with AI; think faster, smarter and more efficient. Once you know what you are working towards, you can start looking for a solution that can help you make it a reality. AI integration can feel like a daunting task at the beginning, so...

A Roadmap to Security and Privacy Compliance

John Lynch Director of Kiteworks • 04th December 2024

Only by understanding the current regulatory environment and implementing robust data protection measures, can organisations enhance their security posture, ensure compliance, and build resilience against the latest cyber threats. This article provides a comprehensive roadmap of how to do it.

Data-Sharing Done Right: Finding the Best Business Approach

Bart Koek • 20th November 2024

To ensure data is not only available, but also accessible to those that need it, businesses recognise that it is vital to focus on collecting, sorting and governing all the data in their organisation. But what happens when data also needs to be accessed and shared across the business? That is where organisations discover a...

Nova: The Ultimate AI-Powered Martech Solution for Boosting Sales, Marketing...

Erin Lanahan • 19th November 2024

Discover how Nova, the AI-powered engine behind Launched, revolutionises Martech by automating sales and marketing tasks, enhancing personalisation, and delivering unmatched ROI. With advanced intent data integration, revenue attribution, and real-time insights, Nova empowers businesses to scale, streamline operations, and outperform competitors like 6Sense and 11x.ai. Experience the future of Martech with Nova’s transformative AI...

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...