Data breaches have proved that passwords are not that effective even when there’s no human error involved. For passwords to be effective, one needs to use passwords of between 12 characters to 16 characters long.
This also gives rise to another problem given that you are not advised to use a single password for all your accounts – remembering all of them. To ease this, we have a password manager, but even though, you need to have a strong and long master password. This may seem like a good solution till you realize there’s a keylogger in your system. To reduce security flaws and as a way to enhance security, researchers came up with biometric authentication methods. It until recently that they have been put extensively into use especially by smartphones and other industrial applications. Given the two authentication methods, passwords and biometrics, it’s the trust factor that comes to play.
In a research conducted by Help Net Security, a survey was done on 68 percent of European citizens, and the outcome was revealed that it all boils down to trust. According to the research, individuals said their trust level would increase if biometrics were used for multifactor authentication. So, what makes a lot of people to opt for biometrics rather than passwords and passcodes?
Benefits of Biometric Authentication
According to the survey, respondents preferred biometrics and were ready to ditch passwords because; you don’t have to remember your biometrics, change it regularly and even protect it. With biometrics, its also easier to authenticate and they speed up the process. Many believe that biometrics are more secure in which 61% preferred fingerprint scans while the rest liked the idea of iris scanning. Also, TechTarget noted that biometrics would be viable on the Internet of Things as they can replace poorly crafted stock permissions and passwords.
Although authentication varies from one industry to another, it’s expected that biometrics will be sophisticated and be on the rise in the coming days.
How Will Biometrics Impact Security
Even though there are some downsides when it comes to biometrics, it’s for sure that security will improve and become tighter. Regarding the flaws, biometrics implementations will be such that they complement each other while adding another layer of security. For instance, let’s take three common biometrics, voice recognition, iris/facial scanning and fingerprint scanning. A hacker can spoof one of the techs individually but not when they are combined. Combinations make them harder to spoof as well as eliminating their weaknesses. Mark Nelsen, senior vice president of Risk Products and Business Intelligence at Visa believes using all them at once is better. “For any environment, there isn’t a single perfect authenticator. Voice can be awesome unless you’re in a loud environment, the face can be great unless it’s really dark, the fingerprint is great unless your finger is wet. That’s why we want to incorporate as many as we can and then ultimately we think consumers will decide which they prefer to use.”
According to the current trend, consumers prefer convenience to security. With both biometrics in play, consumers get convenience needs taken cared of at the same time security being buffed up. With the implementation of standards and the right regulations that will clearly stipulate how the biometric data may be collected, used and destroyed, everyone will be ready to ditch their passwords.
Spoofing concerns
Yes, the three famous biometric authentication methods have been spoofed moments after their release. But it wasn’t as easy as you may think. For example, the chaos computer club successfully spoofed the Samsung Galaxy S8’s iris recognition system. For them to be successful, they capture the iris in a night shot mode using a digital camera. They then laser printed it and added a touch of realism – a contact lens for the eyes curvature. Apple’s Face ID has also been spoofed after undergoing many unsuccessful attempts. The one that went through involved a 3D face mask.
An average thief won’t go through these spoofing attempts in order to breach a security system. Even experts are also finding it harder to spoof the biometrics as they are evolving. Just to see how its hard to spoof the biometrics, here is an illustration how they compare to a typical 4-digit pass without the lockdown mechanisms in play. The chances that a random person can gain access via passcodes are 1 in 10000. With the touch ID, the chances get narrow as they reduce to 1 in 50000 to get someone to whose fingerprint might match yours. For Face ID, that chance is even narrower, and they drop to 1/1,000,000. Even twins conducted an experiment to fool the Face ID but all in vain. For mainstream purposes, the odds will continue to be narrower as they evolve.
Emerging trends
Since passwords are more prone to breaches and the current biometrics are not that failproof, there’s a big shift towards more secure methods. In the coming years, fingerprint scanners will not only scan the surface of your skin but also the dermis. Using dummy fingerprints to fool scanners won’t work anymore. Apple took Facial scanning a notch higher by the use of infrared and true depth. It’s for sure the next tech will be more into genetic materials. Currently, treading in the Human authentication, that’s we are working on behavioral biometrics. They analyze interactions, learn and track our movements on the phone such as how we swipe and so on. Combining with another biometric layering, they can when someone is accessing your device illegally. They will then shut it down, send an alert or even engage other security mechanisms.