Last updated: 27 April 2017
Biometric authentication is becoming increasingly popular for unlocking phones and getting us through banking security. It’s soon expected to render passwords and PIN codes outdated, transforming our lives for the better in many ways.
Technology companies and service providers are looking after our unique attributes such as our fingerprints, voice prints and iris scans. These differentiators distinguish us from other individuals and ensure only the correct owners can access their solutions. What’s particularly exciting about biometrics is that it offers the possibility to improve two key aspects of a service, which tend to be in conflict:
- A smoother user experience
- A stronger protection against fraud
Fortunately, there is no trade-off here. An easy user experience often means less security, and improving security can make the process more cumbersome for the user. Not in the case of biometric authentication.
However, is it realistic to expect passwords to disappear soon?
The USAA (United Services Automobile Association) provides a good example of the shift away from traditional verification methods. Millions of members are choosing biometric authentication over the traditional password, recognizing its benefits in terms of convenience, speed and security.
Authentication: a brief history
From a practical perspective, there are different ways to protect things and to authenticate a person: what we know, what we have, what we are, and what we do.
Traditionally, the first two methods have been the most popular: ID cards, passports and corporate badges correspond to what we have (sometimes as an artefact of what we are). Meanwhile, passwords provide a way to verify what we know (for example, authentication for online services, unlocking personal devices, etc).
What will radically change in the coming years is the exponential growth of the two other methods: what we are and what we do, thanks to biometrics solutions entering the mainstream and replacing traditional techniques.
It doesn’t mean that the “what we know” method – especially passwords – will totally disappear. They will still be adapted to some situations (for non-critical services or as back-up solutions). However, passwords will become less important to the verification process.
Remember when people had to memorize important phone numbers?
This caused confusion, as remembering long codes proved difficult and tiresome. Now, everything is stored in a phone’s memory and contacts are synchronized, enhancing efficiency and convenience. People feel the same about passwords. They expect secure solutions to improve their experience.
We must also bear in mind how fingerprint verification is the first major step towards biometric “democratization”. Apple and Samsung have popularized its use for mobile services, including mobile payments.
The usage is expected to reach bank cards as well – Gemalto is highly active on this topic and you can expect to see a video next month on our website.
Other forms of biometrics are being developed for security or commercial uses. These include facial recognition, electrocardiogram, finger or palm vein, iris recognition, voice recognition, to mention just the most popular ones.
Biometric authentication puts the user at the center of the proposition, which is by far the best approach for an innovation. Authentication methods should always aim to simplify our interactions with the virtual world.
Of course, legitimate questions around safety and privacy remain, which need to be addressed by security experts and the wider industry. As we’ve discussed elsewhere on the blog, building trust will be crucial.
To conclude, biometrics is an advanced tool that can be enriched with multi-layered security processes and combine several authentication methods, adapting to different services.
Stay tuned for more updates about biometric authentication and its potential to change the way we engage with our devices and the world around us. Plus, remember to tweet to us at @Gemalto if you have any questions, or leave a comment in the section below. You can read more here.