From spoofing to iris scanning -- the future of biometrics
As we enter the first part of the new year, we’re setting our resolutions (or perhaps already breaking them), and reflecting on 2016. We witnessed many highs and lows last year, and it seems it’s trendy right now to bemoan everything that happened. This is no different in the security world. We saw some of the biggest -- and highest profile -- breaches of all time (DMC and Yahoo, just to name a few) and nearly all of them involved compromised, weak or reused passwords.
Everyone can agree that passwords are no longer adequate for protecting information online: even the most complicated passcodes can be broken relatively swiftly with a sophisticated algorithm -- or a specially targeted spoofing email. In an attempt to combat this, companies have been adopting new approaches, like tokens, OTPs and multi-factor authentication -- but many experts are pointing to biometrics as the next big thing -- especially for industries rife with risk, like finance, healthcare and government.
Just like in the movies, our own body parts are becoming the key to our digital identities and personal information. This type of technology could eventually replace passwords altogether, since it’s far more difficult to spoof or replicate someone’s biometric data than it is to steal or figure out a simple username and password.
Here are some of the ways biometrics will make a splash in 2017, and what up-and-coming innovations companies can expect as we look to the future.
An Increase in Iris Scanning Within Security-Needy Industries
While the launch of Samsung’s Galaxy Note7 literally crashed and burned, it’s legacy will be that it got the ball rolling on widespread adoption of iris recognition technology. In 2017, I believe that we’ll begin to see this catch on with security-sensitive industries such as financial services and the government. We’ll also begin to see more devices hit the market that integrate these capabilities.
Biometric Deployments in E-Commerce Will Skyrocket
There has been an influx in recent testing of mobile payment authentication using facial and fingerprint recognition within the United States, and I expect that this trend will take off as more companies go through successful trials and see high levels of user acceptance.
Next Up: Wearables and IOT
We’ll be seeing a significant uptick in biometric integration with wearables, including smartwatches and fitness bands, as well as the Internet of Things. Many new devices are already starting to integrate face and voice recognition, including Amazon’s Alexa, and I wouldn’t be surprised if we begin to see similar implementations throughout the automotive sector in 2017.
The Emergence of Smartphone Behavioral Biometrics
In 2016, Google began working on a biometric based on how someone uses their smartphone. Basically, they want to use all of the data they can get, including typing patterns, voice, touch, your hold and how hard you press the screen, to build a trust score that is updated in real time. If (and it’s a big if) Google can pull this off, it will change the future of authentication.
Here Comes the Spoofing
Biometrics are providing improved convenience and security by replacing usernames and passwords, but it could come with a price as we’ll soon begin to see an escalating arms race of biometric spoofing attacks. It’ll be possible for plastic finger tips, photographs that fool simple facial recognition systems and even highly technical voice recordings to manipulate sensors. To thwart this threat, the industry will need to adapt by implementing measures such as behavioral biometrics, liveness checking and multi-factor authentication.
These are just a few ways biometrics will make waves over the next year -- and many of these innovative technologies are already underway. While we may not know exactly what the future holds (though we can predict), we do know biometrics will continue play an increasingly bigger role in our society.
A seasoned executive in the financial technology space, James Stickland is tasked with driving business revenue and investment growth, as well as leading the company’s global go-to-market strategy for its flagship solution, VeridiumID. Based out of the company’s London headquarters, James comes to Veridium from the UK-based fintech firm Red Deer Systems. Previously, he held senior leadership roles at HSBC, JP Morgan Chase and CISCO SYSTEMS, where he specialized in expanding a pipeline of venture capital and accelerating innovation within emerging technology portfolios.