The good and the bad about biometrics | And, is there a better bet?

The good and the bad about biometrics | And, is there a better bet?

Biometrics has existed since 1850’s. Just that we knew very little about it back then. One of the many first evidences of biometrics in action was when the handprints of Civil Service workers in India were recorded to distinguish them from others who claimed to be workers on payday. It was not before the early 1990’s when this technology gained momentum. During the time phthalmologist Frank Burch proposed using iris patterns in recognizing individuals. Soon after we saw the birth of face recognition and voice authentication.

Biometrics was an exceptional technology breakthrough in user authentication even back then. However, its usage and applications were limited.

The past decade has been a boom period for biometrics. Digitalization has opened up a great many doors for this technology to beam through. 

Life (majorly) happens online today. And, as the world spins around data it has become a major breeding ground for data privacy concerns and threats. Newer forms of online frauds have taken roots in a data mulched environment, strengthening the need for biometric user authentication.

Every industry – eCommerce, banking, travel, insurance – recognizes the need for sterilizing fraud and securing online transactions.

In Support of Biometrics – Statistics from Around the Globe 

Equifax research points out that 56% online users prefer biometric security over traditional authentication methods such as passwords. 

A Visa survey cites three main reasons why biometrics is popular amongst consumers. Nearly 40% of the survey participants believe that this technology offers improved security over passwords.

The travel industry is also taking off to great heights with advanced biometrics applications in place. The future is promising for this industry as stats suggest that 80% of Americans have no qualms sharing their personal data for improving user experience.

The Biometrics-as-a-service market is estimated to hit nearly USD Twelve Billion by the end of 2026

All this said, can we conclude that biometrics is the safest, most non-vulnarable technologies of all? Certainly not.

For every fingerprint lock created there is a dummy dummy finger being created by fraudsters who neatly copy fingerprints to bypass a complex and 90% secure system with ease.

It’s easy for biometric fraudsters to steal data.

Fingerprints can be lifted off a photo or from any object that a user has touched. Fooling a facial recognition software isn’t rocket science either.  

Biometric Authentication is not the Best Possible Answer to Lurking Fraud Concerns

So you know now – Physical or static biometric modalities – fingerprints, iris, voice, face features, are not the best answers to sophisticated crimes. 

Even something as unique as voice isn’t the best authenticator for a user. This HSBC case about failed voice system security will leave you baffled about how the best of biometric-protected systems fail. 

Using impersonation and obfuscation techniques, fraudsters can even hack into advanced iris, vein, and DNA-based security systems.  

The worst thing about using traditional biometrics is that once a breach takes place it becomes very difficult to catch a fraudster. You can’t distinguish an authenticated user from a scammer once the login is successful.

A Step Ahead in the Game with Multi-Factor Authentication

One of the most commonly used data protection methods these days in the realm of biometrics is multi-factor authentication. Like the name goes, this approach makes use of multiple physical modalities to authenticate and approve access into a system.

For example, along with your fingerprints, you may be asked to submit a voice command for logging in.

Although a little more complex to break into, even multi-factor authentication, doesn’t fit the current definition of robust solution to fraud. In addition, it’s frustrating for users to attempt logging in with multiple authentication steps to complete.

Imagine trying logging in with your mobile device’s speaker phone (unknowingly) disabled. It’s definitely frustrating when technology for your betterment ends up spoiling the whole experience instead of easing it down.

The Human Behavior Code – A Truly Unique Approach to Biometrics

Neither traditional nor multi-authentication biometrics stand a chance against burgeoning sophisticated cybercrime. These identification and authentication systems are based on identification and analysis of:

  • Who a user is
  • What interactions he performs/What they do using a device

As opposed to these two approaches there is another technology being developed and quickly gaining popularity in the security ecosphere – Dynamic biometrics. This fairly new technology looks untaps into user behavior on devices to identify unique patterns and use those patterns for authenticating and approving actions and transactions.

While fraudsters may be able to crack your fingerprint code they can’t certainly decode how you ‘uniquely’ type your code on your device (the speed at which you are typing is unique just to you!)

A biometric typing profile of a certain user comprises their typing speed, the angle at which they hold their phone while typing, and the pressure on keys when they hit and release. While analyzing and building unique user biometric profiles, security experts take into account keystrokes, mouse movements, and screen swipes, etc. Suspicious or fraudulent activity can be detected when there is a discrepancy between recorded and exhibited behavior. If a discrepancy exists the activity being performed by the user is flagged as fraudulent.

Concluding remarks

A steady increase in the supply of identity and financial data in an online world has provided fertile grounds for fraud. Scamsters can easily attack vulnerable data to create fake new accounts in the victims’ names, misusing personal information like their credit card details to carry out fraudulent transactions. Phishing, formjacking, credit card fraud, and even online dating scams are rampant today.

We witnessed the rise of biometric authentication in the past decade when such fraud had just started to show its fangs. The world had underestimated the genius behind cyber fraud. Thankfully, we are in a world where technology is helping us rapidly build newer, stronger systems in place when the old starts to weaken and crumble. One such advancement is behavioural biometrics.

Share with Your Network or over Email

Leave a Reply