Mobile biometric authentication is already taking off, with consumer and banking apps embracing the technology to provide a convenient yet secure way for users to log in. However, even as this industry grows, concerns over privacy and how we protect data are raising important questions and conversations regarding how we are using biometrics.
The Future of Authentication
Few would argue that the future of user authentication and identity management won’t include biometrics, the question is how, and to what extent. Fingerprinting is already widely accepted by consumers, but this is mostly due to how readily available it is in leading mobile devices. As new technology is introduced, from iris recognition to other biometrics, we are likely to see user adoption plateau in some ways.
The idea of using biometrics for authentication is predicated on the understanding that we need a way to prove our identities that’s stronger than a password. However, some security experts raise the point that using multi factor authentication, with different methods of authentication used for varying levels of security, would be better and more convenient in the long run.
Enter Behavioral Biometrics
Though we have discussed behavioral biometrics in the past, the technology is still slowly developing, and there are few solutions being deployed fully on the market today. Behavioral biometrics offers a simple way to implement continuous low-level authentication, or a “trust scale” that compares continuously collected data with stronger authentication captures. IBM recently announced a focus on behavioral biometric capabilities with Trusteer Pinpoint Detect for real-time fraud detection.
“This new behavioral biometric capability leverages cognitive technology that seamlessly analyzes user’s’ mouse gestures, understanding subtle mouse movements, and delivers actionable risk recommendations,” Satti Charles, a Financial Crime Prevention Strategist with IBM Security Trusteer, told Government Info Security. “And these capabilities help to maximize detection, reduce false positives and optimize strong authentication.”
Deploying Better Security
What we need to remember is that any authentication solution deployment needs to be flexible and scalable. Behavioral biometrics is a strong way to provide fraud detection, but in order to ensure actual security, a stronger authentication solution through a direct fingerprint, iris, or face match is still needed. Furthermore, the platform that authentication and matching occurs on also needs to optimize security and the protection of user data.