Biometric data, as a method for safeguarding devices, is currently surging in popularity. Compared to keying in credentials or patterns, a quick fingerprint or iris scan is convenient for the user. What’s more, biometrics are being touted by hardware and software developers for their superior ability to safeguard devices.
Smartphone makers, including Apple and Samsung, have implemented biometric security methods for their flagship devices, such as the more recent iPhone models and the Samsung Galaxy S8 series phones. Personal computer makers and PC software developers have been following the trend, introducing a wave of new products including biometric security. Windows 10, for instance, incorporates a biometric authentication system called Windows Hello. The latest version of Apple’s MacBook Pro has a fingerprint sensor embedded in its Touch Bar.
The slick and convenient operation of biometric-enabled devices has made them popular with consumers, at least where those features have been implemented in an effective way. But are these security capabilities truly superior to other methods?
Experts are starting to have their doubts.
Biometrics Can Fall Short
In several recent tests, researchers have surfaced some alarming security shortcomings with biometric security features. In one example, a BBC reporter had his twin brother successfully fool the voice recognition system tied to his HSBC account. In another experiment, the hackers at Chaos Computer Club reported that they successfully breached the Samsung Galaxy S8’s iris scanning system using a facial image and contact lens.
And the fingerprint scans that are becoming commonplace on consumer devices? Researchers warn that the partial scanning method that makes the feature usable also reduces its effectiveness. Essentially, a fairly large number of users could match the partial print.
As a one-and-done method for securing devices and systems, biometrics may be convenient, but they have a long way to go before truly becoming a superior method. At present, they are best used as part of a multi-factor authentication system, requiring another form of unique credential.
Organizations that would like to work with biometric security features should think about the technology in these terms.
No technology overcomes the need for a comprehensive security strategy. If your firm is interested in building a security plan that incorporates biometrics, Lunarline is prepared to help you get to where you need to be. Contact us today to learn what we can offer.