Hackers expose billions of passwords every year. Strong password management is now seen as insufficient in comparison to two-factor authentication. If the second factor is biometric, then this is one of the strongest security practices that still retains simplicity. Self-sovereign identity solution is something that is always on you and is difficult to steal.
Biometrics security is generally made up of three components. First, you need a sensor to read the input, such as a camera to scan your face or a microphone to listen to your voice. Secondly, a computer is required to store the biometrics, and finally, software to connect the computer to the sensor and potentially interpret the
We can divide biometric security into two sections: physiological and behavioral. The former is something that is unique to your body and anatomy, whilst the latter is simply a pattern of behavior that you typically follow. Below are three typical physiological biometrics.
Biometric authentication is different from biometric identification, with the latter being a database of matching a person’s biometrics up to their identity, whilst the former refers to comparing the authentic data stored to the biometric data offered by an individual – a true or false.
The fingerprint scanner on your smartphone is the most common example of securing data with biometrics. The fingerprint need only be set up once initially, which then future fingerprint patterns are then compared to it for a perfect match. It’s difficult to claim it’s perfect in practice because the false-negative rate is high, but it’s very difficult to mimic and steal, making it perfect for second-factor authentication. Plus, most of us already have our fingerprints set up on our mobile, so it’s exceedingly easy to integrate into mobile apps without the user taking any extra steps.
Facial recognition is exactly how it sounds: matching an image of your face to a live on-screen camera. This works by reading different measurements of your face, working out the ratios and distances between the eyes for example. These too are integrated into all new Apple and Android phones, should the user have them enabled, making them another possible option for your app. However, with the increase in the use of masks, the future of facial recognition doesn’t look bright.
Whilst the fingerprint has only ~70 points of reference, the human iris (eye) has over 200. On paper, this gives the iris huge potential within data security. Iris patterns are deeply complex and unique, but do require pretty good cameras. Though, previous smartphones have implemented them, showing that it is possible. Fingerprints may be useful in solving crime, but the iris is even more secure should the sensor be clear enough to detect the iris with clarity.
Voice recognition is perhaps the most classic example of behavioral biometric authentication. The truth is that just the way we speak is unique, and whilst certainly less definitive than a fingerprint, the frequencies and patterns when speaking a certain phrase can easily be compared and verified – and extremely difficult to imitate. For more accuracy, it is important to read a given phrase, as opposed to extrapolating this data and predicting how we would speak a separate phrase, though this is semi-workable too as shown by “OK Google”. Arguably, there are more points of reference and more consistency here than with handwriting recognition.