Using biometric identifiers for secure access to mobile
devices is not new, but in most organizations it has been relegated to a
marginal role at best.
The technology's status could be set for a fundamental
change, however. Apple's new iPhone 5S, released in late September, comes with
a built-in Touch ID fingerprint sensor. When the device's owner touches the
Smartphone’s home button, the sensor reads the fingerprint and unlocks the
phone. The feature can also be used to authorize iTunes store purchases.
Technology watchers contend that Apple's fingerprint foray,
if successful, could take biometrics into the mainstream. That is a huge
catalyst for the biometrics industry — as long as it works well and usability
is good. The expectation is clear that biometrics will be getting a more
prominent role in authentication in mobile market. There is an increase in
research and development efforts focused on using biometric technology for
authenticating users on mobile platforms.
Why it matters?
The technology's advocates argue that biometrics offer users
an easier way to access mobile devices, and therefore, people are more likely
to use it, which makes the devices more secure. Published reports suggest that
fewer than half of iPhone users bother to set a four-digit pass code, and even
then, codes can be forgotten, stolen or overcome via brute-force attacks.
Apple's video introducing Touch ID hails the fingerprint as
one of the best passwords in the world because it stays with the person and no
two are alike.
Perhaps of greater interest to enterprise security managers,
biometric identifiers can provide an additional layer of authentication.
Passwords and PINs represent the baseline and are often augmented with secure
tokens, such as smart cards. Biometric technology offers another authentication
factor.
If a consumer device comes ready-made with this capability,
it would behoove anyone to leverage that one piece as part of the
authentication process.
If the technology becomes prevalent on consumer devices,
agencies might end up relying more heavily on biometrics, citing the importance
of taking advantage of built-in technology versus paying for a separate
authentication factor.
The fundamentals:
Examples of human characteristics that can prove identity
include fingerprints, facial features and iris patterns. Biometric systems
capture an image of a particular feature and store its unique characteristics
as a mathematical template. A matching algorithm compares the stored template with
subsequent image captures of the user's fingerprint, face, iris or other
feature.
In government circles, law enforcement agencies have
historically been strong users of biometrics. The FBI's Integrated Automated
Fingerprint Identification System, which the agency describes as the world's
largest biometric database, debuted in 1999.
Using biometric technology to secure mobile devices also has
some history behind it. HP's iPAQ personal digital assistants had built-in
biometric security in the early 2000s. Fingerprint readers arrived on laptops
around the same time. Gradually face recognition security features arrived on
laptops as well. But use of biometric technology in mobiles has not exactly
captured the imaginations of mobile device manufacturers until recent times.
After
Apple’s iPhone 5S launch many other leading mobile industries HTC, Samsung,
etc. have announced to come up with new biometric security enabled Smartphones.
A major finding from a new series of market intelligence reports from Goode Intelligence finds that by
the end of 2015 there will be 619 million people using biometrics on mobile
devices.