Biometrics Technology in Smartphone

eSSL Security

Using biometric identifiers for secure access to mobile devices is not new, but in most organizations it has been relegated to a marginal role at best.

The technology's status could be set for a fundamental change, however. Apple's new iPhone 5S, released in late September, comes with a built-in Touch ID fingerprint sensor. When the device's owner touches the Smartphone’s home button, the sensor reads the fingerprint and unlocks the phone. The feature can also be used to authorize iTunes store purchases.

Technology watchers contend that Apple's fingerprint foray, if successful, could take biometrics into the mainstream. That is a huge catalyst for the biometrics industry — as long as it works well and usability is good. The expectation is clear that biometrics will be getting a more prominent role in authentication in mobile market. There is an increase in research and development efforts focused on using biometric technology for authenticating users on mobile platforms.

Why it matters?

The technology's advocates argue that biometrics offer users an easier way to access mobile devices, and therefore, people are more likely to use it, which makes the devices more secure. Published reports suggest that fewer than half of iPhone users bother to set a four-digit pass code, and even then, codes can be forgotten, stolen or overcome via brute-force attacks.

Apple's video introducing Touch ID hails the fingerprint as one of the best passwords in the world because it stays with the person and no two are alike.

Perhaps of greater interest to enterprise security managers, biometric identifiers can provide an additional layer of authentication. Passwords and PINs represent the baseline and are often augmented with secure tokens, such as smart cards. Biometric technology offers another authentication factor.

If a consumer device comes ready-made with this capability, it would behoove anyone to leverage that one piece as part of the authentication process.

If the technology becomes prevalent on consumer devices, agencies might end up relying more heavily on biometrics, citing the importance of taking advantage of built-in technology versus paying for a separate authentication factor.

The fundamentals:

Examples of human characteristics that can prove identity include fingerprints, facial features and iris patterns. Biometric systems capture an image of a particular feature and store its unique characteristics as a mathematical template. A matching algorithm compares the stored template with subsequent image captures of the user's fingerprint, face, iris or other feature.

In government circles, law enforcement agencies have historically been strong users of biometrics. The FBI's Integrated Automated Fingerprint Identification System, which the agency describes as the world's largest biometric database, debuted in 1999.

Using biometric technology to secure mobile devices also has some history behind it. HP's iPAQ personal digital assistants had built-in biometric security in the early 2000s. Fingerprint readers arrived on laptops around the same time. Gradually face recognition security features arrived on laptops as well. But use of biometric technology in mobiles has not exactly captured the imaginations of mobile device manufacturers until recent times.

After Apple’s iPhone 5S launch many other leading mobile industries HTC, Samsung, etc. have announced to come up with new biometric security enabled Smartphones. A major finding from a new series of market intelligence reports from Goode Intelligence finds that by the end of 2015 there will be 619 million people using biometrics on mobile devices.