Why the Future of Security is Biometric

Biometric Security

Share this graphic on your site!

Why the Future of Security is Biometric

86% of Americans want to use biometric security to verify their identity or to authorize payments — Are PINs and passwords becoming a thing of the past?

Biometric Security Becomes Mainstream

Since Apple first introduced Touch ID in 2013, the global market for mobile biometrics has grown to over $14 billion

Today, 57% of apps feature a biometric login option

Americans prefer:
Fingerprint scanners: 63%
Facial recognition: 14%
Passwords and PINS: 8%
Voice Recognition: 2%

Consumers use mobile device biometrics for
Payments: 48% have authenticated a payment with biometrics
Apple Pay
Google Pay
Square Cash

63% want to use biometrics to authorize payments when shopping in brick-and-mortar stores

Unlocking: 80% use biometrics to unlock their mobile devices
iPhones – 68%
Android – 25%
Laptops – 12%
Tablets – 11%

Banking: 42% won’t use banking apps that lack biometric authentication

Why Use Biometrics?

70% of Americans say biometrics are easier to use
Nearly half think biometrics are more secure

Are biometrics really better than traditional security?

Biometric Security: Beyond PINs & Passwords

What Is Biometric Security?
Biometric security uses physical and behavioral markers to identify authorized users and detect impostors

Physical identifiers:
Facial recognition
Retinal scans
Voice recognition
Behavioral identifiers
Device usage patterns (location and time)
How a phone is tilted when it is held
Frequency of checking social media accounts
Finger movements and gestures

Hollywood Makes Hacking Biometrics Look Easy

Diamonds Are Forever (1971): Sean Connery uses a fake fingerprint to fool a scanner
Sneakers (1992): Robert Redford hacks voice recognition with a tape of the passphrase
Gattaca (1997): Ethan Hawke bypasses a DNA scan with a drop of blood

What Makes Biometrics Tough To Hack?

Much more time than hacking passwords
Difficult to attempt without being noticed
Creating a fake requires large amounts of user data
Biometric tech isn’t standardized, each device requires a unique approach

Can Biometrics Be Faked?

Masks: Bkav, a Vietnamese cybersecurity firm, cracked Apple’s Face ID using a mask made with a 3D printer, silicone and paper tape
Photos: Some Android devices can be tricked with a photo — including devices from some of the largest manufacturers
Samsung, Motorola, Sony, and Huawei
Fingerprints: The Samsung Galaxy S10 features a new ultrasonic fingerprint sensor — meant to be harder to hack
The sensor is easily fooled by 3D printed fingerprint
Family: Siblings, a mother and son, and even distant cousins have been able to unlock each others’ iPhone using Face ID
How It Works:
After a failed Face ID, iPhones ask the user to enter a passcode
If the code is entered correctly, the phone scans the user’s face to improve its recognition model
The Flaw: If someone knows your passcode and has similar features, Face ID may eventually identify them as you

Biometric sensors might be harder to hack, but they’re not perfect

Getting The Most Out Of Biometric Security

Know the limits of biometrics
Models of physical identifiers could be leaked from a security system
Once leaked, these identifiers can’t be changed like a password
Use two-step authentication
Pair biometrics and a PIN or password for tighter security
Or, require 2 physical identifiers to make it harder to spoof
Keep an eye on your device
Biometrics can’t secure your phone if you leave it unlocked and unsupervised
Once you’ve unlocked your device, tailgaters can swoop in and gain access
Choose the best tech
Look for features that can’t be fooled by a photograph or 3D print
Liveness detection
3D recognition

Don’t be lulled into a false sense of security — Biometric security isn’t foolproof

Biometric Security