Tag Archives: biometrics

The Strength and Weaknesses of Biometrics

We seem to take for granted how our devices identify us for authentication.  What started from passwords and pin numbers has now turned into fingerprints and advanced face mapping technology that makes unlocking your smartphone almost magical.

Until recently, biometrics were an item of science fiction. Today, significant advances in the technology have now made it truly a viable and secure alternative to traditional forms of security. Biometric authentication uses a person’s individual biological traits to verify their identity. This data is almost impossible to guess and is completely unique to a single person. This make biometric systems extremely hard to compromise, unlike Personal Identification Numbers (PIN) and passwords.

But like all passwords and forms of authentication, each have their limit.  Biometric authentication is also extremely new and not very cost effective enough for widespread adoption, but we can expect to see more and more of it in the near future. So, let’s look at some of the current biometric methods and their strengths and weaknesses.

The Passwords on Your Fingertips

The most frequently used and established form of authentication is your fingerprint. What can be more secure and unique than a series of pattern on the tips of your fingers that not one other human shares?

The main issue with fingerprint scanning is that we leave those passwords (our fingerprints) everywhere. You wouldn’t just write your pin down on a napkin and give it to your waiter, but you will hand over your glass, which is basically the same concept.  Fingerprints also present the challenge that we only have as many passwords as we do fingers.

However, despite the weakness fingerprints still remain much harder to guess than a password and their low-cost and high convenience makes them one of the most common authentication methods.

From fingerprint scanning evolved finger vein or hand vein scanning.  This method scans the vascular patterns beneath the skin’s surface, that are not left on the things we touch. However, this technology is very pricey and not commonly used.

Its All In The Eyes

Eye scanning has also seen an uprising in adoption. The security of iris scanners are very reliable, with a very low chance of false positives because of the high detail they need in order to work.

Despite this reliability, the concern of iris scanning is that of hygiene and convenience. If scanning equipment is shared and requires people to place their eye on surfaces used by others, we could quickly see the hygiene issue. To sterilize the equipment, it would have to be done with substances like alcohol which would cause the eye irritation.  We could also see issues where if the eye scanner is static, it may be difficult for people of different heights to use it.

Say the Magic Words

Voice recognition is one option that is widespread and relatively cheap from a technology stand point. The downside to voice is that it is getting beaten out by the other forms of authentication because it is the easiest biometric method to mimic. A recording on a good microphone could defeat a system, which makes this highly insecure for highly confidential items.

Look In the Mirror to Find the Answer

Facial recognition is somewhat the baby to the biometric authentication world.  The biggest launch on the market is Apple’s Face ID system which maps out the structure and movement of the face to prevent someone with a picture to access it. This technology has seen some false positives so there is likely to be more advancement required in facial recognition. However, if the technology becomes more established it may sweep the market from the other alternatives.

What started from the science fiction movies, has now ended up being real life. Biometric passwords have come a long way and there is still much more advancement required before we can say these methods are truly unique and secure. As of today, two factor authentication is still the best way to go. Combining a biometric factor with a strong password is the safest way to protect your online information when each password can rely on each other as a failsafe form of verifying you.

Forgot Your Password? The Future May Help.

Probably one of the most annoying things about technology today is trying to remember all your passwords, from your desktop login, social media sites, down to your online financials, a combination of words and numbers can really start to all blend together. If you’re like most of us, you probably have the same password for everything. This practice is EXTREMELY unsafe, and not recommended by any IT technicians or service providers. So, is there any end in sight to the madness? Well, current trends in biometrics may just make passwords obsolete.

Today, many cell phone users are logging onto their phones and entering all their apps with their fingerprints. Apple’s “Apple Pay” on iPhones are becoming ever more popular and allows for users to pay with their cards at retail locations using their fingerprints to authenticate the purchase. The Samsung Galaxy S8 phone has an upgraded retinal scanner that can be used to unlock the phone and can be used as a second factor in authenticating any number of online services. Microsoft’s Hello is allowing Windows 10 users to login through facial recognition and a patent for the company indicates they are trying to develop ways to pair a touchscreen with gestures made on the screen to authenticate. Some ideas out there are even hinting at using brainwaves for authentication to unlock computers!

What will this mean for the future of passwords? Maybe soon all you will have to do is think about unlocking your Facebook page and like magic, it would work. While that may seem farfetched, who knows what the future can hold? Much of this research to eliminate passwords is being supported. In the U.K. the National Cyber Security Center is looking for proposals that will do away with passwords and is offering $32,160 in research funds per proposal.

However, while things are still in the works we will have to still stick to the “old-school” way of keeping our information safe, with your first pets name and your birth date numbers (did we get some of you??…). Until then, we recommend creating strong passwords (using capital letters, numbers and symbols) and using different passwords for each account you have.


Call ECMSI today for a free consult!