December 8, 2017 By Douglas Bonderud 2 min read

Has the death of the password finally arrived? Biometric authentication seems poised to supplant the ever-insecure username/password combination.

According to Help Net Security, 68 percent of European citizens surveyed by security firm Unisys said their trust level would increase if organizations leveraged biometric tools for multifactor authentication. But is trust the best measure of long-term security, or are biometric solutions just security breaches waiting to happen?

Benefits of Biometric Authentication

The Unisys survey found that consumers comfortable with technology were ready to ditch passwords in favor of biometrics, Help Net Security noted. Many respondents pointed to the benefit of no longer needing to remember, protect and regularly change passwords.

Sixty-three percent of those asked said they believe biometrics are more secure than current password and personal identification number (PIN) solutions. Meanwhile, 61 percent reported that they were most happy with fingerprint scans as a potential replacement and 41 percent said they prefer iris scanning.

Consumer expectations also play a role in the rise of biometrics, since users are prepared to wait just over 25 seconds for sign-in processes to complete. Fingerprint- and iris-based metrics should speed the authentication process, reducing user frustration.

Customer confidence varies by industry, with 51 percent believing banks would manage biometric data securely and 45 percent confident that the government would do the same. However, just 12 percent think social media companies would be so trustworthy.

As noted by TechTarget, biometric scanning may also offer a way to shore up trust in emerging Internet of Things (IoT) markets. By replacing stock permissions and poorly crafted passwords with reliable biometric scans, enterprises can tap the growing wave of public trust for persistent security measures tied to people, not passwords.

Downstream Concerns

But it’s not all smooth sailing for biometrics. Consider a recent Harvard Business Review article, which discussed the evolving role of Social Security numbers (SSNs) in the process of identification. While SSNs were originally designed to identify Social Security beneficiaries, they’re now used to verify identity and intent across multiple industries.

The same is undoubtedly true for biometrics. What begins as a way to access banking or government services will eventually be leveraged for different purposes, such as marketing. As HBR noted, facial scans, combined with behavioral analysis, can help predict consumers’ personality traits, habits and socioeconomic status.

This naturally leads to target-based marketing, but could also extend to more sinister activities, such as using biometric data to take over a one’s identity. Given the permanent nature of many biometric markers, the results of such a theft could be disastrous.

How Will Biometrics Impact the Future of Security?

Consumers are ready to trust biometrics and willing to hand over fingerprints or iris scans if they can ditch passwords. But technology constantly evolves, and the original intent seldom matches the eventual purpose. Ideally, the shift to biometic authentication comes with a commensurate commitment to regulations and the implementation of standards that clearly lay out how this data may be collected, used and, ultimately, destroyed.

The bottom line is that biometrics are coming. The question is where will it take consumer security?

More from

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Protecting your digital assets from non-human identity attacks

4 min read - Untethered data accessibility and workflow automation are now foundational elements of most digital infrastructures. With the right applications and protocols in place, businesses no longer need to feel restricted by their lack of manpower or technical capabilities — machines are now filling those gaps.The use of non-human identities (NHIs) to power business-critical applications — especially those used in cloud computing environments or when facilitating service-to-service connections — has opened the doors for seamless operational efficiency. Unfortunately, these doors aren’t the…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today