December 8, 2017 By Douglas Bonderud 2 min read

Has the death of the password finally arrived? Biometric authentication seems poised to supplant the ever-insecure username/password combination.

According to Help Net Security, 68 percent of European citizens surveyed by security firm Unisys said their trust level would increase if organizations leveraged biometric tools for multifactor authentication. But is trust the best measure of long-term security, or are biometric solutions just security breaches waiting to happen?

Benefits of Biometric Authentication

The Unisys survey found that consumers comfortable with technology were ready to ditch passwords in favor of biometrics, Help Net Security noted. Many respondents pointed to the benefit of no longer needing to remember, protect and regularly change passwords.

Sixty-three percent of those asked said they believe biometrics are more secure than current password and personal identification number (PIN) solutions. Meanwhile, 61 percent reported that they were most happy with fingerprint scans as a potential replacement and 41 percent said they prefer iris scanning.

Consumer expectations also play a role in the rise of biometrics, since users are prepared to wait just over 25 seconds for sign-in processes to complete. Fingerprint- and iris-based metrics should speed the authentication process, reducing user frustration.

Customer confidence varies by industry, with 51 percent believing banks would manage biometric data securely and 45 percent confident that the government would do the same. However, just 12 percent think social media companies would be so trustworthy.

As noted by TechTarget, biometric scanning may also offer a way to shore up trust in emerging Internet of Things (IoT) markets. By replacing stock permissions and poorly crafted passwords with reliable biometric scans, enterprises can tap the growing wave of public trust for persistent security measures tied to people, not passwords.

Downstream Concerns

But it’s not all smooth sailing for biometrics. Consider a recent Harvard Business Review article, which discussed the evolving role of Social Security numbers (SSNs) in the process of identification. While SSNs were originally designed to identify Social Security beneficiaries, they’re now used to verify identity and intent across multiple industries.

The same is undoubtedly true for biometrics. What begins as a way to access banking or government services will eventually be leveraged for different purposes, such as marketing. As HBR noted, facial scans, combined with behavioral analysis, can help predict consumers’ personality traits, habits and socioeconomic status.

This naturally leads to target-based marketing, but could also extend to more sinister activities, such as using biometric data to take over a one’s identity. Given the permanent nature of many biometric markers, the results of such a theft could be disastrous.

How Will Biometrics Impact the Future of Security?

Consumers are ready to trust biometrics and willing to hand over fingerprints or iris scans if they can ditch passwords. But technology constantly evolves, and the original intent seldom matches the eventual purpose. Ideally, the shift to biometic authentication comes with a commensurate commitment to regulations and the implementation of standards that clearly lay out how this data may be collected, used and, ultimately, destroyed.

The bottom line is that biometrics are coming. The question is where will it take consumer security?

More from

Skills shortage directly tied to financial loss in data breaches

2 min read - The cybersecurity skills gap continues to widen, with serious consequences for organizations worldwide. According to IBM's 2024 Cost Of A Data Breach Report, more than half of breached organizations now face severe security staffing shortages, a whopping 26.2% increase from the previous year.And that's expensive. This skills deficit adds an average of $1.76 million in additional breach costs.The shortage spans both technical cybersecurity skills and adjacent competencies. Cloud security, threat intelligence analysis and incident response capabilities are in high demand. Equally…

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

What’s behind unchecked CVE proliferation, and what to do about it

4 min read - The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations' cyber defenses. According to SecurityScorecard, there were 29,000 vulnerabilities recorded in 2023, and by mid-2024, nearly 27,500 had already been identified.Meanwhile, Coalition's 2024 Cyber Threat Index forecasts that the total number of CVEs for 2024 will hit 34,888—a 25% increase compared to the previous year. This upward trend presents a significant challenge for organizations trying to manage vulnerabilities and mitigate potential exploits.What’s behind…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today