The word biometrics comes from the Greek words “bio”, meaning life, and “metrics”, meaning to measure. For thousands of years humans have used facial features, speech and gait to recognise each other. The field of biometry expands upon this principle, recording our unique characteristics in order to prove we are who we are claiming to be.
Biometric data is becoming more commonly used in everyday life as a method to authenticate ourselves and the payments we make. You may have used it on your mobile phone for example, in order to unlock your device using Face ID, or confirm a payment with your fingerprint.
Physiological and behavioural biometrics
There are two main categories of biometrics, physiological and behavioural – both of which can be used to provide a more accurate picture of who you are.
Physiological characteristics are factors like your iris pattern, ear height, and fingerprint and are considered to be unique physical features of each individual person. Behavioural characteristics, on the other hand, look at how you interact with a computerised system. Examples of behavioural biometrics include, the way you type, your handwriting, and the way you speak.
Currently, behavioural biometric technology is less reliable than analysing our physiological aspects, which is why these examples are used less. However, as the technology improves, these behavioural identifiers may increase in prominence.
Why biometrics enhance authentication
More traditional methods of authentication, such as passwords, pose a variety of problems for enterprises trying to verify users. Indeed, according to NordPass research, the average person has around 100 logins for their various accounts online, and, as a result, many of us use the same password for multiple accounts. Not only does this mean that this data is much easier for a hacker to guess, there is also no way a password alone can prove to a business that it is really you accessing your account.
Biometrics provides solutions for these two issues. Firstly, users don’t have to remember their biometric identifiers. Your fingerprint is never going to change or be forgotten, which means you don’t ever need to reset it. Secondly, biometrics give a much more accurate picture to a business that the correct person is accessing the service, as it is much more difficult to copy or forge biometric data.
Moreover, while some passwords are weak and easy to guess, trying to predict someone’s biometric data through trial and error is extremely difficult. As a malicious actor trying to access another person’s account, it is simply not worth the effort and monetary cost to try and forge the average user’s fingerprint- compared to using brute force to guess their password.
Remaining security concerns
However, is rightly concerning to many of us that if your biometric data has been compromised, you can’t replace it as you would with a compromised password.
There have also been cases where hackers and other actors have been able to access a service by fooling biometric systems. In 2019, for example, it was found that Apple’s Face ID could be tricked into unlocking, simply by placing a pair of taped-up glasses onto the desired target while they were asleep. Nonetheless, it is important to know that each time a vulnerability like this is discovered, it is quickly patched to prevent further cases. In addition, technology like liveness detection has also been introduced to stop people using silicone masks or photos to break past biometric checks.
In most cases today it remains your choice as to whether or not you use biometrics or a password to protect your accounts. However, if you would like additional convenience and security for your accounts, introducing some type of biometric authentication system will help deter malicious actors from attempting to target your digital data.
If you have any questions, or other technology queries, leave a comment below or tweet @techtroublesho1.