The rise in security breaches and the increase in sophisticated hacking attacks of sensitive information has raised demand for a stronger and more secure Single Sign-On (SSO) for information access. Due to the fact that password-cracking techniques are increasing in sophistication, there is a strong need to implement more sophisticated single sign-on methods. Many are considering the advantages and efficiencies that biometric authentication brings to the table – biometrics is slowly but surely replacing passwords to provide stronger security and reliability. Biometrics has proven to be more effective in helping businesses and enterprises increase security, convenience, and achieve realized cost savings.
The rising tide of data breaches and the increase in sophisticated hacking attacks of sensitive information has raised demand for a stronger and more secure way of protecting assets than password based security systems can provide. Due to the fact that password-cracking techniques are increasing in complexity, there is a strong need to implement more sophisticated security methods, and many are discovering the advantages and efficiencies that biometric authentication offers. However, there are many ideas and theories on how biometrics can replace traditional authentication techniques to provide stronger reliability and security and how effective these systems will be to help businesses and enterprises increase security, convenience, and realized cost savings.
Continue reading →
If there is one thing that can significantly increase the safety of your web or Windows experience, it is the elimination of passwords. Every day we hear stories about how network security has been compromised due to password hacks that exposes valuable personal and enterprise data. Let’s face it, passwords are weak and they should be eliminated. The U.S. government has also recognized the issue with passwords and White House Cyber-security Coordinator Michael Daniel said in June that he’s on a mission to “kill the password dead”.
Continue reading →
In the world of information technology, the term “biometrics” (also referred to as “biometric authentication”) is the automated method of recognizing a person based on their unique physiological or behavioral traits. Common examples of human biometric markers are fingerprints, finger and palm veins, iris and facial recognition, even one’s voice print.
According to Microsoft’s chairman and chief software architect, Bill Gates, “Biometrics is one of the keys to providing “a more transparent, secure and manageable security on a mass scale.”
In the era of increasing security threats, the use of antiquated passwords, personal identification numbers (PINs), and tokens to protect data and assets leaves businesses susceptible to fraud and theft. Due to the fact that hackers are seemingly running rampant online and millions of users’ identification credentials have been compromised, efforts for stronger identity protection using biometrics are gaining momentum the AFP recently reported.
With the pace of rapid innovation in today’s biometric technology field, new uses are appearing to make the process of authentication more convenient and secure. These innovative and useful processes of human identification are increasing in frequency with every year. As these uses are increasing, they are also creating some trends and reshaping the way we identify humans. Continue reading →
Apple released the iPhone 5s in mid-2013 and brought biometric technology in to the mainstream through its Touch ID individual identification capabilities. This deployment made some researchers believe that our physical or behavioral traits such as a fingerprint, palm vein, iris, face, or voice print will at some point replace the overused and insecure passwords (e.g. ‘abcdef’ or ‘123456’). There are many who believe that as a result of Apple’s Touch ID, individually identifiable physiological characteristics will be the future mode of human authentication.
Apple’s entry into the biometrics identity management market could be the tipping point for consumerization of biometric technology leading to the beginning of the end of personal identification numbers (PINs) and passwords.
We’ve all seen the movies where a character provides an iris or fingerprint scan to prove their identity in order to get access into a bank vault or a secured facility. That is actually an example of a biometric system. In general, biometrics is a measure of human physiological characteristics and behavior. A biometric system could scan a person’s fingerprint, finger vein, palm vein, iris, facial profile or some other unique physical or behavioral aspect. The purpose of most biometric systems is to authenticate a person’s claimed identity.
The following is a guest post written by Lawrence Watson:
Using Biometrics for Banking to Stop Financial Service Identity Theft
With identity thieves running rampant throughout banking systems and technology infrastructures, and security professions working hard to come up with ideas to keep your identity and financial information safe, we are in an era of security innovation. The simple fact is that aside from the worry, inconvenience and the time it takes to clean up the mess, identity theft is costing taxpayers millions of dollars every year. According to the US federal trade commission there is a new theft every three seconds; it is time to put a stop to it.
There are advanced biometric technologies being adapted and innovated to make stealing an identity harder, if not impossible. Some technologies are more accurate than others and the most common biometric modalities used in financial services to protect customer identities include:
• Voice recognition (through computer speakers/microphones)
• Vascular biometrics – fingervein and palm vein
How Will it Help?
Hacking into a bank account that does not use biometrics, or other secure forms of recognition, to properly identify a customer can be fairly easy for a seasoned cyber-criminal. The most common method they use to access accounts is to contact the bank and pretend to be the account holder to obtain a password reset. They manage to convince the bank that they are indeed the right person, have lost access to email or other various ways to get the password reset and get it given to them over the phone. However, if they were scanned with either voice or facial biometrics first it would be nearly impossible to fool the system; and there would be the requirement for face to face password resets in most cases.
Should Banks be Doing More?
In an economy that has been having trouble, like the current one, and with crime on the rise, banks have an inherent obligation to make consumers feel secure and reassured. Protecting their money simply needs to be a priority. It will not only make consumers feel more secure, but it will help the banks lower costs, and promote positive brand sentiment.
Biometric fingerprinting, voice, and facial recognition is already becoming a more common practice with smart phones to make online shopping and payments more secure. Why shouldn’t this or another viable biometric modality also be used when you are doing banking, be it online or in person? The technology is out there and it is time for financial institutions to take advantage of biometrics for banking to protect their customers.
Security at the Employee Level
Not only should banks be securing their customers through requiring biometric verification, but they should consider using it for employees too. By making sure that only certain information is accessible by first requiring a biometric scan, there will be a firm and unmistakable way to track any issues and proactively prevent insider fraud. If an employee goes rogue it can be easy for them to find a password or use another log in by a fellow employee. However fingerprints are of course unique. Biometrics for banking is truly the way of the future for security in the financial services industry!
Lawrence Watson runs a business selling home and property security systems. Writing is as much a passion of his as his business is and the two often cross paths.
This past Thursday marked August’s #biometricchat tweet chat where we discussed using biometrics to protect corporate data with our special guest Scott Mahnken from Bio-key International. Bio-key are experts in developing and deploying biometric single sign-on identification systems to help businesses protect their data and intellectual property.
There has been a lot of news coverage recently about corporation data breaches and hackers taking advantage of weak user passwords to steal data and compromise database security. With the increasing focus on adopting an alternative to passwords, PINs, key fobs, and other conventional methods of identification, more businesses are evaluating the power of biometric technology to protect data, using it as an exclusive single sign-on solution or part of a multi-factor authentication strategy.
We began our discussion with a look at why Scott felt that biometrics were a more viable alternative to PINs and passwords. He offered that many high profile corporate IT professionals are predicting that passwords will soon be replaced by more advanced single sign-on technology (like biometrics). Passwords and PINs can be easily shared, swapped, or stolen whereas biometrics are something you always carry with you and can’t be easily shared. Furthermore, resetting passwords can be a tremendous resource drain for IT staff with some predictions that password resets can cost a company anywhere from $15 – $20 per reset and consume up to 40% of a workday.
Millions of dollars per year are lost from corporate data breaches and in 2011, at least 558 data breach incidents cost U.S. businesses more than $6.5 billion. The chat discussion talked about the impact of these losses to businesses and why it’s important for them to address the topic of corporate data breaches proactively before hackers can infiltrate a database.
Scott from Bio-key then explained that the healthcare industry just may stand to lose the most from data breaches because of their mission critical work and the sensitivity and importance of protecting patient information. Scott tweeted:
“Managing patient care and the flow of medicines (for healthcare) requires extremely secure and accurate solutions.”
Not to mention the fact that hospitals can lose their meaningful use revenue if they fail to comply with patient data protection measures and biometrics can provide security and transaction tracking along with the compliance that medical facilities seek.
The remainder of the chat transcript can be viewed through the Storify summary which can be found here. Our thanks to Scott and Bio-key for being our guest on this month’s chat and for all that participated in the discussion! The next #biometricchat will be held September the 13th – stay tuned to our blog for more information and details!