The following guest post was submitted by Sense of Security, a leading independent provider of IT security and risk management solutions in Australia, with expertise in assessment and assurance, as well as strategy and architecture, through to deployment and ongoing management.
It’s generally agreed that electronic security systems that use existing forms of user identification relying on passwords are outdated. Passwords are far too vulnerable to hackers and also can be forgotten by users themselves.
To fill the gap, biometric sensors are being used more and more in information security systems. In biometric security solutions, microphones, cameras and sensors gather information in real time. They have already made entrances to cars, homes, garages, etc. far safer.
Biometric sensors can look at any number of unique human characteristics to verify identity. These include iris, finger vein, and voice recognition. Voice recognition in particular is seen as a hot area for development, since it is easy enough for people to say a few words and identification through this method could be potentially very quick and user friendly.
Iris identification is also is becoming more popular and is even used in some airports to verify the identity of passengers going through security.
Heartbeat recognition is another way biometric sensors can identify individuals.
DNA recognition in biometric security solutions is now possible. This can be slow however, as DNA data must be taken from hair, blood, finger nails, saliva, used straws, etc.
Using biometric sensors to verify identification is not new; the technology has been around since roughly 1994. Yet through recent advances biometric sensors are becoming faster and more accurate than ever before.
According to information security firm Sense of Security, hackers are figuring out ways of getting around using biometric sensors which examine just one criteria. In particular, hackers have found ways for beating fingerprint sensors and getting around IT security compliance.
In short, biometric IT security is much better than password based security but is still very much in development and far from perfect. As biometric sensors have applications beyond user identification in fields such as law enforcement, it is extremely important that this field continue to be developed.
Biometric sensors that look at new criteria are being developed. For example, every person has a uniquely shaped ear just as every person has a unique fingerprint. Sensors are being developed which scan the shape of ears, which seems like it would be a hard hurdle for hackers to get over. Also, the human nose is being looked at as another object for biometric sensors to scan.
New methods of verifying identification will likely develop, yet experts caution against relying on just one of them. Therefore, a hot idea now is using different types of biometric sensors in combinations, a concept known as “multi-modal biometrics.” For example, one concept is still using fingerprint identification but adding iris and heartbeat biometric sensors as well. Such combinations will make existing biometric IT security compliance systems – which are already very secure – even more so.
Sensors which provide authentication methods that are continuously updated are predicted to make biometric security solutions better. Mobile devices in particular are seen as having great potential for continuous identification solutions. For example, a fingerprint sensor in a cell phone could authenticate the identity of the user each time the phone is touched and lock out anyone other than the correct user immediately.