In my last blog post, What is IoT?, I briefly mentioned an up and coming method of identity verification that could replace the password: biometric authentication. The book definition of biometric authentication is “the automatic identification of living individuals by using their physiological and behavioral characteristics”. Typically, biometric authentication is more of a catch-all term rather than an individual method of authentication. Methods of authentication that fall under biometric authentication include fingerprints, retina scanning, and voice recognition. What exactly does biometric authentication entail, and what are some of the pros and cons to adopting this new method of authentication? These are the questions I hope to address in my attempt at demystifying biometric authentication.
The Pros of Biometric Authentication
So let’s hop right into it. What are the pros of biometric authentication? The biggest plus side that biometric authentication has to offer is that it takes things that are unique to us, like our retina blood vessel pattern or our fingerprint, and uses that to secure our information. While any traditional password can be cracked with enough time and computing power, things like a fingerprint are significantly more difficult to replicate.
Hollywood may insist that duping a fingerprint scanner is a simple thing – but the commercial reality is much more complicated. Sure, facial recognition has its faults, and the fingerprint scanner on the iPhone has its flaws, but we’ve made huge strides towards perfecting this level of biometric authentication for consumption by the masses.
In terms of securing things, it doesn’t get any better than that.
Here’s another big big benefit of biometric authentication: you may be the type of person who likes to set complex passwords to protect your information – which is a very smart thing to do – but maybe you didn’t write down those passwords somewhere, or maybe you’re just a little forgetful in general. While forgetting your password is an easy mistake to make, the chances of you forgetting your fingerprints somewhere is, well, nil.
Not only is it nice for the user to not have to remember a bunch of passwords or store them somewhere, it’s nice for the guys at the helpdesk who now don’t have to answer a ton of password reset requests.
To drive the point home even further in the pros department, biometric authentication is finally approaching a level of convenience that we’ve all been waiting for since Ethan Hunt hit our screens doing the impossible.
Employees will like the ease of use and the level of protection that biometric authentication places on their files, companies will like the residual benefits of that appreciation. Not to mention that staff will no longer be wasting time on entering, forgetting and needing to reset passwords and thereby saving time which can then be spent on important projects.
Cons of Biometric Authentication
At this point you’re probably thinking “Wow! With all these advantages that biometrics hold over the traditional authentication methods, why is this not more mainstream?”. Unfortunately, dear reader, at this point I have to highlight some of the cons that exist with biometric authentication in its’ current form.
Firstly, let’s get the uncomfortable topic out of the way: injuries. Since biometrics rely entirely on identifying a unique, precise part of our body, even a slight imperfection can spell out trouble. If we go blind, the information protected by our retina scan is now inaccessible. If you burn your finger on the stove, regardless of whether it’s a temporary or permanent, that can cause issues with the new print being accepted (or being a match for the existing print). So not only do we get hit with being injured, we also have to worry about whether or not we can access our information stored behind our old fingerprint.
Another issue with biometric authentication is implementation. While biometrics are becoming more common as time goes on, I’m not sure whether it would yet be considered ‘mainstream’. Implementing biometrics can be both costly and time consuming, requiring the equipment to be purchased, the software to be installed, and setting up time to have employees get fingerprinted or have their retina scanned. This could be met with resistance from the company itself – which might not be willing to spend the money on the purchase and implementation of biometric authentication – and/or by employees who may understandably be uncomfortable with the idea of giving out/relying on their fingerprint or retina scan.
Biometric authentication is certainly an interesting and exciting method of identity management that is becoming more mainstream and advanced, but there are still things to speculate about. When(if ever) is it going to become a main method of authentication? How can we solve some of the issues that currently plague the rapid adoption of biometric authentication? Would you be interested in using it personally? Feel free to share your opinions on the matter in the comments below.