In today’s digital world, passwords are simply not secure enough. According to Verizon’s 2022 Data Breach Investigations Report, stolen password credentials were involved in 61% of all company data breaches last year. In fact, with bots capable of attempting over 100 billion password combinations per second, the average eight-character password can be cracked in as little as 12 minutes.
Researchers from Stanford University and Tessian, Psychology of Human Error 2022, found that approximately 88% of all data breaches are caused by an employee mistake. As a result, it is evident that traditional authentication methods must be replaced with the latest biometric technology, such as specialised hardware sensors in mobile phones, fingerprint detectors, unique facial recognition cameras (3D), or iris recognition.
Biometric technology has become increasingly popular in recent years, especially with the advent of two-factor authentication for online banking. The global biometric market's revenue reached US$43bn in 2022 and is projected to hit US$83bn by 2027.
Biometrics provide increased levels of assurance to providers that a person is real by verifying a tangible, real-world trait as both something the user has and something the user is. “The use of passwords for user validation is heavily reliant on limited human memory capacity,” says Amanda Widdowson, Head of Human Factors Capability at Thales UK.
“A typical user will require many passwords for personal and professional applications and websites. There is a risk that people will use the same, easy-to-remember password for several applications, so if one is compromised, the rest are too. Biometric technologies may be a better solution because they eliminate reliance on human memory. Fingerprint and facial recognition systems are common on smartphones, but could be better utilised in commercial computer equipment and applications.”
According to Mitek: “Most user’s passwords, PINs, and personal identifying information have likely been compromised with a data breach, meaning billions of accounts can be accessed by fraudsters who retain the answers to traditional authentication methods.”
The role of AI in biometric authentication
As Adam Desmond, Sales Director EMEA at OCR Labs, told Cyber Magazine last year, identity verification software technologies are using AI to enable consumers to safely and securely transact online using their mobile devices.
“Face biometrics can determine a match between our selfie and a document,” he comments. “But what it can’t do is distinguish between a live person and someone trying to trick a biometric system into thinking it sees a live person.
“This is where AI-powered liveness detection comes into play, which ensures the integrity of a biometric match by distinguishing both ID and liveness via AI. The technology uses facial recognition to determine if a biometric sample is being captured from a living subject who is present at the point of capture; in other words, a real, live person behind the screen. The AI can simultaneously complete the equivalent of hundreds of forensic check permutations in a matter of seconds.”
Already a familiar sight in technology from smartphones to laptops, biometric capabilities are increasingly embedded in everyday life. As Ricardo Amper, CEO of digital identity company Incode, explains, the goal is to reinvent the way people authenticate and verify their identity online.
“Our product research and development is geared towards accelerating its adoption across a wide variety of industries,” he explains. “With one identity everywhere, Incode will be fulfilling its mission of creating trust by reinventing the way people authenticate and verify their identity online.
“We have engineered a complete set of features including world-class facial recognition technology that is able to recognise when someone is sending a fake photo, video or wearing a mask,” Amper adds. “It can clean up a blurry ID document so it can be read and assessed. Ultimately, our mission is to create one identity everywhere, speeding up authentication in a secure and compliant way, whilst giving businesses the tools they need to provide a convenient, swift, and seamless way of processing payments and other data transactions.”
Biometrics critical to building trust
With online fraud on the rise, advanced technologies are critical for businesses to build trust with customers and mitigate risks, comments Desmond. “Biometric authentication is leading the charge in the growing fight against identity fraud. Banks are already using AI-powered facial biometrics in conjunction with liveness detection to verify faces and documents, as well as ensuring fraudsters aren’t bypassing screening processes with photos of a printed image, for example.
“But voice technology offers the next level up in powerful and convenient biometrics, with a critical role to play in improving anti-fraud defences. In fact, when combined with face biometrics, voice is one hundred times more powerful than face alone. In our experience, the combination of both voice and face biometrics makes the verification process almost impenetrable by fraudsters, offering multiple layers of protection – liveness and recognition of both face and voice.”
With constant advancements being made in the technology industry, specifically in the biometrics industry, the possibilities of how biometrics will affect our lives seem endless, Amper comments. “To an extent, it is dependent on how much we want biometrics to impact our lives as biometrics can be used in all areas of life when it comes to authentication and identification.
“But trust is crucial for its success; the impact that biometrics can have can be substantially limited if there is a lack of trust in how the technology is used,” he concludes. “Users need to be sure that their data is being used for the purpose it was given and nothing else. This trust is hard to come by, but if gained, then there will be no limit to the impact biometrics can have on our lives.”