Today we’re looking at biometric authentication ,the latest and perhaps most innovative development in identity and access management. How does it work? And should your enterprise consider deploying it? Traditional biometric authentication uses the distinct biological or physiological characteristics of users to verify their requests. A biometric authentication solution stores the biometric data in a secure database and then compares inputted biometric factors to confirm the login.
The benefits of this approach over text-based passwords become apparent almost immediately. There’s no way for anyone to “forget” their biometric factors, like you might with passwords, as you’re usually attached to them. Biometrics can’t be guessed or cracked in the same way as passwords, and as long as they remain securely stored, can’t be stolen either. Also, biometrics can facilitate work flows by allowing for more instantaneous logins and by freeing up your IT security team from having to do continual password retrievals.
Previously, biometric authentication was the stuff of science fiction, depicted in film and television as advanced, expensive and rather bulky technology to convey over-the-top security to the audience. However, recent innovations in biometric sallow enterprises and users to embrace this new development in identity management. And if you’re among the 29% of Solutions Review viewers who are watching this video on a mobile device, there’s a good chance you used biometrics to unlock it; as an estimated 429 million smartphones offer biometric authentication today.
Actually, your enterprise can also use the proliferation of mobile devices to your advantage. Enterprises with biometric authentication solutions can often sync with employees’ own mobile devices, allowing them to undergo authentication through them. This can become a huge bonus to work flows and to remote employees, as it increases security and reduces time at the login portal. Typically, people think of biometrics as using purely physical factors, such as fingerprinting, retina scans, facial recognition, and voice recognition. While these all play a role, biometric authentication also incorporates new dimensions such as behavioral biometrics.
This performs continuous authentication by ensuring users (who passed the initial login portal) type, act, and otherwise conduct themselves according to baseline behaviors. Users who don’t can be barred from further acting until their identity can be otherwise verified. Biometrics are often used as a major component of modern multifactor authentication. In turn, biometric authentication benefits from the other layers of security found in MFA; including geofencing, time of requestmonitoring, and hard tokens.
The more security layers that stand between users and access, the more difficulty hackers face trying to breach your network. While biometric authentication provides a stronger single-factor authentication method than passwords, relying on any one security layer alone can put your enterprise in jeopardy. Biometric authentication should be a key consideration for any enterprise’s cybersecurity, but it should only serve as one part of your overall identity management platform.
That’s all for now. For more information about Biometric Authentication ,cybersecurity news, or our comprehensive Buyer’s Guides, visit Solutions Review.com. Links are in the description below. And be sure to join us next time when we explore the top multifactor authentication capabilities. For Solutions Review, I’m Jonathan Paula. Thanks for watching.
An Introduction To Media Biometrics
From the combat zone to the corporate office, from the airport to the ATM – knowing who’s really who is a big security concern. Traditionally, a person might enter a password or pull out a driver’s license or passport as proof of identity. But increasingly, identification and authentication can also require an eye scan or a well-placed hand. Go ahead and turn. It’s a science known as biometrics, recognizing individuals based on their physical or behavioral characteristics.
The structure of the face, the geometrics of the hand, the ridges of a fingerprint, the patterns in an iris – every person carries multiple human traits that are a unique form of personal identification. The primary advantage of a biometric trait is that it belongs to that individual. Youre implicitly connected to it, unlike passwords or tokens or passports, which are external to an individual. Arun Ross is a Computer Science and Electrical Engineering professor at West Virginia University, one of three institutions where the National Science Foundation is helping to fund a coalition of biometrics research sites.
The Center for Identification Technology Research, or CITeR, as the coalition is known, is an example of the important role that public and private funding can play in the innovation process. The National Science Foundation does offer seed funding. But that is augmented with the funding from these corporations and government agencies. CITeR affiliates funded Ross’s 2005 research with Dr. Reza Derakhshani, who was at the University of Missouri in Kansas City.
Iris recognition systems process the full iris, so when the eye’s gaze is off-center, only a portion of the iris is seen, and recognition is hindered. Ross and Derakhshani proposed the idea that the sclera, the white part of the eye, might be an additional biometric trait that could be used for identification. We asked ourselves what type of information can we extract from the sclera in order to perhaps improve the performance of classical iris-based systems. First, Ross and Derakhshani collected digital images of eyes from dozens of subjects. Then they separated the sclera from the pupil and the iris to search for unique features.
We began to see the features that were on the surface of the sclera, but also the conjunctival vasculature, the vein pattern that is evident through the sclera. So we started developing algorithms that can be used to extract features. Computer algorithms are step-by-step instructions that tell the computer what to do. With fingerprint recognition, they are used to extract features called minutia points, the unique points in the fingerprint ridge where it ends or splits in two. With iris recognition, they convert the unique iris patterns into a binary code, made up of zeros and ones, like a barcode of the eye.
So when we say algorithms, really, were talking about image processing algorithms, algorithms that the computer program can use in order to extract features that can subsequently be used for matching purposes. With sclera recognition, the algorithms extract features from the sclera surface and vein patterns. As they hoped, the sclera proved to be useful in identification. Blood vessels, like fingerprints, remain stable throughout life. The computer program was able to compare and match this information. We began to notice that the similarity between two images of the same person was much more than between two different individuals.
With the university’s help, Ross and Derakhshani filed for a patent, which was granted by the United States Patent and Trademark Office in 2008. Simona Crihalmeanu, a research associate on Ross’s team, based her own research on the patent, developing different ways to extract and match features found in the sclera. I think she has really contributed in taking this research to the next level by developing new algorithms for feature extraction and matching, as well as the possibility of combining the iris with this sclera.
The research also caught the attention of a commercial venture, Eye Verify, which has licensed the patent for mobile applications. We have to keep moving forward, looking at new ways to solve old problems. Because, what was unsolvable a few decades ago might be solvable now. Solving old problems takes innovative thinking, and because of dedicated funding, researchers like Arun Ross have been able to work on new solutions – with an eye toward the future.