Biometrics, the CIO’s challenge and how AI could finally improve mobile security
This publication once asked the question: is 2013 going to be the year of biometric security? While clearly something of an optimistic prediction, the past few years have been spent periodically lamenting the death throes of the traditional password, with seemingly minimal change.
But could we – finally – get the change the industry so desperately needs? Kevin Gilroy, executive vice president and head of Samsung Business, writes that biometric scanning technology is a ‘game-changer’ for mobile security. “As biometric scanning continues to evolve, it will offer more benefits to businesses, including enhanced security, increased customer satisfaction and most importantly, bottom-line growth,” he explains.
How so? Gilroy cites a study from Gigya last year which revealed that only 16% of consumers use a unique password for each online account. Writing for this publication around the time of the survey, Gigya CEO Patrick Salyer argued the ‘opportunity exists for businesses to finally put the password out of its misery’.
“While the traditional password is dying a slow death, the advent of biometrics and other advanced authentication technologies is quickly taking over,” wrote Salyer. “Savvy brands understand that advanced authentication affords stronger security, but not at the expense of the customer experience.”
Gilroy notes the key concern of CIOs, CTOs and mobile technology executives over meeting corporate security requirements while satisfying users. “One CIO told me that the top user complaints directed toward his department are around the annoyance of password resets and the multiple levels of authentication required to access corporate systems,” he wrote. “Implemented appropriately, biometrics could solve both sides of this problem.”
Great. But there’s a problem. Fingerprints can be reproduced using moulds, or 3D prints; it’s one of the reasons the industry has been reticent until now. As for facial recognition, hold your horses for the time being. According to 9 to 5 Google, the recognition system in the new Samsung Galaxy S8 can be gamed by using a photo, with a source saying the technology is ‘only intended for fun…[and] should not be considered as a foolproof security measure.”
Iris scanning, Gilroy argues, could be the answer, particularly if the technology is built on a trusted security platform such as FIDO, or protocols with PKI (public key infrastructure) cryptography. With that, the rise of voice recognition and artificial intelligence could be a real boon. “Mobile device users are moving toward voice-activated, touch-free interactions with their devices,” says Gilroy. “As a result, they will want login authentication experiences that mirror how they most commonly interact with their mobile tools.”
You can read the full piece here.
- » In-house or third party? Enterprises shifting IT strategy with mobile at the heart of change
- » VMware teams up with Oracle for app management on its managed cloud services
- » Why mobile app development is a community with room for everybody
- » Signal Sciences raises $15m in series B round and launches ‘new category’ of web app security
- » How WannaCry demonstrates the dangers of homogeneous, unpatched networks