By: Daon, the NAFCU Services preferred partner for Biometric Authentication
Passwords simply don’t work. Every day brings fresh reports of stolen passwords and hacked accounts. Fortunately, the proliferation of mobile devices has provided an antidote to failing password security — mobile authentication.
Standard Authentication Limitations
Mobile authentication is moving to the mainstream. Consumers have become familiar with using their mobile devices to retrieve a text message consisting of a string of characters that must be retyped into a form on a website.
However, if you are trying to conduct a banking transaction on your phone, then a text message sent to that same phone is awkward to execute and provides limited protection. Furthermore, it doesn’t really prove your identity — it could just as easily be someone who found your phone at a restaurant trying to access your banking information.
Enter biometrics, which authenticate you based on your unique physical characteristics — what makes you who you are — rather than simply assuming you own the device that you are carrying. Biometrics provide both high security and unparalleled convenience.
Instead of typing a string of characters, you simply read a displayed sentence out loud, look into the camera and blink, or swipe your finger across an embedded sensor.
There are six different types of biometrics that financial institutions can implement:
- Facial Recognition: involves looking into the device’s camera while the authentication software takes a photograph of you
- Voice Recognition: involves speaking into the device’s microphone
- Fingerprint Recognition: users either press their finger to the reader or swipe their finger across its surface
- Palm Line Recognition: involves taking a photo of the palm of your hand so that its major, easily visible lines can be captured and analyzed
- Iris Recognition: involves looking into the device’s camera, usually the front-facing one that allows you to see the image being captured
- Vein Recognition: involves taking a picture of a part of your body with a special camera that can capture the pattern of veins under the skin
For a complete comparison between these biometics’ strengths and weaknesses, download the full white paper.
How does it work?
Biometric Authentication is done by having a person submit samples of their biometric characteristics when they enroll in a service that supports biometric authentication. Later, when they want to authenticate, they submit another sample for comparison. Such comparisons result in a calculated score representing the likelihood of the two samples belonging to the same person.
For Example: If you take a photo of yourself and this is compared with an earlier picture, you should get a very high score. In contrast, the stranger sitting next to you on the subway would get a low score if you tried to pass his picture off as your own.
Taking it a step further: Multi-Modal Biometrics
Multi-modal means collecting more than one biometric to authenticate someone. There are many advantages to a multi-modal system, most significantly an increase in both security and user convenience.
But which biometric is the best? Download the whitepaper, “Face, Fingerprint, Iris, Palm, Vein, Voice: Which biometric is the fairest of them all?” Take a look at each of these options to determine which is the best biometric for your mobile authentication.
Daon is the NAFCU Services preferred partner for Biometric Authentication. Learn more at http://www.nafcu.org/daon/