Unleashing the Potential of Mobile Biometric Security
The trend of mobile biometric authentication gained further momentum this past week with the introduction of Samsung’s Galaxy S5. The fingerprint swipe sensor located just above the home button on the S5 allows users to enroll up to three fingerprints and then unlock the phone, or even authorize PayPal payments, with just a swipe of an enrolled finger. Additional functionality can also be authorized with a finger swipe, such as providing access to “private” data stored on the phone. Unfortunately, it does not appear that the S5’s fingerprint reader is outfitted with liveness detection technology, and is therefore likely to be vulnerable to fake finger spoofing.
That said, Apple’s Touch ID, the Galaxy S5, the HTC One Max, and other mobile handsets incorporating fingerprint biometrics are all good indicators of the future potential of mobile biometric authentication. Indeed, mobile biometrics are expected to be pervasive among handsets in the coming years. As Goode Intelligence predicts, “By 2018, 3.4 billion people will have a mobile device with a biometric sensor.” But will mobile biometric security live up to its potential?
If all that comes of mobile biometrics is a more convenient means for unlocking one’s phone, then I would suggest that potential has not been met. Most visions for mobile biometric security include utilizing this convenience factor in all aspects of a mobile device’s utility in our daily lives. From mobile commerce to remotely accessing our employer’s network to updating our health care records, our mobile devices will be integrated into the majority of our daily activities.
So how do we get from just unlocking the phone to using convenient biometric authentication throughout the days and weeks of our busy lives, all while leaving PINs and passwords far behind? I would argue that device manufacturers (and their biometric sensor partners), need to build confidence among their user communities that mobile biometrics are not only convenient, but also secure. Liveness detection has the single purpose of instilling such confidence.
Until such confidence has been achieved, not only will users be hesitant to expand the utility of mobile biometrics, but nor will the companies providing that utility feel compelled to integrate biometric authentication into their applications and services. At NexID we are busy integrating our liveness detection technology with fingerprint sensors being targeted for the mobile device market. And as these deployments work their way through product design cycles and into the market, we expect such confidence to build, thereby facilitating the full potential of mobile biometric security.