43% of people who found a smartphone attempted to launch the banking app, and 57% tried to access a “Saved Passwords” file. – The Symantec Smartphone Honey Stick Project
Even those who are not familiar with Law Enforcement practices should, by now, have at least a basic understanding of biometrics from the popularity of television crime dramas, such as CSI.
From fingerprints, to facial scanning, to voice, biometrics are the unique parts of the body that identifies each person. These have been leveraged by law enforcement for years, but recently we are seeing them catch on in the private sector through smartphones, smartwatches, and other upcoming smart devices. These smart platforms are starting to use your biometrics in conjunction with, or to replace, archaic methods of personal identification, such as PINs and passwords. This is great news for anyone looking for quick and easy access to a personalized device.
The problem is, while iPhone and Samsung are moving into the realm of the ultimately more secure and convenient realm of biometric authentication, they are still only using single mode biometrics. For anyone that has watched CSI, or a YouTube video on the subject, you are already aware that someone, with a little time on their hands, can fake your fingerprint or wave a photo of you in front of an unsophisticated facial recognition program, which will give them access to your device! This has been the inherent argument posed by just about everyone who resists the idea of switching to biometric-based security, and they are right. No single method of access is ever going to be completely secure.
This is where multi-modal biometrics comes in. Multi-modal biometrics are, in brief, the use of multiple characteristics, used in conjunction, to identify an individual. There are many characteristics that different technologies can use to identify you, such as fingerprints, iris, voice, facial recognition, facial structure, handwriting, retina, gait, scent, gesture and ear height, and more are being discovered each year. All of these, on their own, can be faked by a determined person. It’s when they are used in conjunction, that they identify you in a secure way. The trick is how to leverage, or create, a platform that can pull enough identifying characteristics to determine it is you, without bogging down the platform, or user, with too many verification steps.
The good news is that even the most unsophisticated, new smartphone already has two methods available to identify the user’s biometrics: voice and facial recognition. Also, the new iPhone and Samsung smartphones have added a fingerprint scanner. Any of these can, and should, be leveraged to add multiple layers of biometric security to sensitive applications such as banking and healthcare. If a bank or healthcare app is secured by voice and facial recognition, on a platform that requires a fingerprint to get in, that is 3 multi-modal biometric steps that a thief must get past in order to steal the user’s money or sensitive health information. Even the most creative and patient of thieves are unlikely to get past that level of security.
At ImageWare® Systems, Inc., we have the ability to turn any smart platform into a multi-modal biometric security device, with our plug-n-play, pay-as-you-go GoCloudID™ product.