Passwords are often repeated, forgotten and all too hackable. There are only so many permutations of your birthday or initials, after all.
But what if you no longer had to remember complicated passwords? Enter biometrics. These use traits on the body, such as fingerprints or facial features, to identify somebody, and have great potential for boosting cybersecurity, believes security firm CyberArk.
We delve into how biometric authentications make accounts more secure, and why they could transform cybersecurity in the future.
Increasingly, firms are turning to multi-factor authentications to secure user accounts and information. Individuals have to verify their identity twice when logging into an account, for instance by entering an SMS code on top of providing the correct password.
This gives an additional layer of defense. Cybercriminals would have to get their hands on your mobile phone and messages, not just guess your password. According to Microsoft, multi-factor authentications make systems 99.9 percent less vulnerable to cyber attacks.
Yet, even double-layer defenses are not fool-proof. Typical multi-factor authentication methods include SMS codes and answering security questions. This is problematic, as it’s still possible for hackers to steal a handphone, or learn the answers to seemingly personal questions.
The same can’t be said for biometrics, however. Biometric authentications rely on unique identifiers, such as fingerprints, voice patterns and behavioural traits, to verify someone’s identity. These are difficult to steal, and much harder to replicate.
How biometrics are used in security
Biometric authentications are already being used in situations that require tight security, such as at immigration and banks.
Singapore plans to introduce iris and facial scanners at its checkpoints to improve efficiency and security. Immigration already uses fingerprints for identity verification, but age, scarring or genetically dryer fingers may reduce the effectiveness of this method. Just like fingerprints, iris patterns are unique, but are not likely to change with ageing or scarring, Tan Sor Hoon, Chief Information Officer of the Immigration and Checkpoints Authority said.
Citibank uses voice recognition to verify callers’ identities as they explain their reason for calling. Contact centres can verify customers within 15 seconds of them picking up the phone, which shaves off around two-thirds of the time spent confirming their identity manually. The bank was the first financial services firm to use voice biometrics authentication in Asia Pacific, including in Singapore, Hong Kong and India.
Biometrics in cybersecurity
Biometrics can also make a difference in cybersecurity. Before the pandemic, it was useful for authenticating third-party vendors, who often used separate networks. Now, companies need to verify their own employees as well, since many of them could be working remotely.
CyberArk Alero combines biometric verifications with its flagship privileged access management system to help companies easily manage the access that remote users have to critical information. Companies can give employees and vendors access to the data they need to do their jobs, nothing more or less, and only when they need it.
This solution makes use of the biometric capabilities already available on smartphones. Users only need to download the Alero app to log in to a company’s networks. This method doesn’t require VPNs, passwords, or permission from IT administrators, making access management a lot more efficient.
Forgot your password? No problem. The future of online security could lie just at your fingertips.