Mobile Biometrics Month 2016: Biometrics Versus Keyboards

A Transitional Experience

ImageWare SystemsMobility is a promise of convenience and efficiency. Take your digital life wherever you go, always be connected to the people, networks and applications that matter to you most. Now, thanks to popular mobile commerce technologies your phone is even more important and useful than your credit card stuffed wallet, and will become even more so with the advent of mobile identification credentials. But there is one aspect of the modern smartphone that is in an interim phase of evolution—the archaeopteryx of mobile technology— and that is the virtual keyboard we depend on to type in passwords, PINs, and usernames.

Conversationally, the QWERTY keyboard on your mobile touch screen is functional enough. Swipe controls and autocomplete technologies are far from perfect, but they at least offer the option to text and Tweet with one hand. When it comes to security though, particularly password based access control, few mobile pain points are as devastating as the virtual user interface for text input.

Keyboards, Passwords and Pain Points

DaonPasswords are annoying at best on their own. You need to use different codes across accounts, and they should follow specific guidelines for complexity, which are actually becoming mandatory across most platforms. Uppercase, lowercase, a number, a symbol and no words you can find in a dictionary, when dealing with this security paradigm from a desktop computer the difficulty comes in the management of the passcodes—remembering them, changing them regularly—but on the mobile device the biggest barrier is actually inputting them.

All of the innovations in the area of text communications are useless in this scenario. If your phone’s predictive text algorithm can help you enter a password with one thumb you’re in trouble, and I don’t know about you, but I wouldn’t know how to begin to speak my logins to a speech-to-text AI assistant. Instead, what you are left with is a series of different virtual keyboards—lowercase, uppercase, and two symbols boards—each accessed by alt and shift keys, that you need to operate using only your thumbs. As a fun experiment, next time you’re logging into an account on a laptop or desktop, try typing in your password with just your thumbs. It’s tough, but it’s still easier than using a smartphone to input a complex string of characters.

What’s more, this barrier to access stands to be a major point of abandonment for users. At Mobile World Congress in Barcelona, Peter O’Neill, president of FindBiometrics, spoke with VMWare’s VP EUC Product Marketing, Blake Brannon, about mobile adoption in the enterprise. According to Brannon, the stakes are very high when it comes to user friction on mobile login. You only have about 20 seconds to keep a user’s attention before they abandon a sign in request.

“That’s why adoption of mobility in the enterprise doesn’t happen,” Brannon said. In the enterprise the whole thing is exacerbated by the fact that many businesses don’t configure their mobile device management properly forcing users to choose between calling the help desk or just going to their PC. Convenience, in other words, is integral to the mobile experience. Too much friction has users going back to their desks.

The Evolution Of The Mobile Biometric Experience

Biometrics Versus KeyboardsBy now you will have likely guessed the solution to this problem. In mobility, especially when it comes to consumers, the big appeal of biometrics is convenience. On every flagship smartphone available from the world’s biggest OEMs there is now a fingerprint sensor to replace lock screen security as well as the password on a growing number of apps. Windows phones now offer iris scanning for the same purposes, and apps are also being updated to support built-in face and voice recognition for authentication. In these last examples, you don’t even need to touch the phone, let alone navigate the labyrinth of virtual letters, numbers and symbols.

Biometrics work so well in this scenario because they are an intuitive technology that hasn’t been carried over from decades old tech. Looking at a screen is all it takes when using a contactless modality, and fingerprint sensors need a single touch in the same place every time (as opposed to eight to sixteen unique touches). And the level of convenience is superior even to the simplest lock screen protection. Biometrics feel natural on mobile in the same way QWERTY keyboards came to feel natural on larger computers.

Before I upgraded to a Galaxy S6, I used a pattern lock on my phone which was about as simple as mobile security gets. I would take a finger and trace a pattern on the screen. Login would take about a second, but there were snags. I’m right handed and I use my thumb as a primary interface on my phone. If I used my right thumb, everything would be automatic and smooth. But if I was holding my phone in my left hand, or if my phone was laying flat, say, on my bedside table, the experience would result in a series of incorrect entries, occasionally punctuated by a timeout screen. With the ability to enroll multiple fingers on both of my hands, it doesn’t matter how I’m holding my phone, I can always gain access. And the same goes for the contactless modalities: my face or eye can be scanned regardless of my dominant hand.

As multimodal biometrics become more pervasive on smartphones and apps that run on them, we are seeing the smartphone evolve out of its awkward transition phase from computer-in-your-pocket and into its own mature device. Biometrics are often touted and scrutinized based primarily on their efficacy as a security solution, while their convenience serves as a good selling point. But the low-friction user experience is nothing to downplay, biometrics could very well be the missing piece that brings us into a new era of mobile only digital living.


Stay posted to FindBiometrics throughout March as we continue to examine mobile biometrics in our featured articles section. Be sure to follow us on Twitter so you don’t miss a beat.

Mobile Biometrics Month 2016 is made possible by our sponsors: Nok Nok Labs, Daon and ImageWare Systems, Inc.

March 9, 2016 – by Peter B. Counter