• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

FindBiometrics

FindBiometrics

Global Identity Management

  • Biometrics
    • What are Biometrics?
    • FAQ
    • Biometric Associations
    • Companies
    • Premier Partners
  • News
    • Featured Articles
    • Interviews
    • Thought Leadership
    • Podcasts
    • Webinars
    • Year in Review
  • Applications
    • Biometric Security
    • Border Control and Airport Biometrics
    • Consumer and Residential Biometrics
    • Financial Biometrics
    • Fingerprint & Biometric Locks
    • Healthcare Biometrics
    • Justice and Law Enforcement Biometrics
    • Logical Access Control Biometrics
    • Mobile Biometrics
    • Other Biometric Applications
    • Physical Access Control Biometrics
    • Biometric Time and Attendance
  • Solutions
    • Behavioral Biometrics
    • Biometric Sensors and Detectors
    • Facial Recognition
    • Biometric Fingerprint Readers
    • Hand Readers & Finger Scanners
    • Iris Recognition
    • Biometric Middleware and Software
    • Multimodal Biometrics
    • Physiological Biometrics
    • Smart Cards
    • Vein Recognition
    • Voice and Speech Recognition
  • Stocks
  • Events
  • Companies
  • Podcasts

Future-Proof MFA with Biometrics

November 16, 2022

Biometric systems offer a convenient and secure way to guarantee that a person can’t forget, lose, or hand off their authentication method.

KIM BIDDINGS is vice president of product at BIO-key, a provider of biometric-centric,
multi-factor identity and access management (IAM) solutions
.

By Kim Biddings

Multifactor authentication (MFA) is the clear choice for safeguarding organizations against hackers who are looking to cause chaos. By some estimates, a well-implemented MFA strategy can prevent 90% of cyberattacks, making it an obvious move for IT professionals. In spite of the benefits, only 43% of organizations have already implemented MFA. To determine the MFA method that is the best fit, organizations need to analyze the needs of their employees, customers, and suppliers. This means taking into consideration how and when people can access networks, systems, and data, and how critical those are to secure.

Pain Points from Traditional Approaches

Security protocols are only effective when people use them. One of the main faults of passwords is that people experience password fatigue, causing them to use the same password over and over so they’re easier to remember. Even if they do use unique passwords, and their company has implemented phishing training, hackers are becoming more sophisticated in their methods, giving employees the impression that they will be hacked whether or not they follow best practices.

A good second layer for authentication needs to be both convenient and instill confidence in users to guarantee it is adopted and used effectively by all parties.

Perhaps it is for these reasons that hardware tokens have seen slow adoption rates, with only 4% of the financial sector and 19% of government agencies with MFA choosing to use them as a second authentication factor. Hardware tokens are physical devices, like a USB stick, that need to be present to access a system. While they offer greater security than passwords and some phone-based methods, their convenience is questionable. Since people can lose or misplace them, it places the burden on users to hold onto them. They also have an obvious security fault—they can be handed off from one person to another with ease, which doesn’t build confidence in the security of the system as a whole.

While convenience may be king for users, organizations need to look at the most secure methods for authenticating people and dictating who can and cannot gain access to critical information. As MFA proliferates, so too do the methods hackers are using to try to get around the most common security measures. Most of us are familiar with one-time passwords (OTPs) where a passcode/PIN is sent to your registered device, like a smartphone. However, bots and other types of hacks have proven extremely successful against OTPs. As early as 2016 NIST began warning against the use of OTPs. Despite these warnings, OTPs are still a prevalent second layer authentication method for companies and users alike.

Your Strategy Must Include “Something You Are”

As previously discussed, hardware tokens can be lost, passwords phished, and OTPs intercepted. Organizations need to move away from things that we have and things that we know in order to achieve the level of security they hope to achieve by implementing MFA in the first place. Centralized biometrics, like Identity-Bound Biometrics (IBB), address this issue at the source. By enrolling their biometric centrally with the organization, users can gain access without being tied to an individual device or token, and the organization can verify the authorized person on the other side of the screen. For example, when a person’s fingerprint is scanned, that data is matched to a template on file with the organization, guaranteeing the person is exactly who they say they are.

Biometric systems, like IBB, offer a way to guarantee that a person can’t forget, lose, or hand off their authentication method and enable someone who is unauthorized to gain access. Using something that is unique and constant to an individual, like a fingerprint, face scan, or palm scan, is both convenient for the user and builds confidence between them and the organization by demonstrating the highest level of security.

Future-Proof Authentication

As more companies adopt MFA, they need to consider what type of second-layer authentication can provide the flexibility and security necessary to secure their network, systems, and data for years to come. While methods like OTPs have already demonstrated their vulnerabilities, and hardware tokens set up organizations for future headaches, centralized biometrics lay a foundation of lasting security. By moving away from authenticating devices and toward authenticating people, methods like IBB build trust between the person and the organization and allow for convenient, secure access from anywhere.

KIM BIDDINGS is vice president of product at BIO-key, a provider of biometric-centric,
multi-factor identity and access management (IAM) solutions
.

Related News

  • BIO-key Forms PortalGuard Distribution Agreement With Darksteel TechnologiesBIO-key Forms PortalGuard Distribution Agreement With Darksteel Technologies
  • BIO-key Provides PortalGuard Security for Marine Repair SpecialistBIO-key Provides PortalGuard Security for Marine Repair Specialist
  • PortalGuard Nets BIO-key a Gold Govie AwardPortalGuard Nets BIO-key a Gold Govie Award
  • BIO-key Provides PortalGuard for Texas MunicipalityBIO-key Provides PortalGuard for Texas Municipality
  • Rio Arriba County Deploys PortalGuard and BIO-key Fingerprint ReadersRio Arriba County Deploys PortalGuard and BIO-key Fingerprint Readers
  • Eyeing EMEA, BIO-key Makes Its Next Big AcquisitionEyeing EMEA, BIO-key Makes Its Next Big Acquisition

Filed Under: Thought Leadership Tagged With: BIO-key, Biometric, biometrics, Fingerprint, fingerprint recognition, guest post, identity and access management, multi-factor authentication

Primary Sidebar

Identity is Shaping Air Travel – Time to Invest

Sponsored Links

facetec logo

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

TECH5 logo

TECH5 is an international technology company founded by experts from the biometrics industry, which focuses on developing disruptive biometric and digital ID solutions through the application of AI and Machine Learning technologies.

TECH5 target markets include both Government and Private sectors with products powering Civil ID, Digital ID, as well as authentication solutions that deliver identity assurance for various use cases. 

Learn more: www.tech5.ai

Mobile ID World Logo

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs.

Recent Posts

  • An ‘Exciting Time’ for IDEMIA: Identity News Digest
  • Facephi’s Rocketship Award Delivers New Opportunities
  • Chips, Guacamole, and Device-Agnostic Identity – Hummingbirds AI CEO Nima Schei at ISC West 2023
  • NECAM Gets a New CEO: Identity News Digest
  • Onfido Delivers 15-second Identity Verification for UK’s Co-operative Bank

Biometric Associations

IBIA and fido

Tweets

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives
  • CCPA: Do not sell my personal info.

Follow Us

Copyright © 2023 FindBiometrics