INTERVIEW: BIO-key CEO and Chairman Mike DePasquale Discusses the FBI’s Important Security Notice

INTERVIEW: BIO-key CEO and Chairman Mike DePasquale Discusses the FBI's Important Security Notice

BIO-key has long been one of the most prominent providers of biometric authentication solutions for the enterprise. Specializing in compact fingerprint reader solutions that can be plugged into any computer or other device with a USB port, and offering sophisticated identity software to support large-scale deployments, BIO-key operates across a wide range of industries and sectors, from finance to manufacturing to defense. It has also seen a rising profile in the government sector in recent months, with multiple county election boards opting to secure the electoral process with BIO-key’s biometric authentication solutions, and workers in the federal government’s legislative branch now accessing IT assets with BIO-key fingerprint scanners.

In addition to being a prominent supplier of biometric authentication solutions, BIO-key is also an outspoken advocate for the security industry, having recently sought to publicize a Private Industry Notice from the FBI urging organizations to integrate biometrics into their authentication systems. So, naturally, that was the place to start in a new interview between FindBiometrics President Peter O’Neill and BIO-key CEO Mike DePasquale. After delving into the details and importance of the FBI’s announcement, the two went on to discuss BIO-key’s main target verticals, with a focus on the rising government and healthcare sectors, and concluded with a glimpse at what BIO-key has in store in the very near future.

Read the full interview with Mike DePasquale, CEO, BIO-key:

Peter O’Neill, President, FindBiometrics: I’d like to start off our discussion today with very recent news from the FBI Cyber Task Force, their report advises businesses to incorporate biometric factors to mitigate multifactor authentication risk. Big news coming from the FBI, please tell our readers what this news means and especially for the business community.

Mike DePasquale, Chairman & CEO, BIO-key: The FBI report should serve as a wake-up call for every IT leader and decision maker.  First, we must consider the source, the FBI is an authority on cyber crime and cyber threats.  One of the reasons that might have motivated them to conduct the research and issue the report is likely due to the complacency that has become commonplace as data breaches and cyber crimes are happening daily.  Fortune 500 companies are creating Bitcoin accounts in anticipation of a breach and demand for ransomware. That’s how powerful the cyber thieves have become. The announcement is the FBI drawing a line in the sand on traditional multifactor authentication solutions and stating that they are too vulnerable to be considered secure. Fortunately, the FBI is not just pointing fingers, rather it’s offering a solution. And frankly: they are making a very bold, very positive statement about biometrics. The same message we at BIO-key have been championing for over 25+ years. Biometrics “need” to be part of your strong MFA solution that is what the FBI is professing in this new Private Industry Notice.

Peter O’Neill, President, FindBiometrics: It is kind of rare for the FBI to come out and have a message like this, so obviously this has reached a critical stage or critical time for the industry. Why is it so important today versus in the past? 

Mike DePasquale, Chairman & CEO, BIO-key: What we’re witnessing today are a variety of schemes and attacks that are being used by cyber criminals to defeat traditional multifactor authentication solutions, including social engineering and SIM swapping. Phishing attempts are on the rise and phishers are targeting non-IT savvy employees in an attempt to capture passwords. We are also seeing cyber threats on mobile devices, so cybercrime is broad and seems to have no boundaries. 

But as you point out, the FBI is not known for openly endorsing technologies. It’s our opinion that they are trying to thwart the epidemic of cyber crime and want IT leaders and organizations to take bold and swift action. For those of us in the biometric industry it’s not a surprise, we’ve known all along that it would be a matter of time before the security and convenience of biometric authentication would become paramount to every security platform.

It is interesting that the FBI is taking such a strong stance, because NIST, which is the National Institute for Standards and Technology, another government agency, has been lukewarm on the utilization of biometrics across the board for multifactor authentication. So, it is interesting that NIST has been lukewarm about it and now the FBI has come out in a very aggressive way to say no, you really do need to deploy biometrics in order to have a stronger multifactor authentication solution at your company or at your government agency.

Peter O’Neill, President, FindBiometrics: Well I think it is clear that the FBI is on the ground floor, they are the ones dealing with end user cases, while NIST is not… I think that is the difference, but I think they would be behind the FBI in their thinking.  

For our readers not familiar with the broad scope of your product offering everything from fingerprint scanners through your Microsoft partnership, enterprise security, multifactor as we mentionedcould you just give us a quick overview of the scope of your product lineup?

Mike DePasquale, Chairman & CEO, BIO-key: Absolutely. As you mentioned Peter, we provide full and complete security solutions for both enterprise and governments. We have a broad and highly recognizable base of customers in virtually every sector of the economy. They turn to BIO-key for software and hardware that can be integrated and deployed for a very specific application or standard multifactor authentication and identity and access management solutions that any company can deploy to replace or augment their existing password or token infrastructure. We have integrations with all the large security providers such as Oracle and Microsoft, CA, and IBM. So, we make it easy for our customers to integrate a biometric option for multifactor authentication. 

It’s also important to note that we support all the traditional authentication methods as well – we support cards and keys and tokens and passwords and PIN’s – but our competitive advantage is being able to easily add that biometric option for our customers providing a greater level of security and of course aligning with what we are discussing today, the FBI Private Industry Notice for cybercrime and cyber threats. 

Peter O’Neill, President, FindBiometrics: Great. You mentioned a couple of vertical markets in there, we are seeing tremendous growth and almost an explosion across just about all vertical markets now especially around the concern of identity broadly. What vertical markets are you seeing the most traction? And what excites you out there?

Mike DePasquale, Chairman & CEO, BIO-key: We are very excited about our projects in finance, banking and insurance, where we are receiving inquiries daily and it’s become our fastest growing vertical. We are also seeing lots of activity on the government side both domestically and internationally. Believe it or not government agencies are now adopting multifactor authentication consistent with the way enterprises are adopting it. We have had a number of successes and wins in the international government space including in Israel, Dubai and Singapore. A new area where we are quickly becoming the technology of choice is protecting the election boards around the country and in particular in Florida where this whole opportunity started for us. We think finance, banking, insurance, and government will remain our top verticals. We however also do significant business in telecom, manufacturing, healthcare and retail as well.

Peter O’Neill, President, FindBiometrics: It is interesting, your comment about government starting to be as active as, let’s say the financial space, and you wonder who is driving whom. You and I have talked in the past, and sometimes it takes adoption in a vertical like finance to get everybody else to move along. But it seems right now that government has taken that right up and started to move a lot faster. 

Mike DePasquale, Chairman & CEO, BIO-key: I think the reason for that is the volume of transactions that government agencies process, similar to the financial services industry and banking. They are both very high-volume users; they are both broadly open to risks and they are targets from international cyber criminals so it does make sense. I think that the FBI’s notice and recommendation is really powerful as you mentioned before because it comes directly from the street level where they are interacting with companies and agencies who have been hacked. They are investigating and they are understanding at a great level of detail, how things are happening, why they are happening and the devastating impact that results. I don’t think we should ever say “never” or “that it is impossible to penetrate” a particular company or database or agency but we can make it harder by incorporating biometrics. We certainly make it much more difficult for cyber criminals to hack into sensitive areas on digital platforms. 

Peter O’Neill, President, FindBiometrics: You mentioned healthcare and that is a market we see that is significantly behind for example, financial services. Do you think that is because of the number of rules and regulations in healthcare? Finance also has a lot of rules and regulations, but why is this market behind?

Mike DePasquale, Chairman & CEO, BIO-key: I believe that market is behind because of the legacy infrastructure in healthcare. Incorporating anything new in the healthcare ecosystem takes time, a lot of resources, and a lot of money. I do believe that healthcare will catch up. Biometrics have been a strong component on the provider side but moving towards the patient is still going to take some time. But I, like you, believe that it has the same potential and opportunity that the financial services industry is presenting today.

Peter O’Neill, President, FindBiometrics: We are working with the HIMSS organization, the largest conference dealing with these types of issues, and they also recognize that. There is a cost savings involved too, so I think they are starting to move in the right direction which is very, very positive. 

You have a long history in this industry, 25 years, and I must say, Mike, that not many companies that I talk to can claim that they have been in this industry for that length of time. So, congratulations on that. With that kind of broad knowledge in the identity landscape what do you think are some of the challenges we have moving forward?

Mike DePasquale, Chairman & CEO, BIO-key: For those of us that have been in this space for greater than 15 years, for sure, we have been pushing this ball uphill. We’ve understood the value proposition, we’ve understood the sense of security and the level of convenience that biometrics could provide but it is just now that the market is really catching up with it. When the iPhone went biometric back about five or six years ago, that drove consumers to the point where they were accepting of biometrics – but now when you see the evolution of security necessity potentially driving the business I think this is the next greatest validation of the fact that biometrics are going to be part and parcel of our everyday lives as consumers, and enterprise users including their customers.  Also governments around the world are deploying services and access to information for citizens therefore we are going to see this become a standard for security. 

It has taken way longer than any of us had ever imagined, or dreamed, for biometrics to get to this point, but we stayed in business for 25 years because we have the technology, the passion and a belief that this was inevitable. So, today I believe this FBI announcement is a validation of our premise that biometrics will be required, not just a nice-to-have option, but will be required as part of any serious security solution. Again, whether that is for employees, whether it is for consumers, whether it is for patients, or it is for government employees, users, and citizens, it is going to be a very strong and important component of our everyday lives.

Peter O’Neill, President, FindBiometrics: I couldn’t agree more with you, Mike. You mentioned the Apple effect, as I call it, and things have really moved quickly.

Can you tell us what is next for BIO-key? I think this has been a good year for you but can you tell us about some of the highlights and what is coming up?

Mike DePasquale, Chairman & CEO, BIO-key:  We plan on expanding our solutions within the traditional identity and access management space. As the broad need for biometrics grows, we want to be considered a best practices solution. 

We’ll maintain a heightened focus vertically on financial services, government, healthcare, and retail, for those are our important verticals to us. 

BIO-key also plans on broadening our offerings, including adding other factors of authentication; we are working on a couple of new and innovative technologies that we will introduce in 2020.  Our goal is to make biometrics even more broadly available, even in a mobile venue. A high quality mobile biometric authentication solution that eliminates the need for any special / additional hardware will be invaluable.

We also anticipate that the time has come for WEB-key, and our ID Director Series of Solutions. They provide customers with the perfect solution to follow the FBI’s guidance. We offer world class biometric authentication meeting all the latest standards, including SAML, and support all the traditional forms of authentication as well. When you add WEB-key and ID Director to your existing security infrastructure you achieve the level of security the FBI is recommending.

Lastly, I think this FBI Private Industry Notice is going to force the large identity and access management providers like Okta, SailPoint, Akamai and Duo Security to consider biometrics, and partnering with BIO-key is a very good option for them. As they respond to their customer’s demand for biometrics we become a great choice to partner with.  

Peter O’Neill, President, FindBiometrics: Thank you Mike very much for carving out some time to speak with us today. It is always such a pleasure to speak with somebody with your kind of experience in our market, one of the true leaders, and I really appreciate the time today. Thank you very much.

Mike DePasquale, Chairman & CEO, BIO-key:  Always a pleasure speaking with you, Peter.