Last week, to kick off Mobile Month here at FindBiometrics we brought you coverage of Mobile World Congress straight from Barcelona with our sister site Mobile ID World. The event was more focused on digital identity than ever before, with keynotes on the importance of strong authentication in an increasingly connected world and an unprecedented number of consumer biometrics demonstrations.
If anything, this year’s MWC illustrated perfectly the multi-modal nature of the consumer biometrics landscape, which is built on the foundation of mobile and SIM proliferation. This being the case, there’s no better time to examine what modalities are working on mobile devices, and which ones we can hope to see in the near future.
The biometric modality that has really caught the attention of the public in terms of mobile devices is fingerprint. Thanks to the 2013 release of Touch ID on the iPhone 5S, fingerprint sensors quickly started to become standard on tier one flagship smartphones. Samsung quickly followed suit with its Galaxy S5, and both companies integrated the technology (with a few upgrades) in their current generation phones.
The fingerprint sensor, when integrated into the home button, simply makes sense from an end-user perspective. The button that houses the Touch ID sensor is already the place that users point to first when attempting to access their phones. When touching the home button also authenticates a user, that’s some serious convenience.
But smartphone fingerprint sensors aren’t only for logical access. The mobile biometric modality is a key feature in three major mobile wallets. Samsung Pay, Apple Pay and AliPay all support fingerprint biometrics for contactless retail payment.
Voice biometrics make a lot of sense in the world of mobility. There is not a lot of space on a mobile device, and while this is true for smartphones, it’s especially true of smart watches and connected IoT devices.
On smartphones, voice biometrics has the advantage of being software based. Every smartphone has a microphone and that can be used for voiceprint capture. This aspect of the modality makes it extra-flexible and attractive to app developers looking to serve an audience outside of the fingerprint smartphone having demographic. The USAA banking app is a great example of this, as is Sensory’s AppLock, which can be downloaded on Google Play.
Looking to the near future, voice biometrics simply make sense for the Internet of Things and on wearables. Voice is a long distance and contactless method of interfacing with a connected device, and some devices won’t have the space for physical user interface options. Since a home has more than a single voice it in, voiceprint recognition can help seamlessly integrate strong security into changing the settings on an M2M thermostat, smart TV or any other IoT device you might have. In the future, your home and car won’t only listen to you, it will know who you are.
Like voice, face biometrics are backwards compatible. If you haven’t bought a current generation smartphone, or prefer to go with one of the OEMs that don’t yet embed biometric fingerprint sensors into their devices, you can still protect yourself with facial recognition.
In mobile deployments, facial recognition software leverages a phone or tablet’s front facing camera to compare a photo of a user’s face with the stored template. It is not uncommon to see this functionality working in tandem with voice recognition software to up the ante and offer multi-factor biometric authentication when a user wants that extra assurance. Again, both AppLock and the USAA banking app use facial recognition in this multifactor manner.
The eye is a very complex body part, and as such it is the inspiration behind a number of biometric modalities, and some of those are making it onto the mobile device. Eyes are attractive in authentication situations for their difficulty to spoof. Your eyes don’t leave biometric detritus everywhere you look, so making available fake eye for spoofing purposes is incredibly difficult (if not impossible).
Currently there are two ways an eye can be used for authentication on a mobile device. EyeVerify’s software (which is now built in to the latest ZTE smartphone) can be used in a simpler way to facial recognition, requiring users to take a selfie so that it can capture and compare vein patterns on her eyeball. The software is backwards compatible and has received some praise for addressing the age old problem of irrevocability – offering users the option to re-enroll if their eyeprint has somehow become compromised.
Iris recognition also has a place in mobility. The IriTech has developed a smartwatch with iris recognition security and just last week Fujitsu demonstrated iris scanning on a smartphone.
Vital biometrics wee long the modality of fitness trackers and remote healthcare devices, but that has changed with the Nymi biometric wristband. Nymi has developed the technology to allow for a user’s unique EKG reading to be used for strong authentication. A user simply puts the band on, authenticates her heartbeat and then has persistent identity verification until she removes the device.
The applications for this kind of mobile biometric technology are far reaching, and we will see more of them as the Internet of Things reaches maturity. For now, the Nymi is being touted as the future of biometric mobile commerce, at least by the Royal Bank of Canada.
The primary mobile biometric modalities listed above are just the beginning. New modalities, like the recently proposed cornea recognition, may eventually find their way into our pockets, onto our wrists or into the Internet of Things. Other modalities that do exist in non-mobile deployments, like palm and finger vein scanning or behavioral biometrics, seem to be only few innovations away from mobile deployment as well.
All that said, even established mobile modalities are constantly facing innovation as connectivity, mobility and the demand for strong authentication spread. The way that we see fingerprint, voice and face recognition in today’s mobile devices is not necessarily how they will look in the world of tomorrow. The only reasonable guarantee in strong authentication is that the future will be secure, convenience and mobile.
Stay posted to FindBiometrics throughout the rest of March as we continue Mobile Month. Be sure to follow us on Twitter and use the hashtag #FBMobileMonth to be part of the conversation.
March 11, 2015 – by Peter B. Counter