As we explored in last week’s Multi-Modal Month feature article, combining biometric factors can greatly bolster security without having to sacrifice much (if anything) in terms of convenience. With innovations in cloud technology and an increasing level of availability in terms of biometric hardware and software, multi-factor authentication is becoming a lot more appealing in the vertical markets.
Here are four specific areas already embracing the peace of mind offered by multiple authentication factors, including biometrics:
Last year, during the Biometrics Unplugged conference in Tampa, Dr. John Halamka mentioned that health credentials are among the most valuable to sell on the black market. He also described the big issue facing healthcare professionals today: a simple lack of time.
It poses a difficult conundrum. Mobility can potentially solve the need for greater workplace efficiency, but with such critical and valuable information being used by health professionals, there must be a highly secure authentication process in place before a smartphone can interface with a hospital’s network at all, let alone transfer medical data across it.
A particularly interesting solution to this rests in a UK patent granted to ValidSoft in November 2013 for a Dual-Wireless Network Authentication System (Dual SSID). Dual SSID would allow for a visible wireless network to offer credentials to an authenticated device, which can at that point access a second, highly secure invisible network. This effectively hides the logical access point for devices wanting access to networks in workplaces that are required to have extremely high levels of security.
Combined with additional authentication factors (fingerprint sensors on a smartphone, for instance), the Dual SSID can potentially help add assurance and efficiency in the tenaciously BYOD resistant healthcare industry.
2. Electronic Payments
The financial industry is undergoing a transformation thanks to innovations in strong authentication, mobility and NFC. The big obstacle in adoption here is the same as above, but there is a little less leeway when it comes to convenience.
Users really can’t tolerate a bit more friction in the interface department, simply because buying goods is already really easy. A solid next generation financial solution, whether it’s for banking or payments, needs to be better than passwords without being any more difficult to use than phoning a bank, using a credit card or pulling out your laptop to bank with it instead.
Both mobile banking and secure next generation payments can take advantage of multi-factor to gain end-user traction without adding inconvenient use-barriers.
In payment, look to France, whose interbank network is combining a proximity factor with fingerprint biometric readers to enable electronic payments at retail stores and at ATMs. The Groupment des Cartes Bancaires CB has come up with a payment solution requiring the submission of a biometric and the presence of a keyfob (to eventually be replaced with a micro-SD card in a mobile phone). The user only need to be carrying the device and is not required to submit her keyfob or phone. This means that, from an end user perspective, payment and cash withdrawal will simply involve the touch of a finger.
It’s two factors of security with only one action need to authenticate.
3. Enterprise Security
Access control in the office is an excellent example of an area of application ripe for multi-factor. Speaking very broadly, this can be divided into two categories: logical access control (logging on to employee workstations or accessing networks) and physical access control (opening doors or passing checkpoints).
An efficient example of multi-factor physical access control is the Zwipe biometric card, which combines a fingerprint biometric with contactless card authentication. The Zwipe biometric access card also represents a nifty trend in this area of application that is making next generation security seem especially appealing in business: it attacks the barriers of adoption.
Because fingerprint authentication occurs on the card, and since the device is compatible with legacy card reading security systems, multi-factor access control doesn’t have to require additional infrastructure. This means upgraded security without an investment in a new security network, saving cost and time.
When it comes to logical access control, the factor of choice (which we spoke about last week) comes in. Cloud-based platforms, like those available through ImageWare Systems offer a service model for enterprises that allows for the building of an authentication system that best fits their needs. Voiceprint and face recognition specifically make for easy to use and simple to install factors since they can operate through existing computer hardware like a microphone or webcam.
4. Border Control
If you’ve been staying up to date with our industry news section you will be well aware that automated border control market is on the rise. What might not be apparent is the multi-factor nature of the deployments that protect national boundaries.
Again, here we have on the most basic level a two factor system: user biometrics combined with a secure document (an ePassport). The user ID containing the biometric data, however, is not limited to just a single body measurement.
Fingerprint, face and iris scan are all up for grabs in this application that can embrace diversity. The newly launched Cross Match Guardian Module brings ten-print livescan to eGates, while VisonBox’s recently announced deployment in Brazil leverages facial recognition. In August, airport security express lanes from CLEAR will require face and iris biometrics to speed pre-approved users through. All of this is combined with the ePassport, building an increasingly secure multi-factor system.
Stick with us for the remainder of June as we dive deeper into the diversity of biometric solutions. Have something to contribute to this discussion? Follow us on Twitter and use the hashtag #fBMultiModal to keep the conversation going all month.
June 18, 2014 – by Peter B. Counter