The annual FindBiometrics Year in Review survey always delivers a number of interesting and sometimes complicated insights into how the biometrics industry sees itself, but one of the simplest and most interesting of its findings comes from the question about when biometrics will finally kill off the password.
For the 2019 edition of the survey, that question came in the form of asking whether respondents believe biometrics will replace the password as the primary method of user authentication online by 2022, 2025, 2027, or after 2027. The 2025 prediction garnered the most votes, at 35 percent; 19 percent said the password would be displaced by 2022; and 2027 took five percent of the vote. That’s a majority – 59 percent of respondents – indicating that they think that biometrics will replace the password in the coming decade, with an additional eight percent saying they think that will happen sometime after 2027.
But a quarter of all respondents (26 percent) don’t think that will happen at all, having elected the alternate response: “Never. The security of the future will combine passwords and other strong authentication methods like biometrics”. It’s a perhaps surprising response from a large chunk of survey participants, given that so many of those who take the FindBiometrics Year in Review survey tend to work directly within the biometrics industry.
Eliminating the password has long been the promise of biometric technology, and clearly there are still a lot of true believers – about the three quarters of those who participated in the survey. But it may be that the growing sophistication of spoofing attacks – aimed at mimicking legitimate biometric credentials – has helped to convince some industry professionals that the use of multiple authentication factors, including passwords, will be necessary going forward.
That having been said, anti-spoofing technology – ie. liveness detection – is also advancing rapidly, and a growing number of industry professionals are realizing its critical importance in counteracting presentation attacks. Indeed, some industry leaders, such as FaceTec, are leveraging their certification in anti-spoofing standards testing to help make the case for their biometric security solutions. And this trend may be an important part of the reason that the vast majority of Year in Review survey respondents really do believe that biometrics can effectively replace the password for online authentication in the near future.
January 16, 2020 – by Alex Perala