January 17, 2017 -
Mercator Advisory Group has published a new research report titled “Biometrics: A New Wrinkle Changes the Authentication Landscape”, which focuses on the fundamentals of biometrics for authenticating consumers’ identity.
The 44-page report emphasizes the need for multimodal biometric authentication and outlines the various types of biometrics available from technology vendors.
One key point made in the report is how biometrics technology has transitioned from being a primarily hardware-based solution to a more secure software-and cloud-based solution enabled by smartphones.
With the continued innovation of voice and face recognition, along with behavioral biometrics, this shift will drive rapid new innovation and encourage the mobile architecture, the report states.
“Behavioral dynamics will play an increasingly important factor in establishing trust factors for the authenticating consumers’ identity across every channel and for establishing persistent identity,” said Tim Sloane, vice president of payments innovation at Mercator Advisory Group and author of the report. “With the introduction of new authentication factors, new secure mobile platforms, and software- and cloud-based authentication mechanisms; it will be extremely risky for banks to make an investment decision that includes hardware and requires five-plus years to achieve a positive return on investment.”
Mercator’s research also shows that smartphones are being increasingly shipped with trusted execution environments that can displace traditional hardware security fobs, which marks an important shift in biometrics.
Biometrics will improve security and provide a more convenient authentication method for consumers than passwords as it continues to become a persistent identity over the next 5 to 8 years.
For persistent identity, authentication is no longer about a single challenge event such as a fingerprint scan. Instead, it has become a passive trust value uniquely associated with an individual, the report states.
The trust value will be continually updated based on several factors including location and passive sound (voice and ambiance) as well as facial recognition and a range of behavioral inputs.
The report states that since the mobile device is creating this trust factor, it is likely that Apple and Google will be critical partners in consumer authentication for the majority of access control scenarios.
This continued reliance on the smartphone will help solidify the FIDO (the Fast Identity Online) Standard as the appropriate architectural method for managing authentication credentials.
Finally, the report stresses that maintaining the credentials in the handset eliminates the so-called honeypots that attract criminals, boosts consumer trust, and converts the authentication infrastructure into a shared resource that will significantly lower deployment costs related to all authentication solutions.
The report mentions several companies, including Amazon, Apple, BehavioSec, BioCatch, Entrust Datacard, Facebook, FIDO Alliance, FIS, Fiserv, Fujitsu, Google (Alphabet), HID Global, IBM, IDScan Biometrics, IEEE, Nymi, MasterCard, Microsoft, Mitek, Qualcomm, SAFE-BioPharma, Samsung, Telesign, USAA, Visa, VoiceVault, and Xiaomi.