U.S. DoD testing multi-factor biometric systems for continuous authentication
The U.S. Department of Defense (DoD) is currently testing two prototype biometric systems, each with about 50 devices, as it seeks to improve its identity, credential and access management (ICAM), according to the Federal News Network.
Defense Information Systems Agency (DISA) System Innovation Scientist Steve Wallace tells FNN the research is not limited to fingerprints and facial recognition, but merges data to create a single score. The systems being tested are intended not to replace the Common Access Card (CAC), which the DoD has said will remain in place and even issued an RFP to augment the CAC with biometrics last November. Rather, they are meant to provide step-up continuous authentication to last throughout user sessions, as opposed to a specific point in time.
“What we’re looking for is something that is constant and continuous, but in the background and not invasive to the user’s experience,” Wallace says.
It is not entirely clear is the systems Wallace refers to include the multi-factor mobile app in testing by the U.S. Navy.
The new systems reflect DoD’s evolving interest in artificial intelligence and zero trust principles, and Wallace mentioned a DISA pilot of behavioral biometrics based on keyboard and mouse interactions. In the future, DoD wants biometric technology in smaller form factors.
“We started with the cellphone, but the reality is we know that’s not the end game, we want to get the wearable, we want to get smaller than that,” says Wallace.
Booz Allen Hamilton picked up a DoD contract for mobile biometric hardware earlier this year.