FB pixel

Add a biometric basket for your authentication eggs, says vendor

Add a biometric basket for your authentication eggs, says vendor
 

Identity management is failing because it focuses on effectively authenticating devices without biometrically authenticating the person operating an accepted device, according to a veteran industry executive.

Jay Meier, recently hired as one of FaceTec‘s regional senior vice presidents, is pushing for a system that “binds a privilege to an actual, legal identity rather than to a device that we presume to trust is being held by (the person with) that legal identity.”

FaceTec claims to collect from two-dimensional images the kind of data found in 3D facial recognition and liveness. Adding liveness-confirmed biometric ID proofing, enrolling and user authenticating processes, according to Meier, to current steps is required to avoid theft and fraud.

He was speaking about identity management as part of a video interview posted by Scytáles, which develops mobile driving licenses.

Identity managers and CEOs know that it is not enough to be certain about devices seeking access because there typically is no way to be certain about who holds the device.

But, Meier said, deterministic decisions are binary. The device is or is not entitled to access resources, or system privileges. If device authentication is doing its job, there is 100 percent certainty in the decision.

Hearing 100 percent certainty is attractive to CEOs who prefer to think of any decision that is not strategic be binary whenever possible.

Biometrics is a probabilistic matter. Getting to 100 percent certainty through machine vision, for example, is not a realistic expectation.

Binding a privilege to a legal identity rather than, or at least in combination with, device authentication is the best way today to secure systems and data, particularly remotely, he said.

Biometric Update last week published a post by Meier making this point.

In it, he cited a Verizon survey indicating that weak authentication of people resulted in 85 percent of all breaches last year.

Meier used an example that is hard to ignore — the SolarWinds attack. Criminals executed remote access trojan malware in a supply chain exploit that succeeded despite strong device authentication. The hackers exploited weaker user authentication to great success.

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Harmonized digital driving license in EU approved as part of driving reform package

The EU is getting closer to a harmonized mobile driver’s license (mDL) with the approval of a provisional deal on…

 

DARPA taps Aptima to bring media forensics to market amid deepfake surge

The Defense Advanced Research Projects Agency (DARPA) has awarded a commercialization contract to Aptima, Inc. that marks a critical inflection…

 

Parsons secures sole source deal to equip U.S. Air Force with biometric kits

The U.S. Air Force Air has issued a notice of intent to award a sole-source contract to Parsons Corporation for…

 

Gov.uk Wallet ‘empowering the market,’ says Kyle, in big win for OSPs

After a tense few weeks, the UK government has released the working principles for the Gov.uk Wallet plan that has…

 

Biometrics integrations, identity intelligence improve financial services onboarding

Major integrations for Fourthline and BioCatch are expanding the reach of their biometric user onboarding and KYC technologies, as financial…

 

Pakistan introduces digital birth, death registration in health facilities

Pakistan has taken a decisive move to streamline birth and death registration by digitizing the process and making services available…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events