FB pixel

Who is looking out for your data? Security in an era of wide-spread breaches

Who is looking out for your data? Security in an era of wide-spread breaches
 

By Vince Graziani, CEO, Idex Biometrics

While some of the biggest businesses in the world now rely heavily on data, concern surrounding security is at an all-time high. In 2022 and 2023, 34.5 percent of executives saw cyberattacks that targeted the accounting and financial data of their companies, according to a recent Deloitte Center for Controllership Poll. Meanwhile, 62 percent of consumers in Europe, Latin America, and North America, think that breaches are an unavoidable feature of doing business online. Due to this ongoing danger, employees and customers alike are understandably worried about the security of their personal data. This has left both businesses and end-users starting to wonder if their data is ever fully protected.

Factors such as hurried or unguided cloud migrations, a surge in remote working, underdeveloped infrastructures, and people’s overall growing digital footprint have seen a rise in such attacks, due to the increasing amount of data created in these scenarios. As a result, cyber-attacks continue to increase despite heightened awareness of cyber-security best practices. As per Forbes, the number of malware programs circulating in 2023 exceeded one billion.

In this unstable digital environment, the security of employee and consumer data, as well as the assets and intellectual property of businesses themselves, must be protected.

High-profile breaches make consumers extremely cautious

Statista research estimates the total transaction value in the global digital payments market at $9 trillion in 2023, with an expected annual growth rate of 11.8 percent, reaching $15 trillion in the next five years.

With high-profile data breaches continuing to dominate the news, it is essential to rebuild consumer trust in digital products and offer effective solutions. Over the past year in North America, several well-known entities experienced breaches. American Airlines, for instance, suffered a breach exposing pilots’ personal information when their centralized recruitment database was compromised. Similarly, UPS Canada had to notify its customers that personal information had been inadvertently uncovered by another user who misused a package lookup tool.

Notable companies such as Twitter (now known as ‘X’), the food and drink giant Mondelez and the owner of KFC and Pizza Hut, Yum! Brands, have also made headlines. The social media giant X faced a significant breach, with email addresses of 200 million users being sold on the dark web. This incident followed an initial leak that occurred a year prior.

Meanwhile, in Europe, the Police Service of Northern Ireland experienced a “monumental data breach” in August, caused by a manual error in response to a Freedom of Information request. Regulatory changes in the UK in recent years have seen both the Prudential Regulation Authority (PRA) and the Financial Conduct Authority (FCA) amend their rules for organizations, to combat this level of cybercrime or unintentional data leak. This includes being more cooperative and transparent with regulators, taking responsibility for updating systems and controls, and being both quicker and more comprehensive with details of any security incidents. These rule amendments are a direct response to calls for a degree of digital transformation, and to potentially replace existing systems that should be protecting customers, employees, and their data. Similar cybersecurity regulations in Europe through NIS2 (Network and Information Systems Directive) and DORA (Digital Operational Resilience Act) are aimed at reinforcing operational resilience and resistance to cyberthreats. With this in mind, organizations are considering new solutions to achieve an enhanced level of protection and control, in a decentralized way.

Adapting technology to improve security: the importance of biometrics

Until now, the response from organizations to pressure from regulators, and from the general public, has been to weave cybersecurity more prominently into digital transformation efforts. Organizations have looked to develop a zero-trust architecture, which presumes all access attempts are illegal until authenticated. In this respect, two-factor authentication has also been made compulsory in many countries, adding a further layer of protection for consumers. Ongoing cloud migrations, while presenting a new potential attack surface in the future, have also been designed to better safeguard company data.

The potential of biometrics has also been explored as a primary way to ensure access to data and use of finances, is linked more directly and unequivocally to the right person. Already, the biometric sensor market, where access or use is enabled by personal identification markers such as fingerprints or facial recognition, is set to triple its 2020 value to $3.3 billion by 2030. Initiatives that support the increased growth of this sector include Mastercard’s Biometric Authentication Service, which streamlines biometric integration for businesses. This initiative addresses the challenges with passwords and multi-factor authentication and focuses on the use of biometrics to enhance security while simplifying and expediting digital experiences.

Biometrics’ influence on consumers is also beginning to grow. As many as 58 percent have stated that biometric payments through the use of biometric smartcards make transactions more secure, a rise from 48 percent a year previously. Rather than using a PIN or remembering a password as a mode of access for these payment transactions, the method links a person’s card solely to a person’s fingerprints, voice, or facial features. It is therefore impervious to misuse, bringing additional convenience.

Transforming data storage to enhance consumer confidence

Beyond organizations introducing the technology behind closed doors to keep data safe, the interest in biometrics smartcards shows that consumers also want to see improved protection play out in their physical transactions and finance management. This paradigm shift reflects not only a desire for heightened protection but also an acknowledgement of the limitations of traditional authentication methods. Attributing access to a fingerprint or facial recognition affirms to that person, in that moment, that their credentials are unique, and therefore that the data inside is safe. Encryption of fingerprint data within the card itself further ensures complete confidence in the solution. The encryption of personal identity data only strengthens this defense, ensuring that sensitive information remains inaccessible to unauthorized parties. These smartcards effectively mitigate the vulnerabilities associated with centralized databases.

Biometric smart cards also change the dynamic of data storage. Rather than housing biometric credentials in centralized databases, where targets are also gathered in one location; smartcards sidestep that risk.

As a solution to reclaim consumer confidence, biometric smart cards therefore tick all boxes: ultimate security, off-cloud, via the complete encryption of personal identity credentials that would manage both physical and logical access and keep finances as well as personal privacy safe. The off-cloud nature of biometric smart cards particularly offers a compelling advantage in an era marked by growing concerns over data privacy and security breaches. Unlike conventional cloud-based storage systems, which are susceptible to hacking and data breaches, smart cards provide a localized, tamper-resistant environment for storing critical biometric data.

This amalgamation of cutting-edge technology and robust security measures not only enhances consumer confidence but also sets a new standard for authentication in the digital age. By offering a comprehensive solution for both physical and logical access control, biometric smart cards empower individuals to safeguard their financial assets and personal privacy with unprecedented efficiency and peace of mind.

Using biometrics to build and maintain consumer trust

Significant advancements in authentication and payments are being made possible through the use of biometric smartcards. The scale of migrations that have occurred in recent years has lawmakers and large tech innovators pointing to the cloud as the next frontier for cyber-attackers. In their most recent research, “The Rising Threat to Consumer Data in the Cloud” report, Apple identifies biometric authentication as an “incredibly valuable” method of “passwordless sign-in” that can safeguard customers and staff even in a cloud-centric corporate environment. As part of a continuous transition, organizations will be raising their voices in discussions to fortify their security levels. A transformation that ultimately seeks to restore and embolden consumer trust.

About the author

Vince Graziani is Chief Executive Officer at Idex Biometrics. Idex Biometrics provides fingerprint identification solutions including biometric fingerprint sensors and modules enrollment solutions which are used in payments, identification, access control, and IoT applications.

DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.

Related Posts

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

EU AI Act should revise its risk-based approach: Report

Another voice has joined the chorus criticizing the European Union’s Artificial Intelligence Act, this time arguing that important provisions of…

 

Swiss e-ID resists rushing trust infrastructure

Switzerland is debating on how to proceed with the technical implementation of its national digital identity as the 2026 deadline…

 

Former Jumio exec joins digital ID web 3.0 project

Move over Worldcoin, there’s a new kid on the block vying for the attention of the digital identity industry and…

 

DHS audit urges upgrade of biometric vetting for noncitizens and asylum seekers

A recent audit by the DHS Office of Inspector General (OIG) has called for the Department of Homeland Security (DHS)…

 

Researchers spotlight Russia’s opaque facial recognition surveillance system

In recent years, Russia has been attracting attention for its use of facial recognition surveillance to track down protestors, opposition…

 

Estonia digital identity wallet app from Cybernetica lifts off

Tallinn-based Cybernetica has submitted the minimum viable product (MVP) for Estonia’s national digital identity wallet to the Estonian Information System…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events