Will Biometrics replace Passwords?
The days of using a computer to access your bank account, using a password, may be coming to an end, to be replaced entirely (as some experts believe) with a fingerprint or face scan using a smartphone.
The smartphone employment of such biometrics will drastically reduce hacking incidents, but will be problematic for those who do not own a mobile device. Major banks are already offering the fingerprint scan as a login option.
Other biometrics currently in use by banks are the eye scan, facial recognition and voice recognition. Banks are sold on the premise that biometrics offer significantly more protection of customers’ accounts than does the traditional means of accessing accounts, what with all the hundreds of millions of data pieces (e.g., SSNs, e-mail addresses) that have been leaked thanks to hackers.
Though biometric data can be stolen, pulling this off would be much more difficult than obtaining a password and username. For instance, only a specific mobile device may work with the owner’s biometrics; a crook would have to have possession of the phone in order to hack into the owner’s bank account.
Nevertheless, biometrics aren’t foolproof even for the rightful owner, in that, for instance, poor lighting could skewer facial recognition.
Unlike the once-venerable password, banks do not keep customers’ biometrics in storage; your fingerprint is not in some secret cache of your bank. Instead, banks store templates in the form of numerical sequences that are based on the customer’s biometrics.
Can hackers obtain these templates? It’s possible, but with additional security layers, banks say that it would be very difficult, nothing compared to the ease of getting someone’s traditional login data.
For instance, an extra security layer might be that the biometric of eye recognition requires a blink—something that a thief can’t do when using a photo of the accountholder’s eye for the scanning recognition process.
Doubling up on login requirements—biometric plus password—is an even stronger defense against hackers. And banks are doing this with the fingerprint biometric.
In a world where it seems that the hackers are getting closer to taking over, the time for biometrics as being a part of the login process has arrived—and not too soon.
Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.