Could biometric authentication replace traditional passwords?
If, like many of the team here at etiCloud, you’re a fan of Sky Atlantic’s ‘Billions’ you probably weren’t surprised to discover that Chuck Rhoades Sr has a biometric safe in his home. You might, however, have been surprised to see how easily it was broken into – making a crude copy of Chuck’s thumbprint using just sticky tape and gel!
Biometrics are nothing new. The Babylonians used fingerprints on clay tablets to do business back in 500BC and fingerprinting still remains a key identification system for the police and global intelligence services to this day. But fingerprinting isn’t infallible and, if you’re determined enough, you can copy someone’s fingerprint and use it for criminal means.
So, with our passion for data and cyber security, this led us to ask the question in the office: could biometric authentication actually replace traditional passwords?
Are biometrics better?
We all know that our passwords can often be deciphered by cyber criminals with ease, opening us up to potential a cyber attack. Could our biometrics maybe provide an effective alternative and protect us better?
There are a number of different biometric authentication tools already in use in high risk systems where a data breach could prove extremely costly. For example, in a system that implements high value currency transfers or one that holds millions of personal customer data, a multiple number of biometric authentication tools, as well as traditional user ID and passwords, will be utilised.
The sole purpose in this scenario is to protect the system using multi-factor authentication to create different layers of security. If the cyber criminal cracks the password, user ID and fingerprint recognition system, they will still have to get past voice recognition and an iris & facial pattern scan to gain access. A little more difficult!
Implementing biometric authentication
Of course, this is all far removed from an employee logging onto a Hosted Desktop using their unique user ID and password. Biometric technology is expensive and complex to introduce. And that’s the big hurdle to SMEs implementing biometric authentication.
Adding a fingerprint reader or an iris scanning device to every employee’s computer terminal or laptop simply isn’t financially viable at present. Introducing biometric technology into any company requires specific hardware and software and significant capital expenditure. Your employees may also object to having their iris scanned every time they need to log onto their computer!
Stick with the traditional combination for now!
In conclusion, ask us this specific question in 10 years’ time and biometrics will potentially have advanced to become more readily available and cheaper to employ. Until then, the traditional combination of a unique user ID and password is here to stay – it’s ALWAYS a good time to change your password though!