What is biometric authentication?

July 11, 2019

We've all either asked someone or had someone ask us, "Hey, you look familiar, do I know you?” Given the rapidly evolving use of biometric authentication and facial recognition in digital identity security, this once ordinary question isn’t so simple anymore.

Biometric authentication, also known as biometric verification, describes the process of granting access to protected digital or physical spaces (e.g., a bank account or a secure building) based on certain physical or behavioral characteristics. These traits are highly useful to identity security professionals because they are universal, unique, specific, measurable and documentable.

How you type, walk, use a trackpad, or sign your name are various types of behavioral biometrics. Believe it or not, biometric authentication technology decides who you are, or how familiar you are with the information you’re providing, based on these activities.

Your fingerprints, eye color, voice, and face are physical biometrics. They enable biometric authentication systems to determine if you have permission to ask Siri for a phone number, are allowed to access an online account, or can unlock a mobile device or laptop.

Biometric user authentication and mobile biometric authentication deliver several advantages over other identity verification methods. First, unlike passwords, PINs and codes, you can’t forget your fingerprints or voice. Second, biometric data is easy to come by because it’s inborn.

Do you know who is using your face?

Faces are perfect examples of unique, universal, innate physical traits used in two types of biometric authentication. Facial recognition compares and analyzes facial contours to match an image of one face against other faces in an extensive database. Facial authentication, however, uses a person’s specific and unique biological facial characteristics to verify their identity, making it the superior option to protect financial assets and digital identities. Implementing a reliable, document-centric identity proofing solution is critical and minimizes biometric demographic bias.

Face authentication or a biometric authentication fingerprint may be user-friendly, but neither method is as secure as you might think. Even though your prints and face are uniquely yours, they are also everywhere. Security cameras continually capture and store images of our faces; our fingerprints are on everything we've ever touched. The ease with which a fraudster can steal these images, or photograph our fingerprints from a restaurant glass, directly impacts the reliability any biometric authentication system. But when combined with another secure layer of authentication, like ID document verification, the process becomes much more secure.

Securing the security tools

Updates are necessary to ensure biometric data and systems keep working as designed. Digital security experts encourage using several types of authentication and keeping a sharp eye out for potential weaknesses. If a selfie doesn't match an ID document, or software flags a wrong behavioral biometric, such as a break in a user's typing patterns, consider requesting backup authentication before authorizing an activity. Especially for financial business or password resets.

Between problematic error rates and privacy concerns, people are still hesitant to accept biometric authentication as routine. However, considering a 2018 Spiceworks survey reporting 62% of companies use it, and another 24% anticipate implementing biometric authentication by 20201, the technology is likely to become an increasingly popular security tool for consumer-grade devices and applications.

Get more info about our layered approach to identity verification here


1. "Data snapshots: Biometrics in the workplace commonplace, but are they secure?" March, 2018. Spiceworks.com