Who are the top biometric authentication providers? Are you seeing more companies deploying this authentication method?
The market for biometrics products is still too fractured to name specific top providers. The physical characteristics of the biometrics products available today vary from the mundane, such as fingerprinting, to the esoteric, like typing speeds and electrophysiological signals.
Until recently, biometrics was typically used at a physical security level – protecting facilities at military bases or impenetrable bank vaults, for example. But, because single-factor authentication methods are easy to break, companies have started looking to two-factor solutions, like biometrics.
However, the following five fundamental barriers may limit the growth of biometric authentication:
- Biometrics can be complicated and costly to deploy. All biometric deployments require installation of their own hardware and application servers.
- The market is still fractured. Should you buy a fingerprint reader, a voice recognition system or an iris scanner? Since each product differs greatly in its approach and installation, it is difficult to compare them during a typical company bid process.
- Biometric data is like any other data. It sits on servers, which are bait for hackers if not properly hardened and secured. Therefore, when reviewing any biometric product, make sure it transmits data securely, meaning encrypted, from the biometric reader back to the authenticating server. And, make sure the authenticating server has been hardened, patched and protected.
- Biometric readers are prone to errors. Fingerprints can smudge, faces and voices can be changed and all of them can be misread, blocking a legitimate user, or permitting access to an unauthorized or malicious user.
- Difficulties with user acceptance. Properly trained employees may be willing to use biometrics devices, but customers, like those logging on to your Web site, may be more reluctant to use – or worse, forced to purchase – a device that's difficult to use or makes doing business, such as banking, on your site, a hassle instead of a convenience. And both your employees and customers may be squeamish about exposing their eyes to devices like iris scanners, even if they appear harmless.
Despite these issues, biometrics is slowly gaining acceptance for two-factor authentication purposes. The products are getting better, lighter and easier to use. Error rates are going down, and fingerprint readers installed on tokens and laptops are getting smaller and less intrusive. And, like the rest of the security product industry, vendors will eventually merge and consolidate, uniting a fractured market, which will make it easier to choose a product that suits your business needs.
- Read this tip and review biometric best practices and pitfalls to watch out for.
- Learn why Information Security magazine believes BioPassword Internet Edition is a viable authentication option.
Dig Deeper on Biometric technology
Related Q&A from Joel Dubin
Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures ... Continue Reading
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good ... Continue Reading