Spartak - Fotolia

News Stay informed about the latest enterprise technology news and product updates.

Report: Popularity of biometric authentication set to spike

Juniper Research claims that the popularity of biometric authentication will rise dramatically in the next five years, incorporating innovative technology beyond today's fingerprint sensors and voice authentication systems.

A UK research firm says that the number of applications with built-in biometric authentication capability will spike in the coming years, highlighting not only an increased acceptance of alternative authentication methods, but also the ineffectiveness of password-based authentication.

In a newly released report, Hampshire, England-based Juniper Research Ltd. predicts that in 2019, apps with biometric authentication capability will rise to 770 million.

This would mark a dramatic rise in the popularity of biometric authentication, which is expected to be included in just 6 million apps downloaded this year. According to the research, the increased use of biometric authentication would improve user experience, lower friction, and increase security compared to current alphanumeric passwords.

Much of the increase is expected in the consumer space, which has seen the rise of fingerprint scanners like Apple's Touch ID over the past couple years, but there are far-reaching possibilities for enterprise as well, said Dr. Windsor Holden, head of consultancy and forecasting for Juniper Research.

"Clearly, the applicability will vary by enterprise sector," said Holden. "But certainly one can envisage usage from an authentication perspective in terms of access both to physical areas and corporate documentation, with access dependent upon permissions granted to an individual."

Juniper Research notes in the report that while fingerprint authentication will account for the overwhelming majority of biometric apps in the medium term, there is already work to move into other forms of biometric identification, such as facial recognition, voice authentication, and even ear print and eyeprint identification. Holden sees these advanced techniques as having value for enterprises, where security needs to be tighter.

"Moving forward from fingerprint sensors and voice authentication," said Holden, "there are already technologies available utilising vein recognition -- identifying a person based on vein patterns in the finger or hand -- where the pattern is almost impossible to forge."

Holden predicted the emergence of new biometric functionality that will allow for more robust systems than current alphanumeric-based systems, but he agrees with the Juniper report that there will need to be significant public education regarding the new technology, and users need to be reassured that biometric data itself will be kept safe.

Next Steps

Learn more about biometric authentication and devices, and how to implement them.

Dig Deeper on Biometric technology

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Under ideal circumstances, how would your organization want to increase its use of biometric authentication?
Given reliable and easy-to-implement biometric technology, I can see my organization expanding our use of biometric authentication into several areas. We use it now with our ADP biometric time clocks for hourly employees and it has been working well for us.

My first expansion would be to replace our current card access system with biometric-based access scanners. This would not only save hours of staff time consumed with creating, distributing and tracking ID badges, but would eliminate the associated costs for supplies and equipment maintenance.There would be no more worry about lost or stolen badges.

Using biometrics could also virtually eliminate the need for keyed or combination locks on access doors to computer labs and server rooms.

Tracking student and staff attendance would also be a breeze and would eliminate the need for tracking on paper rosters.

Physical security would definitely be enhanced. Whereas now, someone could use anyone's badge to enter the building or restricted areas, using biometrics would require the presence of the authorized person.
I'd love - and this is the sci-fi geek in me speaking - to have biometrics run my whole life. Start my car with MY voice. Open the fridge door by waving MY handprint in front of a scanner. Sign into the Web on my devices by scanning MY ear (some phones actually use ear scanning now to unlock the device). But I think we've got a long way to go in education and implementation to ensure that properly provisioned people aren't locked out of their stuff and that data, facilities and systems are safe.
I certainly see benefits of biometric authentication. Even today’s fingerprint scanners, with their sometimes erratic behavior and intermittent failure to recognize the pattern, are leaps and bounds above other authentication mechanisms from even five years ago. It will be interesting to see how this is addressed by companies that have to address some level of security access for regulatory reasons. For example, a SOX control may say that the user must be locked out of an application after three invalid login attempts, yet that protocol currently only applies to the user entering a username/password combination, not accessing the application via a fingerprint scanner.
Why on earth do they endeavour to bring down security by putting biometric sensors on the phones, tablets and PCs which have been somehow protected by passwords?

Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords only.

Whether static, behavioural or electromagnetic, biometric products are generally operated together with a password by OR/Disjunction (as against AND/Conjunction that is common for 2-factor authentication) so that users can unlock the devices by passwords when falsely rejected by the biometric sensors. This means that the overall vulnerability of the product is the sum of the vulnerability of biometrics (x) and that of a password (y). The sum (x + y - xy) is necessarily larger than the vulnerability of a password (y), say, the devices with Touch ID and other biometric sensors are even less secure than the devices protected only by a weak password.

These biometric products might look more secure in appearance, but it is just a false sense of security. Many of the consumers, who are trapped in the false sense of security, may well be piling up more of their information assets in the cyber space while some of the criminals, who are aware that those consumers are now less secure, may well be silently waiting for the pig to be fat.

False sense of security about a threat could be even worse than the threat itself. It is a conundrum how it is possible for so many security professionals to remain indifferent to such a nightmarish situation.
There's no question that biometrics are going to EVENTUALLY be the norm in security systems if they work, are affordable, are less likely to be breached than current methods, and if people can understand them. There are entire organizations around the world using ADMIN and PASSWORD as their passwords. Do you actually think something more technically sophisticated than a password box on a screen is going to be an easy hurdle for the world to jump over? Me either. But I hope things continue to move forward in this area. Biometrics are fun.