Asset 1EN.png

Cimpl Blog

Your Weekly Insights on How to Manage your Enterprise Digital Footprint.

Biometrics: Better Than Passwords

Posted by Henry Cheang | July 2, 2014 8:00 AM

Password Problems

Password management is a painful chore. I literally have a spreadsheet with hints to myself to help me associate password to account. I’m in this situation because I have at least eight active email accounts along with accounts for Paypal, Amazon, and LinkedIn, among many, many others. You’re probably in the same boat as me.Biometrics_better_than_passwords

Now, I’m fairly diligent, but most people aren’t. One of the key problems that many have with password management is that they simply don’t manage them at all. Even if people bother to come up with a genuinely hard-to-crack password, most end up using the same one over and over again. I would not call this secure. And I can understand why people neglect such an important aspect of their security – it is tedious and complicated work. So what can make this task less complicated? One solution is biometrics!

Bio-what?

Before we get any further, here’s a quick definition of biometrics for the beginner/uninitiated. From Webopedia, biometrics is:

“Generally, the study of measurable biological characteristics. In computer security, biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked.”

More simply, we can look at biometrics as the use of electronic devices to detect a person’s unique physical traits for the purposes of verifying her/his identity. I think you can see how this might be easier than passwords, right? In the spirit of helpfulness, here are some of the best biometric authentication candidates to replace passwords as a security system!

The hand – versatile, powerful, and full of features that are unique to each person. There are a multitude of biometric clues that can be found in human hands. The most viable authentication methods thus far:

  • Fingerprint recognition – I’d bet that just about everyone has heard of this method by now. Previously, a good number of businesspeople have used some variant of this technology to lock/unlock their laptops. And now that Apple has made fingerprint recognition a way to secure their phones, it’s a very good bet that many, many consumers will get into the habit!
  • Palm print recognition – like fingerprints, palm prints are unique across individuals. Its chief advantage over fingerprints is that it’s even harder to fake because authentication systems have much more information against which to verify identity.
  • Hand geometry recognition – the comparative dimensions of fingers to other hand landmarks is not very distinctive. On its own, this can’t be used for identification purposes, but could be a useful adjunct to the other two methods listed above.

The eye – the window to the soul and one the most complicated parts of the human body, the eye is one of the biggest points of uniqueness across individuals.
  • Retinal recognition – fans of spy and/or science fiction shows have no doubt seen this used many a time. There’s good reasons for this – it is secure. The vascular configuration of the retina is unique to each person and eye, and the eyeball itself shields the retina from easy “hacking”. The only real downside is that retinal scans aren’t user friendly, either for the encoding process or for the authentication process.
  • Iris recognition – the iris is even more unique – not even identical twins have identical irises! Better yet, from a user standpoint, it’s less invasive as well. Unlike retinal scans, iris scans can take place from a distance. And, living irises respond differently from dead irises – it really requires the person with clearance to be alive for this to work!
The face – It’s an incredibly complex collection of soft tissues, nerves, and structures. More pertinently, from a social perspective, our faces are probably our most important aspect as it is the first “point of contact” in disclosing who we are and what we’re feeling. It certainly makes for the most intuitive domain from which to authenticate identity.
  • Facial recognition – we’ve reached the point where biometric systems have the capacity to identify individuals via dynamic images of faces. You can’t just plop a photo in front of a system and expect to gain access anymore! That said, facial recognition systems do have their drawbacks. For one thing, most of us have extraordinarily expressive faces (that’s why Canada only allows neutral facial expressions for passport photos). For another, poor lighting and things that obscure the face (like glasses or hair) severely downgrade facial recognition.
  • Facial thermogram recognition – believe it or not, but the pattern of heat radiated from the face is thought to be unique to each person! As with facial recognition, thermogram identification is unobtrusive. Also similar to facial recognition is the requirement for powerful computing and clear signals.
The voice – we don’t think about it too often, but our voices are actually pretty unique, even if we don’t always perceive them as such. The vocal tract – the structure inside our heads that actually make speech possible – is a complex series of passageways, tubes, and different soft tissues, and it’s pretty likely that everyone’s tract is different. That said, identification via voice isn’t quite perfected yet…

Unimodal vs. Multimodal Biometric Systems

This is basic logic, but it bears mentioning. There are systems that are unimodal, i.e., that authenticate using single biometric measure. Examples of this include the fingerprint scanner in iPhones and older HP laptops. There are some pretty serious limitations to unimodal systems, as every one of the features I’ve listed so far can be tricked in isolation. Some are harder to fool than others, but the fact remains that, individually, biometric features can be faked.

The better idea is to have a multimodal biometric system – something that requires the user to furnish multiple biometric features to gain access to whichever function/app/account under protection. After all, as the number of authentication requires grows, it becomes more difficult to fake ID, short of physically coercing the right person to access an account! Fortunately, because we live in a lawful society, this really shouldn’t be a problem…

Of course, authentication using any or all of the above is still in its infancy, relatively speaking. For the moment, it is crucially important that you maintain proper password security and a good password protection policy for your devices and services. For example, it’s easy to automate the process of password changes within companies for wireline phones, if you have the right service provider. On that note, might I recommend you give us at Cimpl a shout? We’re Canada’s leader in IT and telecom expense management, and we make certain that our many, many customers are up-to-date with the best practices for business security, including password management! Contact us to find out more!

What is Telecom Expense Management?

Related articles:

 

Topics: BYOD, Passwords, Technologies

Written by Henry Cheang

Henry has a lifelong passion for science and technology. This enthusiasm is put to good use in a cutting-edge software company like Cimpl. As product marketer, Henry researches market and user needs to develop user and buyer personas, contributes to product design, and helps coordinate product messaging. Henry also writes nearly the entirety of all documentation for Cimpl’s many successful platforms. In his spare time, Henry devotes much energy to family, friends, and martial arts. Henry recently completed his Master’s in Business and Administration from Concordia University, where he specialized in the study of marketing, organizational behavior, and corporate governance. He has authored academic papers on the latter two subjects; these papers form part of his bibliography of over 20 professional research publications.

Follow Us!

Bring Your
Bank Case study on Expense Management
BYOD

Subscribe to our Blog