The biometrics market is expected to reach $10 billion by 2021. The typical consumer might imagine unlocking his front door and opening it without setting off his security system by pressing his thumb against a reader, or finding out who’s been raiding his fridge at night by putting a palm-print reader on the handle. However, ABI Research has identified four technologies that biometrics innovators and startups should prioritize if they want to be competitive in a market where consumer security is vital. These technologies are multifactor authentication (MFA), point-of-sale (PoS), mobile payments, and passive authentication.
Dimitrios Pavlakis, Industry Analyst at ABI Research, is not pulling punches in this digital age where malicious actors can ruin the credit scores of millions of consumers with data stolen from a single large corporation’s servers. “Companies can no longer afford to cut corners when it comes to security. Pairing biometrics with MFA and passive authentication is a natural evolution of the technology, as it complements traditional authentication with higher security factors that can be further adjusted as part of a greater risk assessment system.”
Successful solutions will remain as convenient as swiping a debit card to pay for a purchase, maintain interoperability standards, keep costs to the company down, and comply with emerging industry specifications without compromising data security. PoS and mobile payments technologies can be special headaches for those responsible for data security because “skimmers” can shave critical financial data at the same time that customers pay for their purchases. Of course vendors may wonder why they store credit card information anyway, when just one data breach could have them scrambling to make sure they won’t get caught in the crosshairs of regulatory enforcers while trying to clean up the mess. So maybe it seems like ABI Research is stating the obvious when it says that biometrics should be implemented for the sake of better security. However, this is obvious stuff that is coming from an organization that has paid its researchers to look into the matter.
Biometrics Companies Are Already Looking Into It
ABI Research did praise some organizations such as HYPR, KnuEdge, UnifiID, and Yubico for looking into possible solutions. HYPR works with Fortune 500 companies to provide password-less security through fingerprint, voice, face and eye recognition and recently raised $3 million in funding to essentially beef up the “security for your security.” Essentially, hackers are starting to catch on and intercept people’s fingerprint data, which is something that can’t be changed as easily as a password. HYPR aims to decentralize and encrypt biometric data to make it a pain for hackers to intercept it. It does this by making it impossible for banks to directly store an iris scan on its servers. Instead, the HYPR system swaps out that scan with a token that the bank receives to authenticate its users. This process, known as “tokenization,” could be thought of as a kind of proxy service for biometric data that swaps out one piece of data for an equivalent piece of data
Of course, HYPR aims to work with more than just the banking industry. According to the CEO of HYPR, “It’s not a good user experience to have to log into your toaster with a password. And you don’t want to unlock your home or car door with a PIN that someone could hack and steal. As more and more IoT devices become part of our lives, we will work with manufacturers to make them all as safe as a bank’s mobile app.”
KnuEdge focuses on turning the principles of computational neuroscience into useful technology such as military-grade voice authentication. It holds several patents on technologies that enables applications to recognize voiceprints in crowded and noisy rooms or in cases where the speaker might be speaking a foreign language. Believe it or not, this company was founded and is currently led by former NASA administrator Dan Goldin.
“We are not about incremental technology. Our mission is fundamental transformation,” said Dan Goldin, Founder and CEO of KnuEdge, Inc. “We were swinging for the fences from the very beginning, with intent to create next-generation technologies that will in essence alter how humans interact with machines, and enable next-generation computing capabilities ranging from machine learning to artificial intelligence.”
UnifyID at Innovation Sandbox
UnifyID claims that it can identify you based on unique factors such as the way you type, walk and sit by combining sensor technology, implicit authentication and machine learning. The data produced by training sensors to observe factors like hand motions, your preferred sitting pose and your gait can evolve over time, so the system can compensate for factors like a recent injury by making use of more than 100 factors to authenticate the user. Its system is currently in Beta, which interested parties can download for free.
Yubico makes it easy to make sure that users can stay secure and never have to remember their password with hardware devices such as the Yubikey, which can offer strong authentication via Yubico one-time passwords (OTP), FIDO Universal 2nd Factor (U2F), and smart card (PIV, OpenPGP, OATH) — all with a simple tap or touch of a button. YubiKeys protect access for everyone from individual home users to the world’s largest organizations. Businesses can incorporate Yubico’s system into their security plan by integrating Yubico’s Hardware Security module, which enables the business to store secrets on its authentication servers in an easy and affordable way. Plugged into the USB port of basic server hardware, it protects encryption keys and passwords against remotely-conducted intrusion attacks, as well as internal threats.
The real truth is that millennials are driving demand for innovative solutions that make it easy to authenticate themselves as valid users while still protecting their personal information. In the payments niche, companies like Atom Bank, Biyo, Nymi, Smart Metric, Veridium, VKansee, and Zwipe are disrupting the market landscape through transformative technologies ranging from continuous heart rate recognition in wearables, high resolution spoof-resistant sensors, smart card embedded fingerprint sensors, biometrical digital-only banking solutions, as well as four-finger recognition and palm-vein payments. On the back end, it’s possible to separate a person’s “numbers” from his or her individual identity by remembering Bitcoin’s original promise of anonymity and implementing PoS solutions that make it difficult for identity thieves to grab identifying data. In essence, no one deserves to have their identity stolen simply because they might have purchased a skillet at Target a few years ago. No one who worries about possibly having their information stolen should need organizations like ABI Research to remind them that security matters when using biometrics to authenticate their information and make transactions.