The Latest in Biometrics: Dual Format Authentication

As our complicated world technologically evolves, challenges naturally ensue to harness and properly use the technology. These challenges become much more serious and difficult when the rate of technological change increases. As you know, significant time is often necessary to understand, implement, experience and adjust to the new technology if it is to be enjoyed efficiently and effectively. Of course, while most of us reading this blog embrace the productivity, comfort and other lifestyle rewards that technology advances offer, the reality is that it is morphing at a historically high speed and there is every reason to believe that it will only continue accelerating with no satiation in sight. Like John D. Rockefeller’s reply to the question of, “How much money is enough,” our ever-consuming, ever-competitive population responds similarly when asked, “How much technology is enough?” In case you were wondering, Rockefeller’s famous answer was, “Just a little bit more.”

Sure, there are always problems and frustrations with the rapidity of technology’s advances. We barely get used to one way and then its replacement is upon us. Nevertheless, we have always seemed to adjust…so far…without them ruining our lives. If that word, ruining, is too harsh, then may I use controlling or dictating, or even exposing. That is, however, about to change. If I may over-simplify, the problems and frustrations that technological progress has placed upon us have been largely minimal compared to the effects that it will soon impose. In past decades, the downside of new technology was primarily limited to frustration, inconvenience and the cost of keeping up with it. But we have entered a new age wherein technology – good or bad – is personally invasive, as it is beginning to tie biometrical properties to everything, including clothes, mobile devices, cars, accounts, shopping, energy, parenting, friends, self-worth, and ______ (fill in the blank). Unless properly designed, implemented and regulated, inevitable biometric imprints – – your personal biometric modalities – – will control, dictate and expose how you come and go. The operative word there is, properly.

Without a doubt, the singular great thing about biometrics is that, when used properly as a method of identification, it is perfect. Only you are you. And unlike a card, fob, token, password, PIN, photo or key, you are never misplaced, broken, forgotten or expired. Well, you know what I mean. You are ultimately the most convenient, definite and accessible verification of yourself. And since The Internet of Things is code for the forced technological interaction with everything, it is awesomely important that access to all things is enabled only by those who have the proper authority to do so. But a bit of priority triaging. While one day you may need to provide DNA to enter your child’s daycare facility, or confirm your EKG-print to your running shoes to initiate your workout profile, there are more critical applications that biometrics solve for, at least insofar as business data is concerned.

That is why Digitus Biometrics exists. We have uniquely and properly designed biometric security to do the awesome things that it should, without compromising personal privacy. Digitus has solved for perfect access into and out of secure areas and enclosures to protect critical data, systems and assets. When it comes to accessing enclosures that house IT equipment, systems, hazardous materials, valuable assets and even private conversations, trust but verify is not a consideration, as trust is subjective…and security must never be that. Companies rightly need to objectively ensure that only those persons with a need to access the enclosure – – the rack, cabinet, room, cage, vault – – are allowed to do so under the parameters set by the organization’s security policy.

Lest the word Biometrics in our name mislead you, for companies and personalities that prefer card-only authentication, we provide that – including iClass cards possessing the latest generation of encryption. To be fair, company cultures and legacy systems still dictate the sole use of cards and there may be rational reasons for briefly continuing down that path…up to a point. Cards can be awkward to manage. Aside from having to carry them or look geeky wearing them, they get lost, get technologically bypassed, require inventory management, and worse, get counterfeited and stolen. Biometrics, on the other hand, remove all of these negatives. We used to say that, by its nature, biometrics eliminated the plausible deniability that the unauthorized person had no fault in the breach. How many times has your security officer been told, “It wasn’t me!” claiming that their card/key/fob/token/password/PIN must have been misappropriated. But with Digitus’ access solutions, not only is plausible deniability forever gone, but there is no longer any breach to even get to that point.

Digitus Biometrics now provides the ultimate access security. While we have built our company’s performance reputation on unique biometric devices to secure data equipment enclosures and pedestrian entrances, we recently announced the best of both worlds. Digitus’ new DualLock combines biometrics and card technologies. Built directly into the data center cabinet’s handle is the fingerprint reader and card reader, requiring dual-authentication at the cabinet!

No longer are you required to authenticate with just a card, or just a finger, or at the end of the row. Finally, there is an access security product on the market that ensures, without any doubt – – at the enclosure door – – that you are you, that you are permitted, and that you are doubly verified.

The greatest fear of advancing technology is that it outstrips our privacy and practical security. Digitus products are designed to provide the best of all possibilities:

  • Hyper-Security
  • Absolute Privacy
  • Best-in-Class Efficiency
  • Uncompromised Effectiveness

And yes, we integrate with your enterprise access control software.

Make no mistake, at some point in the not-too-distant-future you will be applying your biometric modalities to accomplish your daily personal and business affairs. To a large extent you already embrace the imposition of technology; its good, its bad, and its ugly. In terms of access security, biometrics is inevitably becoming the standard and, frankly, with Digitus Biometrics, there is no bad or ugly. With Digitus, as they say… “It’s all good.”

For more information, a value prop discussion, or a simple demonstration, just contact us at info@digitus-biometrics.com


The Latest Industry Requirements In Biometric Access Control

In this week’s blog, I’d like to share with you an increasing industry requirement that we frequently encounter across the globe. This demand was also pounded home by industry leaders attending last week’s ASIS International trade show in Anaheim. Specifically, customers want biometric security at their server cabinet enclosures, but they often want the option of seamlessly tying it into their enterprise access control system as well.

Until now, there has never been a solution to accommodate this need. For years, Digitus Biometrics has not only been the leader, but actually the sole provider of the world’s only biometric access solution embedded in the cabinet handle. And until now, it has been sufficient to operate via software that was independent from the enterprise management software. Indeed, many companies’ security policies and culture still actually prefer to have separate systems for their data center and telco server racks versus their enterprise pedestrian doors and video solutions. Aside from some regulatory requirements dictating such separation, this preference was largely due to the Digitus system being seen as a superior data center and specialty enclosure niche whose monitoring, alerting and reporting capabilities were more reliable, secure, and user-friendly than existing enterprise access control systems. But lately, global companies who have invested large sums and resources into their enterprise access control management (ACM) systems have a strong economic and efficiency motivation (if not a corporate mandate) to integrate cabinet access controls into their enterprise ACM platform.

Enter BioConnect. In conjunction with Entertech Systems, Digitus Biometrics recently announced a new technology partnership between Entertech’s world-class BioConnect identity management platform and the Digitus db Bus and db Sentry controls for server cabinet access. The result is a new, fully-integrated solution that perfectly synchronizes with major ACM solutions.

Is your company using – – or planning to use – – one of these ACM software packages?

ACT AMAG Avigilon Axis Brivo
Gallagher Genetec Honeywell Imron Lenel
Mercury Open Options Paxton Prodata Key PCSC
RS2 S2 Security Software House Stanley Vanderbilt

If so, we are ready for you. BioConnect now allows you to have the superior Digitus Biometric cabinet access solution while managing only one database, one enrollment, one platform – that of your enterprise ACM.

For more information or a demonstration, contact us at info@digitus-biometrics.com


4 reasons why biometric security is the way forward

In an increasingly digital word, protecting confidential information is becoming more difficult. Traditional passwords and keys no longer provide enough security to ensure that data is kept out of the hands of hackers and unauthorized individuals. Additionally, with more devices and platforms connected to the Internet of Things, the need for ironclad security is paramount. This is where biometric security can transform the technology sector. Biometric authentication devices use unique traits or behavioral characteristics, such as fingerprints and voice recognition, to authenticate access to electronic assets. Because biometric information is unique to each person, fingerprints scans, for example, are an excellent way to ensure that the identification of users is sophisticated and complex enough. Here are 4 reasons why biometrics represent the future of electronic security:

“User authentication needs to be more sophisticated as the IoT world gets larger.”

1. The IoT landscape is becoming more complex 
ITProPortal pointed out that user authentication needs to be more sophisticated as the IoT world gets larger. Having a plethora of devices that rely on passwords for authentication makes them susceptible to hacking and unauthorized access because human error is always a very real possibility. Also, with all the smartphones, tablets, cloud-based services and sensors continuously sending and receiving information, the chance of breach is multiplied exponentially. Traditional passwords are not enough to keep out sophisticated hackers and can be easily stolen, copied and cracked. With homes, cars, personal computers and business servers hooked up to the IoT, it is obvious that a better form of security is needed. Biometric security makes more sense in this picture because it is less susceptible to hacking and authentication is a lot less clumsy than typing in a password over and over again into each device.

2. Passwords are not enough
With the rise in security breaches in recent years, many organizations believed that two-factor authentication would be the answer. Whether to access a server room or a smartphone, some technology experts reasoned that two passwords are better than one. While the logic is solid, the simple truth is that 2FA is built on a weak foundation because there is still a reliance on passwords. ITProPortal explained that most people use the same common characters repeatedly for their passwords. Entering in password information is a tedious and monotonous activity, and many people prefer to rely on common phrases or birthdays to simplify the process. The result is that the level of security achieved by 2FA is still not enough.

Even 2FA that uses physical tokens has not been successful enough in making authentication practices foolproof. To use a 2FA token for authentication, users type their passwords and plug their hardware tokens into a device to enter an additional code. Not only does this take a lot of time, but if a token is stolen, the thief can potentially use it to access sensitive information. Given the proliferation of devices in the IoT, adding more of them for authenticating access to each digital asset seems cumbersome.

“Biometric authentication is effective way to prove identity.”

3. Biometric security is more efficient
Where passwords and physical tokens have fallen short, biometric authentication can succeed. Biometric authentication is an effective way to prove identity because it can’t be replicated. Thanks to TouchID on iPhones, many consumers are already familiar with on-device biometrics – the newest Samsung phones have them too.

Biometric devices include a Trusted Execution Environment, noted ITProPortal, which separates the handling of biometric information from the device’s operating system. This makes it nearly impossible for hackers to manipulate the authentication process, as they don’t have a way of using malware and other viruses.

Companies today are also realizing the benefits of biometric devices for protecting server rooms, work computers and other business assets. In a corporate environment, organizations need to make sure that unauthorized individuals are not allowed into secure systems. Additionally, for compliance reasons, companies need to ensure that workflow processes are followed correctly – certain employees only have access to specific files. Using biometric scanners, companies can see each time a computer or server room is accessed and know who it was. Unlike passwords, which can be borrowed and passed along between coworkers, fingerprints scanners will only allow access to the person whose print is required.

4. More companies and institutions are embracing biometrics
According to FindBiometrics, one of the most important new features in the Windows 10 operating system is the use of a biometric security platform. This platform not only enables authentication of authorized users but makes the process of logging into windows much more convenient and secure. However, technology companies are not the only ones jumping on the biometrics bandwagon. SlashGear pointed out that even Yankee Stadium recognizes the benefits of biometric scanners. The stadium recently announced the introduction of “Fast Access,” its new hand print scanner that will allow visitors to sign in quicker than before. Users will have to register beforehand and then will be able to pass through regular security lines much faster. This service is also used in airports and other stadiums across the U.S.

Ultimately, with the IoT revolution in full swing, there will be more devices to protect from future breaches. Financial institutions and government agencies have already migrated to biometrics as the most viable solution for data protection. It is likely that more organizations will follow suit in the coming years.


Biometric security in movies

While biometric security is becoming increasingly commonplace as a way to secure and protect digital assets, the technology has been featured in Hollywood movies for some time. All types of biometric security – iris, fingerprint, hand print, facial and DNA – can be found in popular films, which speaks to the technology’s appeal in general. However, while biometrics have been of interest to movie producers and audiences for years, many of the instances in which they appear in films do not reflect an accurate portrayal of what the technology is like. Accordingly, here are 4 examples of biometric security in films that would not exist in the real world:

“Creating a fake fingerprint is no easy feat.”

1. James Bond
In spy films, such as those in the James Bond series, fingerprint scanners appear quite frequently. It is important to point out that this is the most common type of biometric security in the world today. However, in “Diamonds Are Forever,” the technology is not portrayed accurately. James Bond, played by Sean Connery, is able to get past Bond girl Tiffany Case’s  fingerprint scanner, using a fake fingerprint. As SRI International pointed out, in real life, any smudges or grease on the fake print could have easily caused the authentication to fail. In intensive, combat situations, such as those Bond is known to get into, cuts or blood on the agent’s fingers could be very easily picked up by the scanner. In 2015, scanners are increasingly sophisticated and do not succumb to such crude infiltration attempts. Also, creating a fake fingerprint is no easy feat. It would probably require the use of a lab, chemicals, materials and countless attempts to bypass the scanner. Nice try, Mr. Bond, but you’ll have to try harder next time!

2. Demolition Man
In this movie starring Sylvester Stallone and Wesley Snipes, Simon Phoenix, a criminal mastermind, is able to escape from prison using the eviscerated eye of the warden. Meta Pancakes pointed out, however, that a disembodied eye would not get past an iris scan. Using a dead man’s eye would fail because today’s iris scans have implemented a “liveness detector” that would sense the eye is not reacting to the scan. A living eye has pupils that dilate and respond to light. The eye used in this movie would certainly fail to authenticate access, or in this case, enable escape from prison.

3. Minority Report
Another movie where the protagonist tries to bypass an iris scan is “Minority Report.” In the film, Tom Cruise plays a disgraced policeman on the run who has eye transplants to conceal his identity. The officer also keeps his old eyes with him so he can log into the police network when needed. Obviously, in the real world, neither of these situations could possibly happen.

4. Gattaca
In this science fiction film, the protagonist, played by Ethan Hawke, cheats a fingerprint and DNA scan by concealing a drop of blood beneath a fake fingerprint, noted Meta Pancakes. This is not plausible for two reasons. Firstly, while DNA detection holds potential for use in the future, there is already much debate surrounding the details. For example, with regard to DNA testing, the questions arise: Who will own the DNA information? Does the law decree that DNA information belongs to citizens or technology companies? In other words, today, there are no real-life applications for DNA-based biometric security. The second reason this is not realistic is because it uses two forms of biometric data in one test. While biometrics are being used more widely today, devices don’t often offer two tests simultaneously.

As previously mentioned, the most popular form of biometric security is fingerprint. Until such a time when technology catches up with Hollywood, biometric fingerprint scans will be the way to go.


biometric technology

Biometric security can provide needed protection

Biometric security will become commonplace in the coming years, as people realize how the technology can provide better protection than passwords and also improve business practices at the same time.

Biometrics can replace traditional PINs and passwords
According to the BBVA Compass report titled “Biometrics: the Future of Mobile Payments,” biometric security technology will replace traditional PINs and passwords for protecting digital assets. The main area where adoption is occurring is in the smartphone market. Smartphone users, such as those who use iPhones, are now using biometric authentication technology with increasing regularity. That trend is expected to continue in the banking and tech sectors as well. Nathaniel Karp, BBVA Compass chief economist explained that North America closely follows behind Asia in terms of adoption.

“Biometric authentication is growing at a fast pace and shows great potential to protect individual data and enhance customer experience, particularly in the banking industry,” said Karp, according to the news source. “Biometrics in banking is most popular in developing economies in Asia, such as India and Indonesia – the Americas rank second.”

Biometrics do more than just protect information
BBVA Compass pointed out that by 2020, global biometrics technology in the financial sector is expected to be in the billions of dollars. Biometric sensors, like fingerprint and iris scanners, as well as associated software platforms and apps will be continue to be adopted at countless organizations. That growth is aided by the fact that younger generations are more willing to share their biometric data than their predecessors. A recent survey found that 20 percent of generations X and Y would feel comfortable sharing their DNA to protect information assets and digital devices.

The research organization also noted that biometric technology will do more than provide protection from hackers and information thieves. The technology can actually improve customer experiences and facilitate the exchange of goods, because it lends itself to the documentation of workflow processes.

“As biometrically-enabled devices become standard, critical industries such as banking will be able to offer better customer experience, faster processing times, lower costs and facilitate a multi-channel environment across industries in a seamless fashion,” added Karp, according to the report.

Hackers are getting smarter
The Register reported that hackers today are continuing to develop new ways of stealing personal information. By logging the typing patterns of Internet users, these nefarious individuals are able to monitor the behavior of their targets and infiltrate their confidential data. In the face of such escalating IT danger, it is more important than ever to make sure the first line of defense is stronger than traditional passwords, which have often failed in the past. Founder of PasswordsCon Paul Moore explained that some things, like typing patterns, are impossible to control.

“You can’t change the way you type and even if you did, they’ll simply profile you again until the confidence level reaches acceptable limits …Your behavioral biometrics (knowingly or not) are essentially secrets which you unwittingly share with every site.”

Using fingerprint scans instead of passwords could, however, make all the difference when keeping online identities and digital assets safe.


5 considerations for securing your data center

If you manage your own data center or colocation facility, then you know how important security is. It is essential that you safeguard information from hacking, data breaches and human error. When thinking about your options for a robust security system, there are a number of things to consider. Fortunately, much has already been written about this topic, but this article will help you strengthen your security strategy going forward. Accordingly, here are 5 considerations that will help you protect your data center:

1. Identify your weak points and determine your need
The first thing you need to do is figure out is where your vulnerabilities are. Data Center Knowledge pointed out that it is never a good idea to build a data center against outside walls as this increases the chances of unwelcome intrusion. You should also pay attention to what is housed above and below your data center. By securing these weak points, you can eliminate the most obvious threat – someone breaking in. Organizations that opt to build their own center, in particular, tend to have highly sensitive data that they don’t want in a colocation facility. However, that means the data center may be located in a multi-floor building. If this describes your data center, you should consider installing physical barriers, cameras and access control systems. Additionally, it is important to examine your operational processes so that visitors and contractors are not let inside your server room accidentally.

“You should regularly monitor your access logs and perform audit checks.”

2. Keep track of all your workflow processes
It is critical that you keep track of your operations and compliance-related activities. You want to limit access to your data center to IT staff and organizational stakeholders. As such, you should regularly monitor your access logs and perform audit checks. Keep track of peripherals, servers and datacenter management software, looking for any suspicious activity. Especially for high traffic areas, it doesn’t hurt to hire an outside firm to assess the facility with a new perspective. If your data center is in a colocation facility, and you have a trusted provider, most likely your assets are safe and well-maintained. However, a more prudent strategy should involve regular audits, regardless of where the center is housed. Remember that data is one of your most valuable assets and it should be treated as such.

3. Watch out for human error
The most common form of data breach is that committed by insiders. That is why it is important to protect yourself from inside and outside dangers. Data Center Knowledge explained that danger comes in the form of poor engineering, carelessness, or corporate espionage, but in all cases, people working in your facility pose the biggest risk. Accordingly, it is necessary that you implement strong security policies that hold personnel accountable for their access permissions. It is advisable that you pair access cards with biometric security, such as fingerprint scans, for the best possible defense. Biometric security is safer than passwords and much harder to replicate or steal. Employees will be deterred from lending each other access cards, and if one is stolen, it will be useless to the individual who tries to access your server room. It is important to understand that access should never be shared in an organization.

4. Educate your people on security policies 
A big part of having a strong security system is staff member training. You should explain to staff members why they should not lend each other access cards and instruct them to report any suspicious activity. Additionally, let them understand that for compliance purposes, workflow processes are strictly segregated and monitored. Often, regulatory agencies will want to see who access which piece of information and when. Eliminating duplication of access means that you are able to adhere to compliance standards with greater ease.

5. Ask your business stakeholders for their feedback
Once you have a security system fully in place, the next thing for you to do is discuss your policies with staff members. Ask them if they agree your assets are secure. Are they accessing data with ease? What are some potential vulnerabilities? It is also a good idea to talk to your IT staff and get their opinion on the matter.

Ultimately, as data becomes more central to business, enterprises will look for better ways to secure data. Biometric access control systems allow companies that manage data centers, colocation facilities and server rooms to maintain better control of perimeter doors, interior rooms, cages and server racks – with one integrated platform. These sophisticated solutions help organizations prevent data breaches, hacking and problems related to human error. Additionally, these solutions reduce costs and simplify the authentication process for entry to secured locations.


The rise of biometric security

In an increasingly digital and interconnected age, the need for data security is greater than ever before. This is why biometrics solutions are gaining in popularity. Endorsed by technology companies, large corporations and government agencies alike, biometric security can make our credit cards, electronic devices, servers and airports safer. Fingerprint scans have already made their way into our everyday lives, with Apple’s TouchID, but that is just the beginning. The next era of digital security will see travel documents and company access cards integrated with biometrics, because of the additional safety provided.

“The global biometric market is expected to reach $16.7 billion by 2019.

Biometric security is becoming ubiquitous
WinterGreen Research recently issued a report that discussed the rise of biometric security as an industry and technology trend. In 2012, the global biometric market was valued at $5.2 billion, but is expected to reach $16.7 billion by 2019. That growth will be witnessed worldwide as the use of electronic devices in banking, health care and our everyday lives continues to increase.

With the prevalence of electronics in almost every facet of modern life, the need for better security is obvious. Every day, data breaches, hacking and password thefts are reported across both the public and private sectors. This is why biometric security is compelling. Biometric devices can protect intellectual assets and individual information because these pieces of technology are capable of providing additional protection over traditional passwords. Biometric security devices can identify any person and do so repeatedly. Furthermore, it is significantly harder to steal a fingerprint or iris scan than it is a password. Biometrics are harder to replicate and steal, and impossible to guess – as is the case with weak passwords.

According to WinterGreen Research, biometrics will also play a larger role in law enforcement in the future. With more people going on social media sites, sharing personal information and preferences online, safeguarding that data is essential. Also, as smart technology becomes more commonplace, biometric scans, like TouchID on Apple iPhones, will make our cars, homes and mobile devices safer.

Biometric security is even seen as helping to reduce the risk of terror attacks. Facial recognition software will be used to screen suspicious individuals. Authorities will have a leg up on keeping their constituents safe. In the coming years, according to the research, we will see biometric security in our airports and at national borders. Russia and Mexico were noted for their strides in implementing the technology into their infrastructure already. Whether to protect individual, corporate or government information, the market is clearly heading in an upward trajectory.

Biometric technology is on the rise. Data protection is more important than ever.

Data breaches need to be prevented
According to the Identity Theft Resource Center, data breaches in the U.S. reached a high of 783 in 2014 – a 27.5 percent increase from 2013, noted SourceSecurity.com. It seems that traditional modes of security have failed to provide what is needed. Biometrics are now seen as the solution to that problem. Although the technology faced some resistance at first, individuals, companies and government agencies have warmed up to the idea that their fingerprints and faces are better than passwords. Rueben Orr, vice chairman of ASIS International Physical Security Council, pointed out that times are changing.

“People are using fingerprint technology to log into their computers and phone,” said Orr, according to the news source. “They understand that this is a good way to protect the personal information stored in those devices. We’re also seeing new technologies. Some that we’ve seen include wearable technologies with some form of biometrics to identify who you are and using a phone to access a controlled door.”

The various forms of biometric technology
SourceSecurity.com explained that the range of biometric choices includes fingerprint, hand print, iris recognition, retina and voice recognition. However, the most commonly used one is fingerprint, as the devices are easier to manage and more affordable. Alternatively, retina recognition is more complex and involves shining a light into the eyes to capture the pattern of the iris.

Additionally, fingerprint scans do not have to be standalone solutions. Biometrics can be used as part of a multi-tier authentication process. Access cards, passwords, PINs and fingerprint scans can be used in concert to grant authorized users entry to certain facilities or data collections. These types of security measures are particularly helpful at companies where there is heavy traffic in and out of the buildings that house intellectual assets.

“Three factor authentication including biometrics is used to control access to high security doors like a server room or data center,” said Orr, according to the media outlet. “One government building in Washington, D.C., is the headquarters for a federal agency with 10,000 employees … Most work at remote workplaces, but about 5,000 employees come into the building through turnstiles every day.”

Orr also explained that the finance and commerce industries can benefit strongly from using biometric security.

“I think that the financial industry will develop a biometric-based combination of digital certificates and wearable devices that will help to manage commerce securely,” added Orr.

It is evident that biometric security is here to stay. This is further evidenced by Apple acquiring intellectual property assets of biometric security firm Privaris. Apple will likely integrate more biometric security into all of its products and offer fingerprint authentication for desktop computers, laptops, tablets, phones and all other technologies that fall within the scope of Touch ID. The result: We will have more biometric security in our lives.


Say bye to passwords!

U.S. consumers are still unsure about the effectiveness of biometric security, despite serious concerns related to cybersecurity. Biometrics in security is relatively new on the scene and is yet to garner wide endorsement. It is, however, the future of data protection. Increasingly, individuals and businesses will see that passwords are no longer the way to go. Fingerprint scans and facial recognition will inevitably become commonplace, providing consumers and organizations with the protection they deserve.

“The responsibility of educating consumers about biometrics falls upon tech companies.”

Concerns about security in the US
According to PlanetBiometrics, a large portion of U.S. consumers are still unsure about biometrics as a security measure. A survey by Unisys found that only 38 percent of respondents saw biometrics as effective, 37 percent said they were unsure, and 25 percent claimed biometrics were not effective. Ironically, the survey also found that in certain U.S. sectors, people have serious concerns about cybersecurity. In retail, government and telecom in particular, respondents believed the chances for security breaches were high. Nick Evans, vice president and general manager at Unisys, wrote in a blog that the responsibility of educating consumers about biometrics falls upon major technology companies.

“My personal interpretation of these findings are that the industry can do more to educate consumers about biometrics and their effectiveness as an authentication mechanism compared to other techniques such as one-factor and two-factor authentication,” wrote Evans, according to the news source.

Evans highlighted Apple Pay as an example of how biometrics will continue to become a part of everyday life. He mentioned that biometric security is one of many topics related to cybersecurity that should be addressed

“As biometrics get seamlessly integrated into mobile payment systems such as Apple Pay, it’s important to educate the consumer about what’s happening behind the scenes,” Evans added. “In addition, it’s important to educate consumers about the full scope of what goes into protecting their personal information, with biometric authentication being just a small part of the overall solution.”

Passwords are on their way out
IoTEvolution pointed out that while user authentication is an essential part of securing networks and data, it has always been a point of weakness. Data breaches continue to occur on a regular basis in 2015, which gives rise to the notion that passwords are not enough. Two-factor authentication has also not done much to improve the situation, due to human error and the sophistication of hackers’ tools.

With respect to the IoT, the news source argued that having two passwords is inefficient. Consumers today expect to log into their smart homes, cars and appliances quickly, without having to enter long passwords and PINs. Additionally, two-factor authentication, first introduced as the solution to data breaches, fails to provide the needed protection. The reason two-factor authentication fails is because it is too dependent on people. Individuals today are busy, have short attention spans and will always choose the easier, softer way. Many people don’t like password complexity because it takes more time to enter the characters into the prompt. This has been particularly true with mobile devices, where countless consumers choose weakened security over complex passwords. A better solution to protect data is biometric security, because it provides solid protection and does not take a long time to authenticate.

Biometrics offer a better solution for protection
ITBusinessEdge described passwords as one of the more dangerous and troublesome aspects of the computer age. However biometric security is slowly edging passwords out, for both stationary and mobile users. There are countless examples surfacing in media headlines that point to this fact. For example, MasterCard will launch a pilot program in which 500 customers will gain access to their accounts using fingerprints and facial scans. Ajay Bhalla, head of innovative solutions at MasterCard, noted that this generation may end up liking facial recognition because it is similar to taking a selfie.

“The new generation, which is into selfies … I think they’ll find it cool,” said Bhalla, according to CNN Money. “They’ll embrace it.”

ITBusinessEdge pointed out that Microsoft’s new Windows 10 operating system will also help make the password obsolete by employing the use of facial, iris and fingerprint identification.

It is likely that passwords will continue to fade away over the years. Biometric security offers many advantages over passwords, which will become especially evident in business settings. Because many data breaches are the result of human error, putting biometric scanners in server rooms, data centers and work computers can make data much safer. Fingerprints are less susceptible to theft than passwords and can cannot be loaned or replicated. As a result, businesses and individuals can feel comfortable knowing that their confidential information is safe. As previously mentioned, the human element is the reason passwords are ultimately ineffective at protecting data. Fingerprints are found on humans, but they are not created or altered by humans. This is their greatest strength.


Innovations in biometric security

Biometric security offers the world several advantages over traditional PINS and passwords. Fingerprint scan technology gives organizations and individuals an excellent way to protect data assets, secure server rooms and render valuable devices impenetrable to hackers. Biometric security will only become more sophisticated as time goes on, and several recent news stories point to this fact.

Adding another layer of security to fingerprint scanners
TechRepublic explained that while biometric signatures are harder to crack than passwords, they still have one vulnerability. Because fingerprint scans are converted into a digital format – just like a password – that data is still susceptible to hacking. However, organizations are continually developing new technologies, and one such company believes it has solved this problem. The chief executive officer of one biometric company explained that storing biometric information can be troublesome.

“The main error that current biometric solutions make is centrally storing mass amounts of biometric template information,” stated the CEO, according to the news source. “This is hazardous because in the event of a breach, this compromises sensitive biometric data; and unlike passwords, changing biometric identities is not easy.”

As such, the CEO went on to explain that biometric authentication protocols should be stored in a trusted environment on the scanner devices themselves, and kept away from the operating system. The news source explained that, similar to mobile devices that use fingerprint scans, like Apple Pay, the best way to manage biometric signatures is by using a Trusted Execution Environment that is separate from the OS. This new technology is able to send digitized biometric information to an authentication server using tokens. This adds a whole new layer of protection.

“The user’s fingerprint is authenticated to the user’s token,” the CEO added. “Once the token verifies the user’s fingerprint, it initiates a cryptographic signature. Since this cryptographic signature can only be initiated once the user’s fingerprint is verified, reading the fingerprint is an additional authentication factor.”

Brainwave-based security might be coming next
According to VR-Zone, researches may soon be able to use the way a brain responds to a computer screen as a foundation for a new biometric security system. Experts from Binghampton University have been working on a project that may change the way companies think about biometric security. In their study, a group of volunteers had their brain reactions to various stimuli recorded. The results showed that brain waves are different enough to be used for authentication in a security system. Sarah Laszlo, an assistant professor of psychology at the university explained that “brainprints” may be better than fingerprints because, while fingerprint images can be stolen, brain waves cannot.

“If someone’s fingerprint is stolen, that person can’t just grow a new finger to replace the compromised fingerprint – the fingerprint for that person is compromised forever,” said Laszlo, according to the news source. “Fingerprints are non-cancellable. Brainprints, on the other hand, are potentially cancellable. So, in the unlikely event that attackers were actually able to steal a brainprint from an authorized user, the authorized user could then ‘reset’ their brainprint.”

Phys.org reported on another innovation in biometric security, based on the idea of using three-dimensional fingerprints. Fingerprint scans used in smartphones like iPhones only produce a two-dimensional image of a fingerprint.  However, a newly developed ultrasonic sensor can eliminate the risk of replication by imaging the ridges and valleys of a fingerprint surface. The technology is very similar to medical ultrasound imaging. The inventors essentially created a small ultrasound imager that can record the shallow layers of tissue near a finger’s surface. David Horsley, professor of mechanical and aerospace engineering at the University of California, explained why the technology is similar to ultrasound.

“Ultrasound images are collected in the same way that medical ultrasound is conducted,” said Horsley, according to the news source. “Transducers on the chip’s surface emit a pulse of ultrasound, and these same transducers receive echoes returning from the ridges and valleys of your fingerprint’s surface.”

Ultimately, biometric security provides a safe and effective way to protect electronic files. Over time, these methods will only become more sophisticated. Companies looking to commit to better data protection policies should consider making a switch now and catch the wave of innovation as it happens.


How do we keep hackers out?

Hackers are nefarious individuals who steal passwords, break into data centers and figure out ways to get access to confidential valuable information. Government agencies and corporations around the world continually invest in new solutions to prevent hackers from gaining access to their confidential data, but these efforts do not always succeed in keeping hackers out. One of the main problems with network and data center security is that it is based on passwords and keys. This is why organizations interested in protecting their data should consider biometric security measures.

“Companies also use biometric security to protect important technology assets.”

Two types of hackers perpetrate security breaches
Some hackers are able to penetrate firewalls and crack passwords, and they do this from the comfort of their own home. Others hackers, however, include some physical form of theft in their craft. This could involve looking over someone’s shoulder as they type their password, using another person’s email account when they are absent, sticking an unauthorized USB into a server rack or a host of other tactics. Biometric security measures, such as fingerprint scans, are especially effective at keeping out hackers of the second variety. By placing fingerprint scanners at the entrance to server rooms, organizations can ensure that unauthorized individuals do not gain access to sensitive data. Companies also use biometric security to protect offices, computers that house client information and other important technology assets.

It is relevant to mention that until biometric security is used to prevent illegal access to all electronic resources, vulnerabilities will persist. Apple, for example, has already made strides in this area with Touch ID. By including a fingerprint scanner with iPhones, the company is helping users protect their email accounts, phone numbers, pictures and other electronic files. The Motley Fool mentioned that this technology may soon be rolled out to Apple computers as well. If personal computers were enabled with this technology, it would help limit hackers’ ability to physically steal passwords. Network breaches would, in theory, occur less often as a result.

What are the implications of insufficient security measures?
Reuters reported recently that U.S. securities regulators are investigating a group of hackers that broke into corporate email accounts and stole confidential trade information. The Securities and Exchange Commission has asked the companies to provide details regarding the data breaches. John Stark, former head of Internet enforcement at the SEC, explained why this case is so important.

“The SEC is interested because failures in cybersecurity have prompted a dangerous, new method of unlawful insider trading,” said Stark, according to the news source.

The hacker group, known as FIN4, hacked into the email accounts of more than 100 companies looking for information on upcoming deals and financial trades. These types of information thefts can result in millions of dollars stolen. It is curious to wonder how biometric scans may have prevented this.

The New York Times also reported on the case against personnel in the St. Louis Cardinal’s front office who are accused of hacking the network that house the baseball intelligence for the Houston Astros. Apparently, during a spring training session in 2014, a group of Cardinals employees used a computer in a residence near the team’s complex in Florida to steal sensitive information. In this case, the hackers tried to mask their location, but the Federal Bureau of Investigation was able to trace their location. At least four members of the team’s baseball operations staff have hired criminal defense attorneys.

While baseball information is not as sensitive as trade data, the hack illustrates that better security measures are needed in every industry. It would also not be surprising if these hacks did not occur solely over a network. It is likely that insiders or unauthorized individuals were able to access internal systems – facilitating the breach.

Ultimately, biometric security is most effective at protecting physical assets, but that does not mean it can’t be used in other areas as well. Whether it is a corporate data center or the email account of a baseball team’s general manager, the world needs better protective measures.