Biometric security is rapidly emerging into mobile technology and today, 57% of apps feature a biometric login option.
Biometric security uses physical and behavioral markers to identify authorized users and detect impostors. 46% of Americans use biometrics because they are more secure and 70% of Americans say biometrics are easier than traditional security.
Since 2013, the global biometrics market has risen to become a $14-billion industry. On top of using biometrics to secure their devices, biometric payments have become the next hot thing with consumers.
About 86% of Americans choose biometrics in verifying their identities or approving payments. With that, it’s easy to find yourself asking if the safety of biometrics is better than passwords and PINs.
Thanks to the rise in biometric payments, 48% of Americans have used this technology.
To paint a better picture, imagine approving an Apple Pay, Venmo, Cash App or Google Pay transaction with your fingerprint.
Convenient and safe, right?
That’s the same reason why about 42% of Americans refuse to use banking apps that don’t have biometric authentication. 63% say they prefer this technology when physically shopping, too.
Interestingly enough, 80% of those with iPhones use biometrics, 25% of Android users, 12% of laptop users, and 11% of tablet users do the same. Regarding preference, 63% of Americans default to fingerprint scanners, 14% prefer facial recognition, 8% prefer the old ways of doing things, and 2% use voice recognition as often as possible.
Biometrics don’t just rely on your physical traits.
The technology also analyzes your behaviors for authentication. Your face, fingerprints, retinas, and voice are among the physical identifiers mentioned in the definition.
How, when, and where you use your device, how you hold it, how you move, and how frequently you use your device are examples of behavioral identifiers embedded into biometric security.
46 of Americans feel biometrics are more secure.
So, what makes them so tough to hack?
For one, biometric security isn’t standardized. Each device requires a unique approach to use. It requires a unique approach to hacking.
This means biometrics take far longer to hack into than passwords. With it being difficult to go unnoticed in biometric hacking attempts, hackers must act wisely. Creating a fake to dupe the biometric system is possible but requires large amounts of user data — despite what you’ve seen in the movies.
On this note, it’s undeniable that it looks easy to hack this type of technology in the movies. Sean Connery was able to fool a scan in the 1971 movie Diamonds Are Forever and Ethan Hawke bypassed a blood test in Gattaca (1997).
Real-life instances of duping biometrics have occurred.
Masks can be used to trick facial recognition biometric software, unlocking a device or granting access to information/applications. A cybersecurity firm in Vietnam called Bkav used a 3-D printed mask, paper tape, and silicone to crack facial recognition. Siblings, a mother, a son, and even distant cousins have also been able to unlock each other’s iPhones using Face ID.
Photos can also do the trick literally.
Certain Android devices have been shown to be fooled by just holding up a photo or another device showing a photo. This includes devices from manufacturers including Motorola, Samsung, Huawei, and Sony.
Fingerprints — what 63% prefer to register into biometrics — can also be faked. The latest top-of-the-line Samsung smartphone boasts an ultrasonic fingerprint sensor. While this technology is hailed as less hackable than other similar technologies, 3-D printed fingerprints have been shown to do the trick.
Here is a scenario in which biometric sensors can be easily hacked:
When your face doesn’t unlock your phone, this raises a prompt for the user password. A correct code prompts the software to update its facial metrics. Unfortunately, if someone, such as a family member or close relative, looks like you and aware of your password, the software could eventually be programmed to recognize them instead of you.
Although the safety of biometrics is better than traditional passwords, using the technology doesn’t make your device bulletproof. Using 2-step authentication, choosing the best technology, knowing how your security fails, and proper supervision can help you maximize your security.