Simplicity + Security: Biometric Face Authentication Offers Both

Planning a user authentication strategy is a balancing act, requiring organizations to reconcile strong data security with users’ demands for convenient data access. Biometric face authentication is quickly becoming the go-to.

Passwords are a perfect example of imperfect authentication. People don’t want to create and remember multiple complex passwords, and the help desk doesn’t want password problems clogging up the queue.

In recent years, biometric authentication has helped resolve some of these issues. Consider fingerprints, which have long been the go-to in biometric security.

Fingerprints are accurate and more convenient than passwords—just swipe your finger and go; but they can also be inconvenient when fingers aren’t exposed or accessible (think, hospital workers wearing latex gloves). A growing array of more advanced biometric technologies—such as iris scans and voice recognition—is setting the bar higher. The burgeoning biometrics global market; for example, is expected to grow from USD 10.60 billion in 2016 to an estimated USD 41.39 billion by 2025.

Face recognition technology: no longer science fiction

One of the most promising biometric technologies is face recognition. Thanks to giants like Facebook and Apple, face recognition is fully in the public eye and being enjoyed by consumers in their everyday lives. But it’s not without its detractors. To be clear, the term ‘recognition’ refers to the process of identifying a user who you don’t know, while the term ‘authentication’ refers to an authorized user logging into a system. In both use cases, face biometrics can provide security, sometimes at a cost.

Look at the iPhone X, for example. Many iPhone users love being able to unlock their phone at a glance in what amounts to an “authentication selfie.” What’s more, the technology is socializing the use of face for other security-based applications to take advantage of.

Face recognition has implications across virtually every industry with apps being developed to improve patient care in hospitals and make public facilities more secure—among lots of other use cases. At the same time, some industries have faced controversy over privacy issues including law enforcement and retail.

Biometric face authentication balances simplicity and security

Industries in which protecting data is a primary concern recognize the real-world benefits of face authentication, a technology that requires no activity or training by users, easily integrates with existing systems, heightens security and makes operations more efficient.

Just one example of an industry that is ripe for face recognition is finance, where regulatory compliance impacts both revenues and customers. Consider KYC (Know Your Customer) regulations. They add a layer of complexity that turns formerly simple procedures such as opening an account into a complex maze of searching for verified documents that vary between countries and banks. Related costs can be significant, with an average annual spending (including labor and third-party costs) of $48 million. Unlike documents, your face is your face. Period.

Face recognition is an up-and-coming authentication technology that is giving businesses new options that provide a healthy balance between convenience and security. Good advice is to explore solutions that leverage biometric face authentication such as DigitalPersona from Crossmatch, the advanced composite security solution that can find the right balance for your company.

Jeff Carpenter is Director of Identity and Access Management solutions at Crossmatch. In this role, he is responsible for evangelizing Crossmatch’s DigitalPersona® solution. In his 10+ years in cybersecurity, Jeff has held positions with a number of top tier cybersecurity and technology companies, most recently he was with RSA, a Dell Technologies company. Jeff earned a Bachelor of Science degree in Business Administration from Creighton University in Omaha, Nebraska. He holds both a Certified Information Systems Security Professional (CISSP) and a Certified Cloud Security Professional (CCSP) designation.

Thick Clients Don’t Have to Mean Thick Heads When It Comes to MFA
Zombies Are Smarter Than Weak Passwords
Using Biometric Authentication to Combat Synthetic Identity Fraud