Nine times out of ten, when enterprise decision makers and security experts discuss biometric authentication, they refer to either fingerprint readers or behavioral biometrics. The former is one of the most recognized types of biometrics; it benefits from its proliferation among and mass adoption by mobile device users. The latter is a rapidly growing component of identity security. Factors such as typing behavior and online activity have begun to be factored into enterprises’ authentication process.
Vocal or facial biometrics exist and have continued to develop over the last few years. Yet most security experts tend to preemptively rule out their deployment on an enterprise scale. Both technologies are still in their infancy. They tend to have high rates of false negatives and false positives. Both are even more sensitive to natural changes than fingerprint readers. Both can be tricky to use on mobile devices for workers on the go. With identity now becoming the enterprise perimeter, consistent and strong authentication security is more necessary than ever. Credential theft and attacks on enterprises’ digital identities are only increasing.
Now Apple, easily the most recognized and most lionized mobile device manufacturer in the world, has decided to replace their fingerprint scanning with facial biometrics capabilities. Does this mean that your enterprise will soon be expected to adopt facial biometrics as well? Are facial biometrics the true future of the authentication market?
First, it is important to remember that biometric authentication, including facial biometrics, do not exist in a vacuum. They function best as part of a two-factor (2FA) or multifactor authentication (MFA) protocol. These systems combine what a user knows, like a password, with something the user has such as their face or fingerprint. It offers greater security than a password-only single factor authentication policy (which has largely proved unreliable and unpopular).
Additionally, biometric authentication is not necessary for every login or security layer. Facial biometrics are best suited to protecting the most valuable databases and assets on your network. The security on such important digital files must be in layers, and proving the authenticity of the user seeking access must be done as thoroughly as possible. In other words, biometric authentication may work best in a granular authentication protocol.
However, Apple’s optimistic facial biometrics requirements may actually prove a detriment rather than a selling feature. According to a survey by Callsign, only 27% of U.S. adults favor biometric authentication. 51% of U.S. adults prefer passwords to biometrics in the workplace, theoretically because passwords are perceived as easier to use.
Thus enterprises need to evaluate their identity security needs before making the leap to adopting facial biometrics en masse like Apple. They need to ask hard questions, such as:
- What is the baseline identity security we need for our everyday employees?
- How can we evaluate our access governance to ensure we’re using biometric authentication on employees or managers with access to the most sensitive resources in our network?
- How will we deploy the biometric authentication hardware, such as facial biometrics scanners, in our enterprise? Will we only use it for remote logins or will we use it on-premises?
- If on-premises, how many reader units should we buy?
- What other authentication steps will we use to supplement our biometrics?
In other words, don’t just blindly follow Apple down the path of facial biometrics. Cybersecurity requires careful consideration, and biometrics is no exception. Don’t buy blindly: do your homework on what will best protect your enterprise. Biometric authentication is a powerful tool…but used blindly may end up causing more headaches than it solves.
Other Resources:
Callsign Survey Indicates Rise in Biometric Authentication
Are Passwords (and Traditional Access Management) Dead?
The Current State of Biometric Authentication in IAM
Top 4 Questions to Ask Before Selecting A Biometric Authentication Solution
Top 4 Authentication Findings from IBM’s Future of Identity Study
Survey Reveals Public Opinion on Biometrics and Passwords
How to Deploy a Biometric Authentication Solution
The 32 Best Identity and Access Management Platforms for 2018
Centrify Study Shows CEO Disconnect in Cybersecurity
How IAM Solves Onboarding and Offboarding Challenges
The Importance of Edge Use Access (With Identity Automation)
IAM vs CIAM: What’s the Difference?
The Role of Identity in Digital Transformation
The Current State of Biometric Authentication in IAM
Comparing the Top Identity and Access Management Solutions
Widget not in any sidebars
Ben Canner
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
- The Best Biometric Authentication Software to Consider in 2024 - January 8, 2024
- The Best Privileged Access Management Providers for 2024 - January 1, 2024
- The Best Identity Governance Tools and Vendors in 2024 - December 31, 2023
