Subscribe by Email

Your email:

Browse By Date

Biometric Security and Control Blog

Current Articles | RSS Feed RSS Feed

Passwords Are Passé But Biometrics Are Not Mobile (but they could be)

Published April 23, 2010 by the International Journal of Electronic Marketing and Retailing:

Passwords Are Passé But Biometrics Are Not Mobile

Writing in the International Journal of Electronic Marketing and Retailing, researchers from the US and Germany point out an inherent flaw in the financial industry's adopting biometric logins to boost security of mobile devices, such as notebooks, PDAs, and smart phones might make biometric logins impossible when one is on the move.

Biometric logins that use fingerprints, voice recognition, or identify you based on how you type look set to replace conventional passwords for accessing online banking and credit card services, online payment companies and even internet stockbrokers. However, smart phones and other portable devices do not currently have the sophistication to be adapted easily for biometric technology. Moreover, users are likely to be reluctant to carry yet another device and its associated electrical charger along with their smart phone simply to login to their bank account when not at their desktop computer.

James Pope of the College of Business Administration, at the University of Toledo, Ohio working with Dieter Bartmann of the University of Regensburg, Germany, explain that the security of online financial transactions is becoming an increasing problem, especially as security loopholes in login systems and web browsers emerge repeatedly. Simply logging in with a password is becoming technically passé.

"Passwords have been widely used because of their simplicity of implementation and use," the researchers say, "but are now regarded as providing minimal security." Moreover, as repeated scare stories about hacking and identity theft pervade the media, consumers are becoming increasingly concerned about online security. Further development of e-commerce and banking will be stifled if the issues of fraud and identity theft are not addressed. While biometric readers are being adapted for desktop computers, they are seriously lagging behind in portability and compatibility with smart phones and other mobile computing devices.

Triad has addressed many of these concerns and others that need to be resolved to enable secure fingerprint-enabled m-commerce. Features of the fingerprint capture, transport, and matching software as well as the image capture hardware must be considered when designing a secure, reliable authentication system. Provisions for interoperation of various image capture devices to accommodate the various client-side form factors (handheld, laptop, desktop) and a fallback subsystem to accommodate situations when the devices are malfunctioning or not available are crucial for end-user adoption. Implementing such a system with tight security constraints to protect against common biometric attacks such as replay is also crucial for organization adoption. Triad has recognized these necessities, packaged all such features into its TEAMS product suite, and is working to bridge the above mentioned gaps with various hardware vendors and service providers.

All Posts