Authentication is any process whereby an individual proves that they are who they claim to be, and in an increasingly digital world, authentication is the key to protecting both connected and unconnected assets. We need it to keep out bad people (black hat hackers, identity thieves) and let in good people (staff, customers, experts) — not just to computers and IT networks, but business premises and hardware as well.
Until recently, most of us relied heavily on fobs, swipe cards, keys, passwords and PINs to authenticate ourselves and gain access to our places of work, but there is a hitch. These methods of authentication are either difficult to remember or can be easily lost and stolen. As a result, we choose incredibly predictable passwords that virtually anyone can guess[1] or borrow our colleagues passes, fobs or swipe cards. In short, lots of people are lax about authentication[2].
Poor-quality authentication is risky for individuals, but when it’s scaled up to the level of a business or organisation, it becomes much more of a threat. If a business is hacked or compromised, the penalties — which will probably include both financial and reputational ‘punishment’ — are likely to be severe.
That’s why organisations must insist on enhanced methods of authentication, such as biometrics in the form of fingerprint recognition to authenticate staff. While it’s quite normal to forget a password, you can’t forget your fingerprint. Ensuring the right person is using the right entry card to gain access to the areas of the building they have permission to.
For some businesses the use of fingerprint biometrics to authenticate staff may seem like science fiction. Remember Tom Cruise in all the Mission Impossible films? Hardly a blueprint for daily business conduct.
But the truth is that biometrics, and specifically fingerprint biometrics, caught up with Mr Cruise some time ago and businesses that don’t realise the potential of fingerprint biometrics to manage employee access, are missing out.
Fingerprint biometrics to protect physical and digital property
Fingerprint readers and smart cards incorporating fingerprint biometrics can control personnel access to both buildings and computer networks. What’s more, levels of access can be controlled so that Person 1, for example, can access all areas and all networks while Person 2 may only be allowed into a particular area of one building, and specific areas of the IT network/specified servers on data centre racks, and so forth.
The use of fingerprint biometric smart cards, can optimise security even further. This is because the fingerprint is held only on the card, so unlike most facial or iris recognition systems, there is no database of biometric data to be hacked or stolen. That’s a huge advantage anywhere security is paramount, such as healthcare or law enforcement facilities, and puts fingerprint biometrics ahead of many other biometric systems, let alone passwords and PINs.
A similar scenario applies to the use of fingerprint smart cards for access to IT networks, where it may be possible either to connect fingerprint biometric readers to the network or to attach individual readers to each device. As with buildings, access levels can be customised and this type of authentication can be used to generate robust and reliable audit trails of network and data access.
Indeed, fingerprint biometric smart cards can help businesses to gain pinpoint control of operations, either in real time or retrospectively (e.g. for disciplinary or legal proceedings). Using biometrics in this manner tells managers exactly who is in which building/network/system and when they accessed it. By adding fingerprint biometric capabilities to portable or employee-owned devices, the ability to manage remote or flexible working staff is simplified, because management can always see when staff are logged in and working the hours they claim.
Fingerprints vs. facial recognition
The standards of authentication provided by fingerprint biometric smart cards are now widely accepted, to the point that fingerprint biometric recognition is fast becoming the gold standard in smartphones. However, it is human nature to look for the next big thing, and some have argued strongly the value of facial recognition, especially for building access.
Facial recognition is a perfectly good biometric in many situations and is a valuable addition to the armoury of biometric authentication methods. However, as Apple discovered when they launched the iPhone X, it is not without problems. Apart from the furore surrounding Face ID’s alleged inability to tell some people apart[3], Apple itself has admitted there are problems with the camera technology required to make facial recognition work and have issued formal instructions for iPhone users experiencing them[4].
To identify a face, the cameras involved must be able to achieve a reasonable degree of resolution. In addition, a significant proportion of the face must be presented to the camera. Ambient light, clothing (e.g. the wearing of scarves and glasses) and even the angle of the face when being scanned, can also reduce the effectiveness of facial recognition. This is a key where fingerprint biometrics presents a more accurate method of biometric authentication when it comes to access.
To summarise, fingerprint biometric authentication is light years ahead of the old-fashioned methods of keys, swipe cards, PINs and passwords, and represents a real step forward in digital identification to access physical and digital environments. By embracing biometric fingerprint technology into access control, businesses are empowered to tackle building and system access head on, safe in the knowledge that only the right people can gain access to sensitive information.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.