Passwords are the backbone of the modern security apparatus. From the time we inherited our first personal email accounts to mission-critical enterprise security systems, almost every piece of security we deal with relies on passwords. Sure, there are some outliers like the iPhone’s fingerprint-scanning home button, but almost every precious digital possession is protected by a combination of letters, numbers and punctuation.
That might all change soon.
This outdated yet ubiquitous technology defines almost all modern sercurity protocols. There are some updates to it (like multi-factor authentication via unique codes texted to the user’s mobile phone), but even these types of precautions can be hacked with enough skill and dedication.
Given the vulnerability to which these types of systems open us — and by extension, our companies and their sensitive and valuable data — it’s no wonder that the biggest names in the game are taking a stab at a new form of security.
A few weeks ago at Google’s I/O conference, the company announced a much-heralded new security feature — Trust API. The MIT Technology Review wrote it up shortly thereafter:
During his talk at Google I/O, Daniel Kaufman, the head of the company’s ATAP (Advanced Technology and Projects) arm, casually mentioned the rollout of a new way of securing Android apps called Trust API. Rather than using standard passwords, Trust API will use biometrics like facial recognition, your typing pattern, even how you walk to help determine that you are who you say you are.
Each metric will contribute to an overall “trust score” that will let you unlock your apps. The program will run in the background of an Android phone, using the phone’s suite of sensors to continuously monitor the user’s behavior. If the trust score falls below a threshold, a user might be prompted for some form of additional authentication.
Visa, also a massive enterprise heavily preoccupied with security for its users, also has some futuristic tech in the works a similar effect.
Now, Visa’s advancements aren’t taking aim at passwords so much as traditional forms of payment. But, with another thoughtleader in an equally large and valuable industry making serious moves toward biometric security, it stands to reckon that much of the enterprise digital security apparatus will almost be certain to follow suit.
Proliferation of biometric security presents a host of obvious positive security advancements. However, it also raises a number of potential concerns — if a company like Google or Visa has access to all your biometric information, if that information is then compromised, identity theft becomes far more easily achieved by hackers. It might also smack of big brother-ism with private companies having that much access to deeply personal information like your fingerprint, gate, facial peculiarities, etc. All that’s to say, though, despite obvious advantages of biometric security, it will take a careful and planned implementation thereof to allay all the possible concerns associated with them.