Embed Size (px)
Citation preview
ADVERTISEMENT
Tue, 03/08/2016 - 7:55am 1 Comment
by Hector Hoyos, CEO and Founder of Hoyos Labs
The Rise of Biometrics on MobileDevices—Is It Safe?
Eye scanners, facial recognition systems andfingerprint readers on mobile devices have been
ADVERTISEMENT
Tue, 03/08/2016 - 7:55am 1 Comment
by Hector Hoyos, CEO and Founder of Hoyos Labs
The Rise of Biometrics on MobileDevices—Is It Safe?
Eye scanners, facial recognition systems andfingerprint readers on mobile devices have been
The Rise of Biometrics on Mobile Devices—Is It…Saved to Dropbox • Mar 11, 2016, 4:34 PM
DEEPER INSIGHTS
Four Years of Mobile Video Optimization –What Has the Industry Learned?
featured in Hollywood’s action-packed spythrillers and sci-fi movies for years—portrayingthese devices as hack-proof and the future ofsecurity, identity and true authentication.
Now, thanks to companies like Apple, Samsungand NTT DOCOMO (which uses Qualcomm’sSnapdragon Sense ID), biometric authenticationin mobile devices is becoming a reality, and theamount of mobile manufacturers installingbiometric authentication in devices as a meansof security continues to surge in popularity. Infact, in a recent report, the worldwide mobilebiometrics market will reach $3.5 billion by2024, growing from a base of $259 million in2015.
But, is the technology installed in these devicesactually secure and safe for consumers?
Biometrics is the Future of Identity
DEEPER INSIGHTS
Four Years of Mobile Video Optimization –What Has the Industry Learned?
featured in Hollywood’s action-packed spythrillers and sci-fi movies for years—portrayingthese devices as hack-proof and the future ofsecurity, identity and true authentication.
Now, thanks to companies like Apple, Samsungand NTT DOCOMO (which uses Qualcomm’sSnapdragon Sense ID), biometric authenticationin mobile devices is becoming a reality, and theamount of mobile manufacturers installingbiometric authentication in devices as a meansof security continues to surge in popularity. Infact, in a recent report, the worldwide mobilebiometrics market will reach $3.5 billion by2024, growing from a base of $259 million in2015.
But, is the technology installed in these devicesactually secure and safe for consumers?
Biometrics is the Future of Identity
DEEPER INSIGHTS
Four Years of Mobile Video Optimization –What Has the Industry Learned?
featured in Hollywood’s action-packed spythrillers and sci-fi movies for years—portrayingthese devices as hack-proof and the future ofsecurity, identity and true authentication.
Now, thanks to companies like Apple, Samsungand NTT DOCOMO (which uses Qualcomm’sSnapdragon Sense ID), biometric authenticationin mobile devices is becoming a reality, and theamount of mobile manufacturers installingbiometric authentication in devices as a meansof security continues to surge in popularity. Infact, in a recent report, the worldwide mobilebiometrics market will reach $3.5 billion by2024, growing from a base of $259 million in2015.
But, is the technology installed in these devicesactually secure and safe for consumers?
Biometrics is the Future of Identity
There’s no doubt that biometric security hassignificant advantages over all other forms ofidentification, authentication and verification—hence why so many mobile devicemanufacturers are jumping on the “biometricbandwagon.” It’s fast and easy to use, andunlike a login or password, which requiresmemorization and is easily replicable, anindividual’s fingerprints, irises, facial constructsand other biological traits should be impossibleto duplicate.
But what happens if a person was to lose his orher phone? There’s a chance it could get in thewrong hands, and if there were any flaws withthe technology in the device, the attacker couldeasily access information.
This is certainly an issue for concern, but theroot of the problem isn’t simple human error—it’s the lack of sustainable infrastructure that’sinstalled on these devices. Under the currentprotocols, the biometric vectors are stored ondevices. This sounds pretty straightforward, buthow secure are the biometrics? Can they bekept out of the hands of hackers? After all,threats to data are everywhere. Manyconsumers believe that because their mobilephone is physically in their hands, the datainside is safe. To the contrary, thieves can installmalware into a mobile phone without direct
There’s no doubt that biometric security hassignificant advantages over all other forms ofidentification, authentication and verification—hence why so many mobile devicemanufacturers are jumping on the “biometricbandwagon.” It’s fast and easy to use, andunlike a login or password, which requiresmemorization and is easily replicable, anindividual’s fingerprints, irises, facial constructsand other biological traits should be impossibleto duplicate.
But what happens if a person was to lose his orher phone? There’s a chance it could get in thewrong hands, and if there were any flaws withthe technology in the device, the attacker couldeasily access information.
This is certainly an issue for concern, but theroot of the problem isn’t simple human error—it’s the lack of sustainable infrastructure that’sinstalled on these devices. Under the currentprotocols, the biometric vectors are stored ondevices. This sounds pretty straightforward, buthow secure are the biometrics? Can they bekept out of the hands of hackers? After all,threats to data are everywhere. Manyconsumers believe that because their mobilephone is physically in their hands, the datainside is safe. To the contrary, thieves can installmalware into a mobile phone without direct
contact. Data breaches have been similarlyachieved through email, apps and theinterception of a Wi-Fi connection.
Think about it: because the future of identity isbiometrics, there’s no doubt that the future ofidentity theft will involve compromisingbiometrics, and attackers are already workingon finding a way around these systems. If adata breach already costs a company billions ofdollars and damages its reputation, consider theconsequences if—and when—complex biometricdata is compromised. The remediation of theproblem will be much more difficult—unlesspeople are willing to go under dramatic surgery,they cannot change their fingerprints or faceslike they can with compromised passwords orlogins.
An additional major security concern for allbiometric authentication mobile solutions is the“virtualization threat.” This is when a hacker cantake an app that uses biometric authenticationand clone it, essentially creating a copy they canthen change at will. This allows the attacker torepackage the app and install it on the intendedvictim’s phone, gaining full access to theiraccounts once they have authenticated, withoutthe user even knowing.
Standards and Infrastructure Matter
contact. Data breaches have been similarlyachieved through email, apps and theinterception of a Wi-Fi connection.
Think about it: because the future of identity isbiometrics, there’s no doubt that the future ofidentity theft will involve compromisingbiometrics, and attackers are already workingon finding a way around these systems. If adata breach already costs a company billions ofdollars and damages its reputation, consider theconsequences if—and when—complex biometricdata is compromised. The remediation of theproblem will be much more difficult—unlesspeople are willing to go under dramatic surgery,they cannot change their fingerprints or faceslike they can with compromised passwords orlogins.
An additional major security concern for allbiometric authentication mobile solutions is the“virtualization threat.” This is when a hacker cantake an app that uses biometric authenticationand clone it, essentially creating a copy they canthen change at will. This allows the attacker torepackage the app and install it on the intendedvictim’s phone, gaining full access to theiraccounts once they have authenticated, withoutthe user even knowing.
Standards and Infrastructure Matter
One of the biggest challenges with biometrictechnology on mobile devices, as it has been forevery emerging technology in the past, is toadopt a standards-based protocol forcommunication and the handling of secure data.It also has to ensure that only authorized usershave access to perform functions. Withouthaving proper standardization in place to clearlysecure and authenticate someone’s identity in acomprehensive manner, information is left opento attack.
The good news is, for biometrics, the Instituteof Electrical and Electronics Engineers (IEEE)has created the Biometric Open ProtocolStandard (BOPS) or as it’s called, 2410. Withthis protocol, the biometric vectors are notstored on the device. Meaning, if your phone islost or stolen, a person would not have accessto your biometrics (like they do with the currentprotocols). BOPS also provides a stronger levelof verification and critical improvement in theoverall security infrastructure to minimize riskand prevent unauthorized access and control.
In the coming years, biometrics will be theleading security metric for mobile devices, but asingle ultra-hack could derail this progressionpermanently. Today’s consumers are at themercy of the device they programmed theirbiometrics in. It’s up to manufacturers torecognize the importance of protecting biometricdata and the need to build a secure, sustainable
One of the biggest challenges with biometrictechnology on mobile devices, as it has been forevery emerging technology in the past, is toadopt a standards-based protocol forcommunication and the handling of secure data.It also has to ensure that only authorized usershave access to perform functions. Withouthaving proper standardization in place to clearlysecure and authenticate someone’s identity in acomprehensive manner, information is left opento attack.
The good news is, for biometrics, the Instituteof Electrical and Electronics Engineers (IEEE)has created the Biometric Open ProtocolStandard (BOPS) or as it’s called, 2410. Withthis protocol, the biometric vectors are notstored on the device. Meaning, if your phone islost or stolen, a person would not have accessto your biometrics (like they do with the currentprotocols). BOPS also provides a stronger levelof verification and critical improvement in theoverall security infrastructure to minimize riskand prevent unauthorized access and control.
In the coming years, biometrics will be theleading security metric for mobile devices, but asingle ultra-hack could derail this progressionpermanently. Today’s consumers are at themercy of the device they programmed theirbiometrics in. It’s up to manufacturers torecognize the importance of protecting biometricdata and the need to build a secure, sustainable
One of the biggest challenges with biometrictechnology on mobile devices, as it has been forevery emerging technology in the past, is toadopt a standards-based protocol forcommunication and the handling of secure data.It also has to ensure that only authorized usershave access to perform functions. Withouthaving proper standardization in place to clearlysecure and authenticate someone’s identity in acomprehensive manner, information is left opento attack.
The good news is, for biometrics, the Instituteof Electrical and Electronics Engineers (IEEE)has created the Biometric Open ProtocolStandard (BOPS) or as it’s called, 2410. Withthis protocol, the biometric vectors are notstored on the device. Meaning, if your phone islost or stolen, a person would not have accessto your biometrics (like they do with the currentprotocols). BOPS also provides a stronger levelof verification and critical improvement in theoverall security infrastructure to minimize riskand prevent unauthorized access and control.
In the coming years, biometrics will be theleading security metric for mobile devices, but asingle ultra-hack could derail this progressionpermanently. Today’s consumers are at themercy of the device they programmed theirbiometrics in. It’s up to manufacturers torecognize the importance of protecting biometricdata and the need to build a secure, sustainable
infrastructure on wireless devices, as this is avital step for protecting its assets in the future.
Hector Hoyos is the founder and CEO at HoyosLabs, one of the leading innovative biometrics,authentication and identification technologycompanies. He’s been in the biometrics and ITfields since the mid-1980s as the founder andpresident of various cutting-edge companies.
Devices
RELATED READS
Report: Voice Recognition Technologies toNearly Double By 2020
infrastructure on wireless devices, as this is avital step for protecting its assets in the future.
Hector Hoyos is the founder and CEO at HoyosLabs, one of the leading innovative biometrics,authentication and identification technologycompanies. He’s been in the biometrics and ITfields since the mid-1980s as the founder andpresident of various cutting-edge companies.
Devices
RELATED READS
Report: Voice Recognition Technologies toNearly Double By 2020
Sensor Tech Brings Next-Gen SmartEarphones to Market
GSMA Announces Security Guidelines toSupport Growth of the Internet of Things
FirstNews Briefs: Brightstar Corp.,Sonavation, Limelight Networks, Inc.,MetTel
ADVERTISEMENT
Sensor Tech Brings Next-Gen SmartEarphones to Market
GSMA Announces Security Guidelines toSupport Growth of the Internet of Things
FirstNews Briefs: Brightstar Corp.,Sonavation, Limelight Networks, Inc.,MetTel
ADVERTISEMENT
Sensor Tech Brings Next-Gen SmartEarphones to Market
GSMA Announces Security Guidelines toSupport Growth of the Internet of Things
FirstNews Briefs: Brightstar Corp.,Sonavation, Limelight Networks, Inc.,MetTel
ADVERTISEMENT
Connect with WirelessWeekConnect with WirelessWeek
Twitter YouTube
RESOURCESRESOURCES
About UsAbout Us AdvertisingAdvertising
InfoInfo
Contact UsContact Us
ContributorContributor
GuidelinesGuidelines
Privacy PolicyPrivacy Policy ProductProduct
ReleaseRelease
SubmissionSubmission
FormForm
SubscriptionsSubscriptions
Terms &Terms &
ConditionsConditions
TOPICSTOPICS
5G5G AppsApps CarriersCarriers
ContractsContracts DevicesDevices FinancialsFinancials
InfrastructureInfrastructure Mergers &Mergers & RegulatoryRegulatory
Connect with WirelessWeekConnect with WirelessWeek
Twitter YouTube
RESOURCESRESOURCES
About UsAbout Us AdvertisingAdvertising
InfoInfo
Contact UsContact Us
ContributorContributor
GuidelinesGuidelines
Privacy PolicyPrivacy Policy ProductProduct
ReleaseRelease
SubmissionSubmission
FormForm
SubscriptionsSubscriptions
Terms &Terms &
ConditionsConditions
TOPICSTOPICS
5G5G AppsApps CarriersCarriers
ContractsContracts DevicesDevices FinancialsFinancials
InfrastructureInfrastructure Mergers &Mergers & RegulatoryRegulatory
AcquisitionsAcquisitionsSpectrumSpectrum
Sign up for our newsletters
Wireless Week's FirstNews News for wireless professionals.
Wireless White Papers Educational research and industry findings.
Subscribe Now
* First Name
* Last Name
* Email Address
* Job Title
AcquisitionsAcquisitionsSpectrumSpectrum
Sign up for our newsletters
Wireless Week's FirstNews News for wireless professionals.
Wireless White Papers Educational research and industry findings.
Subscribe Now
* First Name
* Last Name
* Email Address
* Job Title
