Driving Biometrics With the Power of Mobile

mobile behavioral biometrics passive authenticationThe concept of the modern computer was invented in the 1940s, with the first supercomputer built in the 1960s to perform larger scale computations that weren’t possible with ordinary computers at the time. However, these machines pale in comparison to the small, flat computer we carry around in our pockets every day.

The modern smartphone is a pinnacle of achievement in computer engineering, allowing us to stay constantly connected to the rest of the world from nearly any location. And now, with the power of biometric technology, we can use it for personal (and corporate) security. Our smartphones can be unlocked with a swipe of a finger, but that’s just the tip of the iceberg. Integrated sensors and the Internet of Things allow us to use the biometric sensors in our smartphones to access email accounts, home automation devices, even our cars. The technology is expanding at an astonishing pace, and it doesn’t look to be slowing down anytime soon.

In fact, one rising question is whether biometrics will outpace mobile technology, or if the two are driving innovation in each other.

The Next Step in Authentication… Passivity

Both biometric and mobile technology are evolving at a rapid pace, and one of the main developments to come out of this evolution is passive authentication. The main difference between passive and active, or strong authentication, is that passive authentication constantly keeps you logged in based on some sort of regularly generated “confidence score.” This is most commonly referred to as behavioral biometrics, and the technology that makes it possible? Your mobile device.

We’ve discussed behavioral biometrics at length in the past, but the core concept to understand is that your smartphone can, and already is, constantly gathering information about you. Your location, how you swipe and type, how you walk, what other enabled devices you use, etc.. All of this data can be fed into an algorithm that makes an educated quess whether you are you and generates a “confidence score.” The stronger the score, the more positive your phone is that it’s you using it, and the less likely it is to log you out of your accounts.

This passive authentication can be customized and used for any manner of accounts, from locking your phone or other devices around you to granting access to email or your social media accounts. It can also be used in combination with other technologies, such as near-field communication, to secure access to those IoT devices and home automation systems we mentioned earlier. If your phone registers a strong passive authentication score, it automatically lets you control your smart home device But if that score falls, it would require a stronger authentication source…

The Continued Need for Strong Authentication

The key to secure access management is strong authentication. Passive authentication provides an incredibly useful tool in the access management system, but it needs to be started, and supported, by a stronger proof of identity. In biometrics, strong authentication is a hard biometric scan – fingerprint, facial, hand, or iris recognition – and it provides an extremely secure, single instance of authentication.

Once this point has occurred, your smartphone can use behavioral biometrics to keep you authenticated, but it needs that single instance of a stronger proof that you are you to start the process. And whenever you aren’t using your phone for a period of time, it can request that stronger authentication to restart the process.

Mobile technology and biometrics are revolutionizing how we prove identity, but we need to set the systems up to properly secure and authenticate identity. Want to learn more? Veridium will be at Mobile World Congress next week, Hall 2 Stand 2B33MR. Stop by or schedule a meeting in advance to see how our solutions provide strong, multifactor authentication in a variety of personal and professional use cases.

For more on Proving Identity, read our whitepaper.