If you've ever forgotten your password and been locked out of your account, you know how helpless that experience feels. "But it's me!", you might have protested, wishing there had been an easier way to prove your identity. After all, you know you are who you say you are, but the authentication system doesn't — and therein lies the problem. But what if you could use yourself as the password?
As far-out as the concept seems, you can actually do that today using a method called biometric authentication. You may even have started using biometric authentication technology on your smartphone not too long ago. Here's what you need to know about biometric authentication, its pros and cons, and how businesses use it to keep their employees' accounts secure.
What is biometric authentication?
Biometric authentication is an advanced security capability that requires you to prove your identity with something unique about yourself — often a physical or behavioral characteristic — when you try to access an account, a system, or a facility. Unlike passwords or authentication codes, which are something you have, biometrics are usually something you are or something you do. They can include your face, your voice, your fingerprint, or even your retina. When you request access to an account using physical biometrics, you are literally logging in as yourself. Today, smartphones include facial recognition and fingerprint recognition, while popular voice assistants like Alexa and Siri use voice recognition to take commands from their users.
According to a survey conducted by Visa, two-thirds of consumers report that they are at least somewhat familiar with biometrics. Almost everyone has heard of fingerprint, voice, and facial recognition, and 65% of the people surveyed say that they have at least tried fingerprint recognition. Thirty-five percent of consumers even use it on a regular basis, and 72% of them say they are interested in using it to verify their identity.
Although most people associate biometric authentication with physical traits, it can also include unique behavioral identifiers such as the way you type, the way you walk, or the way you sign your name. Some biometric authentication systems will let you choose whether you want to provide physical or behavioral characteristics, while others might require a combination of the two.
The pros of biometric authentication
One of the great things about biometric authentication is that it's easy. Rather than having to keep mental track of yet another complex password or code, you can just show up as the person you are. Businesses like biometric authentication because it allows them to increase security without also increasing complexity, and employees like it because it doesn't throw up yet another frustrating barrier when they're trying to work from home or be productive at the office. And because employees are becoming more familiar with biometrics in their personal lives, they're more likely to have experience with this newer form of authentication.
Biometric authentication is more secure than standalone passwords because it limits access to only verified individuals. This makes it much harder for cyber criminals to steal someone's personal information or cause a damaging data breach. You can use a flexible combination of biometrics to confirm someone's identity, which keeps hackers on their toes. Biometric authentication technology has also become more affordable in recent years, making it more accessible to a broader range of organizations.
You can add biometric authentication to your existing authentication tools, such as passwords and two-factor authentication codes you might provide via text message or an authenticator app. In fact, it's better to layer on additional forms of secure authentication when you can, because then hackers will have a much harder time getting their hands on all the different credentials required to log in as you. If you're ready to do away with passwords altogether, you can use biometric authentication to go passwordless.
The cons of biometric authentication
Biometrics are not a silver bullet, and they do come with some challenges. Although consumer biometric authentication technology like the fingerprint scanner on your smartphone is pretty effective, it's not foolproof. Because it only demands a partial match, a sufficiently motivated and talented hacker could find a way to use a fake fingerprint and gain access to your account. In that event, it might be harder for your company's security systems to flag a fraudulent login attempt in progress until it's too late.
Additionally, biometric authentication isn't a "set it and forget it" technology, which means your IT pros will have invest time and talent in keeping it up to date so it stays accurate. If your company doesn't allocate the staffing and financial resources needed to properly maintain its biometric authentication system, you may eventually find that this security tool is not as reliable as it once was.
Finally, businesses may also have to comply with future regulations when it comes to handling employees' biometric data. Illinois recently passed the country's first consumer data privacy law that specifically deals with biometric information, the Biometric Information Privacy Act (BIPA).
Understand biometric authentication
While we haven't yet reached that completely password-free future some of us might crave, we're on our way there — and biometric authentication is helping us make that transition. Rather than having to search your memory for a complex jumble of letters, numbers, and symbols, one day you will simply be able to log in with your face, your voice, or your fingerprint. In the meantime, biometric authentication is a smart, convenient option for securing your online accounts today. If you haven't yet taken advantage of it, you may want to consider the benefits of doing so.
Discover how LastPass Business enhances your security with biometric authentication.