Biometrics and beyond: Online authentication techniques get personal
Article 1 of 4
Can vendors' latest authentication schemes outwit hackers?
It is now, apparently, the age of intelligent authentication. In the world of authentication techniques, security experts long have bemoaned the weakness of the password and username form of authentication security. But now it seems there are tools available to replace that system, ones that employ biometrics of all sorts, like voice, facial and behavioral recognition. These tools are quickly taking hold in a security field long on high alert, fighting increasingly clever and ruthless hackers.
One advantage of the biometric and behavioral authentication techniques: Their strength doesn't rely on the user crafting (and recalling) a complex password.
But can biometrics and behavioral analytics do the job? Even if they can, what are the risks? What happens when the need for better safeguards on valuable company systems and data collides with individuals' privacy concerns? And do these new "smart" authentication methods really and truly perform better than today's ubiquitous password and username system?
Apparently so, according to many experts. For one thing, it takes pressure off users who have been responsible to not only fabricate a complex password -- that incorporates upper and lower case letters, numbers and special characters like * and # -- but also remember it. Or, rather, passwords, because we all know every site we regularly use should have its own unique password … right?
At the same time, other experts are noting that hackers are already learning means to get around these complex passwords.
Will biometrics and other advanced authentication techniques simply develop into the same old security "arms race," where the good guys improve security methods and the hackers eventually outwit those new tools?
These are the compelling questions this handbook raises and tries to answer. We also include expert opinion on what these new authentication schemes and tools can do, what they can't and how to make them as effective as possible.