Biometrics – data related to your physical body. Fingerprints, voice recognition, brain patterns… I have been seeing more and more biometric products in the market lately, often tied to wearables (Fitbit, Jawbone, and even Apple to name a few). I’ve even started to see clothing with integrated biometric sensors.
But going beyond the usefulness of inwardly insight, I am now starting to see biometrics replace the password. Look at Apple, a former employer of mine, with Touch ID. MasterCard, my current employer, even made a minority investment and product pilot in the space. But can this unique information replace passwords?
Traditionally, authentication has required two attributes: a username (which may or may not be public) establishing a user identity, and a password (hopefully known only by the individual) which allows access to that identity’s account. I would argue that biometrics replace the former of these two, but cannot solely replace the latter.
Think about it: what happens if someone steals or spoofs your biometric data? You can’t just log in and change your fingerprint or your retina image – they are forever unique to you (barring any unusual surgeries). Biometric identity will play a significant part of authentication in the future, but as a different type of user identification and part of multi-factor authentication.
What are your thoughts on biometrics and security? Tweet at me with #biometrics to let me know!