There are many myths and misconceptions surrounding the use of biometric fingerprint authentication. Why? People are apprehensive about biometrics and fear that biometric fingerprint readers are not secure. They are under the impression that biometric fingerprint readers can be fooled by fake fingers, or that the technology takes too long to implement and use. But the truth is, biometrics is still a more reliable and secure means than password protection for ensuring the security and privacy of digital assets.
While passwords are still the most pervasive tool used to secure today’s organizations, they are also the weakest link when it comes to securing corporate assets. Too often passwords are lost or shared between employees resulting in increased network vulnerability and internal fraud. In addition, as the number of passwords per employee increases, the likelihood of them being forgotten also rises, resulting in increased IT help desk calls.
So let’s debunk the myths and misconceptions here, and get rid of the apprehension about biometrics.
- One of the most common misconceptions is that fake fingers can easily fool a fingerprint authentication system. However, with currently-available technology, the optical reader scans the fingerprint and uses an algorithm that can detect three dimensional structures so photocopies, transparencies or latent images of a fingerprint will not be accepted as valid.
- People fear that companies are storing fingerprint images. Enterprise authentication applications , such as Digital Persona software, do not store an actual fingerprint image, but rather identifies data points on the finger to create a stream of ones and zeros that is a unique representation of the fingerprint.
- People often make the assumption that someone out there has the same fingerprint they do, when in fact the chances of it happening are extremely slim. It’s estimated that the chance of two people, including twins, having exactly the same fingerprint is less than one-in-a-billion.
- There is concern around how biometrics addresses people who don’t have fingerprints. Truth be told, there is a rare skin disorder that affects very few people in which they don’t have an identifiable fingerprint..
- Organizations are often hesitant to deploy biometrics because of the concern short lifespan of the reader itself. In general, fingerprint sensors are designed in mind to last as long as the user’s PC lifecycle . As for specific durability, the Digital Persona optical sensors, for example, can withstand over a million touches with proper use and maintenance of the product
- Some believe that utilizing biometrics does not allow for multiple users, or that it simply takes too long..Indeed, multiple users can be authenticated on one terminal or computer in a shared computing environment, and it takes just a few hundredths of a second (in our case) to acquire, process, and verify a fingerprint once it has been scanned.
- Often people think that a PIN is more secure than a fingerprint system. Not true. A 4-digit PIN code has only 10,000 combinations allowing a hacker to easily cycle through these possibilities. Whereas, a reliable fingerprint system, such as from Digital Persona, having 1/100,000 (0.00001%) false acceptance rate requires the hacker to present 100,000 unique touches to break the system.
So as you can see, despite these myths, fingerprint authentication avoids many of the security issues associated with passwords and tokens and is less susceptible to human error. Fingerprints cannot be “guessed,” shared or written down and users don’t have to think up a “strong” fingerprint, so the security of the metric doesn’t depend on human effort. People cannot forget their fingerprints like they do passwords, which helps to eliminate IT help desk calls. Because biometric technologies use a physical characteristic instead of something to be remembered or carried around, they are convenient for users and less susceptible to misuse than other authentication measures.
Vance Bjorn, Chief Technology Officer and Co-Founder of Digital Persona, co-developed the core algorithm and technology. As CTO, he is responsible for evolving the features and technology of Digital Persona’s product line via business development activities and the development of prototypes.