Biometrics: A New Wrinkle Changes the Authentication Landscape

出版商 Mercator Advisory Group, Inc. 商品編碼 421706
出版日期 內容資訊 英文 44 Pages
商品交期: 最快1-2個工作天內
Back to Top
生物辨識:認證環境的變化 Biometrics: A New Wrinkle Changes the Authentication Landscape
出版日期: 2017年01月13日內容資訊: 英文 44 Pages



  • 安全性:考慮到網路犯罪的實效性,在密碼完全排除之前將持續面臨風險
  • 生物辨識:消費者現在雖很謹慎,但就如同網路銀行一樣,未來將接受它
  • Apple和Google:將持續進行硬體及OS的安全性&生物辨識實裝擴張與升級
    • 由於這些OS已知悉行動裝置用戶的生活行動,能夠取得更多有關個人認證的數據
  • 認證:並非指紋讀取器等單次測試認證,而將發展為被動、持久的ID信賴值
    • 這些信賴值將基於多重模式生物辨識 (地理位置情報、已知通勤&工作模式、被動語音&臉部認證、各種行動模式等) 而建構
    • 為了改善這些認證程序,單次認證將僅適用於高風險情況
  • 智慧型手機技術安全性快速改善,可在美國人口中受廣泛利用
    • 意味著金融機構的生物辨識硬體的廣泛導入將在5年以內過時
  • Apple□Google解決方案:裝置、客服中心、雲端、應用程式認證需求之各種存取控制情況的重要硬體&軟體認證供應商
  • 生物辨識標籤與信賴決策:在提升消費者信賴方面極為重要,為了降低中央儲存相關風險應在裝置內計算
  • FIDO認證架構:建立認證框架以將大多數硬體&軟體轉移為手機上的共有資產
    • 透過這些認證解決方案將大幅降低導入成本
  • 金融機構應為上述生物辨識社會進行計劃
    • 避免生物辨識數據集中管理的認證行動裝置利用等

New biometrics technology is reshaping the authentication market

A new research report from Mercator Advisory Group titled ‘Biometrics: A New Wrinkle Changes the Authentication Landscape’ is a primer on the fundamentals of biometrics for authentication of consumers' identity. The report explains the need for multimodal biometric authentication and describes many types of biometrics available from various technology providers. The report shows how biometrics technology has shifted from a primarily hardware-based solution to a software-and cloud-based solution enabled by smartphones that have become much more secure. With voice and face recognition, and now the addition of behavioral biometrics, this shift will drive rapid new innovation and will tip the market in favor of the mobile architecture.

“Behavioral dynamics will play an increasingly important factor in establishing trust factors for the authenticating consumers' identity across every channel and for establishing persistent identity,” said Tim Sloane, Vice President, Payments Innovation, at Mercator Advisory Group and author of report. “With the introduction of new authentication factors, new secure mobile platforms, and software- and cloud-based authentication mechanisms; it will be extremely risky for banks to make an investment decision that includes hardware and requires five-plus years to achieve a positive return on investment.”

Increasingly smartphones are shipping with trusted execution environments that can displace traditional hardware security fobs. These new smartphones are critical to this fundamental shift in biometrics.

Criminal theft of passwords has made passwords obsolete, and so a new factor is required for authentication. Biometrics will be that new factor. It increases security and will prove more convenient for the consumer than passwords as it transitions into a persistent identity over the next 5 to 8 years.

For persistent identity, authentication no longer entails just a single challenge event such as a fingerprint scan but evolves into a passive trust value uniquely associated with an individual, as is being pursued by Google. The trust value will be constantly updated based on multiple factors including location and passive sound (voice and ambiance) as well as facial recognition and a range of behavioral inputs.

With the mobile device formulating this trust factor, it is highly likely that Apple and Google will be critical partners in consumer authentication for the majority of access control scenarios, including call centers and physical access.

This reliance on the smartphone will help establish the FIDO (the Fast Identity Online) Standard as the appropriate architectural approach for managing authentication credentials. Keeping the credentials in the handset eliminates the honeypots that attract criminals, increases consumer trust, and converts the authentication infrastructure into a shared resource that will greatly lower deployment costs currently associated with all authentication solutions.

This research report is 44 pages long and has 8 exhibits.

Companies mentioned in this report include: AimBrain, Allscripts, Amazon, Apple, Arena, AstraZeneca, Balabit, Bank of America, Bank of Tokyo, Bayer, BehavioSec, BioCatch, BrowserSpy.dk, bunq, Chase, ContinUse, CO-OP Financial Services, Desert Schools Federal Credit Union, Diebold, Discover, E8 Security, Early Warning, Eli Lilly, Entrust Datacard, Etsy, Evernym, Exabeam, Facebook, FIDO Alliance, FIS, Fiserv, Fortscale, Fujitsu, GlaxoSmithKline, Google (Alphabet), Gurucul, HID Global, The Hiroshima Bank, HP, IBM, IDScan Biometrics, IEEE, LexisNexis, LG, Merck, National Westminster Bank, Nikon, NuData, Nymi, MasterCard, MicroBilt, Microsoft, Mitek, NetGuardians, PayPal, Plurilock, Qualcomm, SAFE-BioPharma, Samsung, SecureAuth, Securonix, Sovrin Foundation, Sqrrl, Telesign, Temenos, TMG, Twitter, UniCredit, USAA, US Defense Department, Veridium, Visa, VoiceVault, Wells Fargo, Yahoo, and Xiaomi.

One of the exhibits included in this report:

Highlights of the report:

  • Given the effectiveness of cybercriminals, security will continue to be at risk until passwords are eliminated entirely.
  • Consumers are wary of biometrics today but will come to accept it just as they did mobile banking.
  • Apple and Google will continue to upgrade and extend the security and biometrics implemented in hardware and operating systems and, due to the broad visibility that these operating systems have into the life of the mobile device user, will have more data than all others for authenticating the individual.
  • Authentication will move from a single challenge event, as done today with fingerprint readers, and evolve into a passive persistent identity trust value. The trust value will be based on multimodal biometrics to include geolocation, known commute and work patterns, passive voice and face recognition, and a range of behavioral inputs. As these improve in verifying authenticity, the challenge event will become relatively rare and specific only to high-risk situations.
  • Smartphone technology is rapidly becoming more secure and broadly available in the U.S. population, which means that broad deployment of biometric hardware by financial institutions is likely to be obsolete in less than 5 years.
  • It is probable that Apple and Google solutions will become critical hardware and software authentication suppliers for the majority of access control scenarios, including devices, call centers, cloud and application authentication needs.
  • Biometric tags and trust decisions should be held and calculated in the device to mitigate risk associated with central storage of credentials and is critical for increased consumer trust. Centralized repositories, no matter how secure, represent a liability from the consumer's perspective.
  • The FIDO authentication architecture will establish an authentication framework that moves much of the hardware and software into a shared asset resident on the mobile phone, which will greatly lower the cost of deploying authentication solutions.
  • Financial institutions should plan for the biometric world described above. This suggests utilizing the mobile device for authentication wherever possible and to avoid the collection of biometric data centrally as much as possible, as that data represents yet another target for criminals.
Back to Top