Behavioral Biometrics: Protecting Our Digital Identity Without Worries! | engineering techniques

Effective security based on one’s own identity still seems to be a far-off reality for many companies and consumers. Regulatory frameworks aim to strengthen this type of protection. In this sense, Europe is working to create a European digital identity. At the same time, more and more companies are abandoning passwords for other solutions such as biometrics and eventually behavioral biometrics. Not without risk…

The digital threat landscape is constantly changing as cyber criminals continue to evolve their malicious techniques. This is the case with the “Looking for” (Where “Voice Phishing”). In these attacks, hackers use a callback number inserted into the body of the email as a decoy, and then rely on social engineering and spoofing to trick the victim into calling and interacting with a fake representative.

Protecting digital identity is becoming more important than ever as it represents a growing demand from internet users. 72% of users want to know how their data is handled when using social media accounts. According to a Eurobarometer survey, 63% of EU citizens want a secure digital identity for all online services.

And this goal cannot be achieved without the creation of standards. As with the protection of personal data, which gave rise to the GDPR (General Regulation on the Protection of Personal Data) in 2016, Europe is still at the forefront.

Faster and safer access

With its European Digital Identity (EDI) framework, the European Commission wants to propose an EU-wide framework. This “standard” would allow individuals and organizations to associate national digital identities with a driver’s license or other forms of identification.

If adopted, it will allow Europeans to quickly present a digital wallet on a mobile device or laptop to identify themselves and instantly validate certain information. “This technology will allow us to control what data we share and how it can be used,” said Ursula von der Leyen, President of the European Commission, in her State of the Union address on September 16, 2020.

Healthcare organizations in the United States, Europe, and Asia are also pushing digital identity standards. Many healthcare providers around the world use passwordless authentication to give employees quick and secure access to a massive library of patient records in seconds.

More and more companies are abandoning traditional password or PIN protection techniques and relying on other authentication techniques such as fingerprints, hardware token codes (also called “tokens” by professionals and which materialize in particular in the form of a small USB key) or proximity badges .

Advances in such authentication methods enable companies to improve the customer experience in a variety of ways. A better digital experience can result in higher app adoption and fewer support calls to corporate IT.

According to analyst firm Forrester Research, large organizations spend up to $1 million a year on staff and infrastructure to handle password resets.

Biometrics has almost become synonymous with digital experience. What could be simpler than using a mobile device to log into an application or press your fingerprint on a screen to pass through airport security or open an application on your phone?

Leak of biometric data

From a security perspective, biometrics are the gold standard; They are more secure than passwords as they are much harder to forge and bypass (but not impossible). Biometrics are also easier for the user to use as they cannot be forgotten.

Behavioral biometrics also fall into this category. These strategies — like verifying a person based on their location, the way their phone moves in their hand, or even analyzing how they type on their keyboard — will become more important in the future as people will become familiar with advanced identification methods.

But behavioral biometrics has an Achilles’ heel that isn’t inherent to it, but one that’s still difficult to fully master: storing that particular data on servers. In August 2019, Israeli hackers from the security company vpnMentor had access to more than 27.8 million pieces of biometric data (fingerprints, face, etc.). This data leak came from the South Korean company Suprema, posing as “the European market leader for access control systems based on biometric data”…

#Behavioral #Biometrics #Protecting #Digital #Identity #Worries #engineering #techniques

Leave a Comment

Your email address will not be published.