Key Points
- Biometric authentication, once the stuff of science fiction, is a mainstay of cybersecurity today
- Biometric authentication identifies users by measuring something about their body
- Not by merely checking to see if the know something secret
- Because bodies are a lot harder to accidentally reveal, share, or reuse than a secret
- If you or your organization aren't using biometric authentication, you're at risk
Today, hardware for biometric authentication is already "deployed" in the form of everyday mobile devices; companies just need to select providers that can make use of them.
Quick Read
We are finally in the age of biometric authentication after decades of entrenched username-password dominance.
This is important because, as we've long known, username-password combinations are difficult to manage, difficult to remember, and yet painfully easy to intentionally share, accidentally reveal, or for a malicious actor to immediately if discovered.
Though once biometric authentication required specialized hardware expensive enough for only large enterprises to invest in them, today biometric authentication hardware is everywhere. Most individuals have at least two forms of biometric authentication—fingerprint and face identification—with them at all times via their mobile phones.
Organizations may not realize, however, that these forms of authentication can be used for company security and authentication as well—not just personal security between user and phone. The FIDO2 standard, increasingly supported across the cloud universe, enables companies to leverage the biometrics on users phones for company authentication, in addition to or in place of passwords.
Also not yet commonly known are behavioral-biometric forms of biometric authentication. These work by observing users movement patterns as they do the things they would be doing anyway (such as their daily work), rather than requiring the user to take a concrete step like placing a finger on a fingerprint scanner.
This is important because it is a biometric-strong form of passive authentication—authentication that can happen without the user's knowledge, which makes true continuous authentication possible. With continuous behavioral-biometric authentication, a user's identity is continuously checked at all times, whenever they are (for example) typing or moving their mouse.
Organizations that haven't yet transitioned to biometric authentication via FIDO2, continuous authentication via behavioral biometrics—or both—should seriously consider doing so, as these significantly reduce the risk of account theft and unauthorized access, and can also go a long way toward reducing cyber insurance premiums.
Further Reading
Thanks for reaching out! A Plurilock representative will contact you shortly.
What Plurilock Offers
More to Know
It's Easy to Deploy Today
While biometric authentication was once a specialized technology that was difficult to deploy, today it's easy. Adopting an SSO platform that supports FIDO2 enables you to leverage employee mobile devices and their biometric scanners for passwordless logins.
An Ounce of Prevention
Biometric authentication, while not unbreakable, is more secure than user-password authentication, the leading cause of data breaches. If you're using TOTP, you're already leveraging employee mobiles—so it's a small hop to biometrics.
