By Ted Hansson, Fingerprint Cards, SVP Business Line Mobile
Within a growing PC and laptop market fueled by changing digital trends, devices sitting at the upper end of performance are often found in the workplace. Here, PCs – both personal and shared – support complex uses and diverse professions. From accountants to doctors, CEOs to software engineers, whether they are in the office or working remotely, all rely on digital infrastructure. And security is paramount.
Increasingly common flexible working arrangements are exposing vulnerabilities as 84% of IT and security decision makers report an increase in digital attacks. In 2020, the average cost of a breach was $3.86 million and, in 2021, cyber-attacks will cost organizations $6 trillion.
Biometrics and Zero Trust
In response, as many as three quarters of organizations are turning towards a Zero Trust approach underpinned by logical access control. This requires continuous digital ID validation rather than one-off authentication with network credentials. The challenge is to achieve this without hindering the user experience.
Biometrics is helping PC manufacturers and platforms keep pace with these requirements, while increasing security and convenience for enterprises and users. This applies whether they are used as part of a standalone digital access solution, or alongside traditional methods as part of a multi factor authentication approach.
So, how can the biometrics sector play their part in supporting organizations integrate the technology into their workflows?
Only the best: A quality-first approach to PC biometrics
Within digital transformation strategies, IT decision makers focus heavily on hardware specifications. Power, performance, memory, durability, ergonomics…all these factors combine to drive productivity.
PC biometrics must fall in line with this pursuit of perfection to add value and tackle some of the myths and misconceptions that have developed. By achieving this, the IT sector can pave a smoother path towards ‘Zero Trust’. But what does biometric quality look like?
Performance: is the solution convenient and reliable?
As with any innovation, a key question amongst users is: “will it work?”. The same is true for biometrics.
In the early days of PC biometrics, users were left unimpressed. Adoption did not follow. Users faced high false rejection rates (FRR), where the correct fingerprint is presented and not accepted. This was not a good user experience back then, nor would it support the continuous authentication needed for Zero Trust now.
Over the years, extensive R&D in sensor technology has transformed sensors, increased stability and minimized false rejection rates. Supported by increasingly sophisticated matching and authentication algorithms, sensors now also work in a variety of different settings, such as 360-degree recognition, to even reading wet, damaged, and aged fingers.
Compared to older PC biometrics, FRR*s are now less than three in every 100 uses, sometimes lower. This delivers quick, effective, and consistent authentication, fit for the enterprise.
Security: how does it resist hacks and spoofs?
With security a key priority, resisting hacking is another priority area for the biometrics sector.
Scalable attacks occur when PINs and passwords are compromised, by hacks or even by a shoulder surfer prowling for credentials. However, with biometrics, enterprises can rest easy thanks to presentation attack detection and resistance to spoofing. So, what do PC makers and businesses need to know?
A common myth: ‘biometric sensors capture an image of my fingerprint’. This misleads users into believing that they can be spoofed easily. In reality, biometric sensors capture and store a mathematical binary (1s and 0s) representation of the user’s information. Storing data as template code means information cannot be reverse engineered by hackers. On top of this, templates can be made specific to each device, further reducing the risk.
While nothing is ‘unbreakable’, successful spoofing is extremely rare, expensive and take place with willing targets and controlled lab settings.
Privacy: how are the users protected?
In the age of data privacy, many consumers are concerned about how their data is captured, stored and used. Although use of biometrics is on the rise, it has not escaped these worries, and presents another key point of quality.
Centralized biometric databases are a source of anxiety for users, with 38% of consumers having worries. This could put users off, and derail enterprise digital transformation plans that incorporate biometric technology. To help bring biometrics to the workplace, solution providers can complement the Zero Trust architecture by adopting a ‘privacy by design’ approach.
By using the on-device approach, whereby biometric data is captured, securely stored, matched and authenticated within the device, the need for a centralized database or any cloud involvement disappears. This supports enterprise digital transformation in two ways. Firstly, it reveals uses’ fears that their data will be stored in hackable cloud databases. Secondly, by avoiding a centralized database, a significant enterprise management and financial burden is removed, supporting the commercial viability of PC biometrics in a digital transformation strategy.
Driving digital transformation
Organizations face a difficult balancing act with digital transformation as they aim to protect employees and their digital spaces while drive productivity. Integrating biometrics into the workflow through PCs is a golden opportunity and could be a significant step in achieving a workable Zero Trust posture against growing cyber security threats.
To support change in this area, biometric solution providers and PC makers can prioritize quality to tackle myths and misconceptions around reliability, security and privacy. A useful starting point is capitalizing on the years of innovation to evolve biometrics for PCs to become a familiar, trusted authentication tool in the same way it has become for smartphones.