Behavioral biometrics let devices identify your quirks – the EU approves
Facial and fingerprint recognition is already mainstream. The next big thing is behavioral biometrics, a major advancement in information security that already got the green light from EU’s legislators.
Biometrics improve the information security of authentication and provide a solution to the password problem that we recently covered: Applications already accept your phone’s facial or fingerprint ID in lieu of a password. Since the legislative framework for new biometric methods is already in place, it is likely that they too will be an option in the not-too-distant future.
Current authentication methods, including biometrics, are not foolproof. But in information security, nothing is.
“Comparing technological advances to an ideal utopia is a common mistake”, says Qvik CEO Lari Tuominen. “We should instead be measuring our advancement against the current state of things. In payments, for example, the current level of information security in biometric authentication easily trumps the conventional login code cards and NFC payment cards used by banks.”
Some users still remain leery about handing their biometric data over to major tech manufacturers, though the companies assure us that the data is only stored on the devices, not in their databases.
“So, if cyber-criminals wanted to steal your biometrics, they would have to get hold of your actual device and crack it.”
Behavior cannot be copied or stolen
Facial, iris and fingerprint recognition has been criticized for using visible attributes that criminals can also see. You can be forced to give your fingerprint, and facial recognition can accept close relatives or be fooled by professional masks.
Behavioral biometrics, on the other hand, capture something that can’t be stolen. The methods are many and varied, but biometrics based on tapping patterns are one of the most intriguing applications for mobile devices.
We all have our own habits and rhythm for using our devices. We hold the phone in a particular way and write in our own rhythm, and such habits can be identified and captured by an AI.
When your behavior has been stored, it can be used for continuous background authentication: if the device notices anomalous behavior, it will ask for additional authentication.
“That’s precisely what makes behavioral biometrics so revolutionary”, Tuominen says. “It makes authentication effortless for the user and difficult for the thief.”
The new technology is being developed at a brisk pace, but there is still a ways to go before biometric authentication will be commonplace. Nevertheless, since the EU’s legislators approved the method as part of the strong authentication chain, the way to wider use seems clear.
Illustration: Aija Malmioja
