view counter

BiometricsBiometric security for mobile devices becoming mainstream

Published 7 March 2014

Biometric security such as fingerprint, face, and voice recognition is set to hit the mainstream as global technology companies market the systems as convenient and easy to use. The latest biometric technologies are not without their security issues, but they are marketed as more convenient than traditional methods rather than more secure, and encourage adoption by people who currently do not have any security on their phone at all.

Biometric security such as fingerprint, face, and voice recognition is set to hit the mainstream as global technology companies market the systems as convenient and easy to use, according to a prominent information security systems expert.

ECU Adjunct Professor Steven Furnell says that the use of biometrics is on the rise with the introduction of biometric technologies as standard in mainstream mobile phones.

He says people are also more willing to submit their biometric data to personal devices such as mobiles and tablets than to desktops PCs and printers.

A ScienceWA release reports that Furnell last month published an article in the journal Biometric Technology Today, which details new fingerprint recognition technology available on the home button of iPhones and Face Unlock for Android.

He says both technologies can work very well — under the right conditions.

“With the facial unlock, if you’re in a dark environment and the front-facing camera can’t pick up your facial image correctly then you can’t use the facial unlock to unlock the phone,” Furnell says.

“With the fingerprint recognition, if it’s wet … then you’re not going to be able to get that phone to unlock particularly easily without drying everything off.

“Similarly, if you’re wearing gloves, then again it won’t be able to detect your fingerprint and won’t unlock for you.”

Furnell says both techniques also have security issues.

“[The facial unlock] can be fooled, for example in earlier implementations, by just holding up a static photo of the legitimate user to the camera,” he says.

“On the newer implementations they’ve got something built into the technique now called ‘liveness detection’ which basically requires you to blink as you’re looking at the phone so that it can detect that there’s a real live human being there as opposed to a static photograph.

“But again, there’s been documented means of getting past that, I think, such as cutting eye holes in a photo and then blinking from behind that or indeed having an animated graphic of somebody where you alternate pictures of eyes open and eyes closed.”

Both Face Unlock and iPhone fingerprint recognition revert to pin or password authentication after failed attempts.

The release notes that Furnell says, however, that the latest biometric technologies are marketed as more convenient than traditional methods rather than more secure and encourage uptake in people who currently do not have any security on their phone at all.

He says fingerprints can already be used to make iTunes purchases and the facility could be rolled out to other contexts.

— Read more in Steven Furnell and Nathan Clarke, “Biometrics: making the mainstream,” Biometric Technology Today 2014, no. 1 (January 2014): 5–9

view counter
view counter