Biometric Security Measures Put Slow Squeeze on Passwords

Carl Weinschenk
Slide Show

Listen Up CIOs and CISOs: Are You Ready for What's Coming?

One of the touchstones for the computer age and, more specifically, its insecurities and dangers, is the password. Very slowly, however, the password may be on its way out, both for stationary and mobile users. In favor are various biometric security measures.

eWeek reports that MasterCard is launching a pilot program in which 500 customers will eschew passwords in favor of facial scans and/or fingerprints. They will not be required to manually enter their passwords or security codes. It’s amusing that the technology, which is being developed by Ant Financial, involves customers taking a selfie of themselves:

The scans are not captured as photographs but instead create a code that remains on the device to identify a user, mapping out their face and converting it to 1s and 0s that can be transmitted over the Internet to MasterCard, according to the report. The company is also experimenting with voice recognition for online transactions as well.

Microsoft’s new Windows 10 operating system also aims to obsolete the password. Biometric Update reports that Windows 10’s Hello feature will enable the unlocking of PCs, tablets or phones by facial, iris or fingerprint identification. The story suggests that, at least for the time being, the cost of the necessary camera module, which takes a deeper, in-depth picture, is expensive and so likely will be limited to high-end desktops.

Of course, the laws of technology, which seem about as immutable as the laws of physics, suggest that the costs eventually will come down. At the same time, iris scanning has a unique problem: Users would have to get very close to the camera. This will likely not be popular.


A general piece about biometrics at Bankrate draws a landscape in which most of the drawbacks to biometrics are in the marketplace, not the labs. In other words, biometrics works. However, the writer raises the point that data from fingerprints or retina scans can be stolen, just as any piece of data can. For that reason, voice prints are considered to be a better option. The story, however, doesn’t exactly explain the way in which voice prints bypass the dangers it outlines for the other approaches.

Passwords will continue to fade away over time. The key, however, is to anticipate the problems and challenges of the replacement technologies and choose the right path. The alternative – a variety of approaches aimed at the same goal – will prove to be inefficient.

Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at cweinsch@optonline.net and via twitter at @DailyMusicBrk.

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Jul 8, 2015 1:50 AM Hitoshi Anatomi Hitoshi Anatomi  says:
Provided the biometric solutions stop relying on the password. Whether iris, face, fingerprint, typing, gesture, heartbeat or brainwave, biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keeping the near-zero false acceptance. Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords alone. We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security. In short, biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security. It may be interesting to have a quick look at a slide titled “PASSWO Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.