As more and more daily transactions are conducted digitally – from applying for a mortgage to paying for a coffee – the need for effective security becomes even more pronounced. One of the central tools in protecting consumers and those delivering products and services is biometrics.
But what is biometrics?
Many of our traits, such as fingerprints, facial features, and vein patterns, are unique by nature, making them ideal for authenticating or identifying people. Often, biometric traits rely on the combination of several unique characteristics. For example, voiceprint biometrics, which authenticates an individual from the sound of their voice, rely on the measurement of a trait that combines the uniqueness of the individual’s lungs, larynx, and other vocal organs.
The way that you interact with smartphones (whether you use your right or left hand, thumb or index finger, hold the phone in portrait or landscape mode) can be measured and catalogued so that a unique behavioural profile can be derived from the resulting data.
And this is growing: by the end of 2020, almost 2 billion customers will be using biometrics for a variety of financial services. The availability of secure banking application programming interfaces (APIs), part of the transition to Open Banking, is allowing third parties to integrate banking services into their devices and services, helping bank customers better manage their day-to-day finances. Biometrics is quickly becoming a key technology facilitating seamless access to the increasing number of Internet of Things (IoT) devices users interact with.
Biometrics rely on comparisons to assess an individual’s identity. For example, before using fingerprint unlock for the first time, a smartphone user must register their fingerprint on the new device. This is done by placing a finger or thumb on the fingerprint sensor several times. These measurements are used to create a file locally stored on the device, referred to as ‘template’. The next time the user wants to unlock their phone, their fingerprint will be measured and a new template will be created.
This new template is compared to the one stored in the device – if there is sufficient similarity between the two then the phone unlocks. The process is the same for ‘face unlock’ systems, the only difference is the biological trait that’s being measured.
When a template is generated from a biometric, it only stores and measures certain features which are identified to be unique. Therefore, it is extremely difficult to reverse engineer a fingerprint from its biometric template.
And this is the clever bit: If a user’s phone was hacked and the fingerprint template is stolen, it could not be used to recreate the fingerprint that generated it in the first place. The stolen template would effectively be useless, as only the original fingerprint can be used to initiate the authentication attempt. This means that a compromised database of biometrics templates is not equivalent in severity to security breaches where logins and passwords are stolen.
For a growing number of us, the use of biometrics is now an everyday occurrence, and we’re often unconscious of quite how important our biometric traits and data have become in our lives. But the revolution has already begun.
As these new biometrics tools grow in popularity there will inevitably be a tax and legal aspect to consider. That’s why it’s important to talk to your accountant to find out what they are and how they fit in with the business’s overall strategy. If you’re in need of advice or support in this or any other area, Paul Beare Ltd is right here for all your needs. You can contact us for help from tax and payroll to accounting and banking.