Menu Close

Why are biometrics better than passwords?

The adoption of biometrics for authentication has risen steadily over the past decade. This upward trend does not seem to be slowing down any time soon, as a recent Transparency Market Research report suggests.

Many factors sustain this growth, but the widespread belief that biometrics are better than passwords is undoubtedly one of them. Cybersecurity insiders have been calling for an end to the use of passwords for years, but they remain a common part of everyday life for most people around the world.

But why is this the case? We list here some characteristics that make biometrics preferable to passwords.

Biometrics cannot be forgotten or phished 

Passwords can be forgotten. In fact, according to an old internet adage, “the only secure password is the one you can’t remember.” Forgetting passwords (or in the most secure cases, not noting them down somewhere safe) is often a cause of user friction due to cumbersome and slow password resetting procedures.

Passwords can also be phished by tricking end-users into clicking on malicious links or opening malware-ridden files.

Biometrics eliminates both of these issues simultaneously, as it is quite hard for users to forget how to show their faces or fingerprints to a biometric system.

Of course, in theory someone may be tricked into authenticating themselves into a malicious portal using biometrics. However, that is quite rare, as biometric technologies and systems typically come with various security layers.

Biometrics are inherently more secure

Case in point, biometrics are widely considered more secure than passwords. For instance, biometric data can be put through a non-reversible algorithm and centrally stored in a secure form.

Biometric systems can also rely on multimodal authentication, combining face, iris and finger biometrics to increase security levels exponentially.

Then there are behavioral biometrics, designed to measure users’ behavior patterns to continually authenticate users throughout the identification process.

For a more in-depth overview of biometric security, you can read this guest post on Biometric Update by Ben Goodman, SVP of Global Business and Corporate Development at ForgeRock.

Biometric authentication is quicker and more user-friendly

Biometrics are free from typos-related issues that affect traditional password-based authentication.

And while biometric systems may sometimes require more than one attempt to perform successful authentication, studies suggest biometric systems can save time in various scenarios, including air travel.

More generally, recent research efforts from SecureAuth and Pindrop suggest that frustration with traditional security measures like passwords is pushing IT professionals towards passwordless authentication and biometric systems for identity verification.

Biometrics are not for sale on the dark web (so much)

Passwords and other forms of knowledge-based authentication (KBA) have been for sale on the dark web in high volume for some time now.

According to a report from Digital Shadows, more than 15 billion stolen account credentials are currently available for purchase on cybercrime forums, with 5 billion of them considered unique.

Biometric information, on the other hand, is still not widely available on the dark web. And even though selfies holding an ID that can be used in biometric spoof attacks have been spotted on dark web forums, online service providers can implement  presentation attack detection (PAD) and liveness checks to tackle the issue.

For instance, in May 2021, Acuant acquired UK-based identity verification and know your customer (KYC) provider Hello Soda to integrate biometrics with dark web checks.

More recently, ID R&D updated its software suite to spot ID documents purchased on the dark web.

Biometrics cannot be shared

Last but not least, password sharing is a real issue in the security world, with recent data by Survey Monkey suggesting one-third of U.S. adults share passwords or accounts with their coworkers.

Password sharing comes with a number of security-related risks, including attributability, particularly in the case of employees altering sensitive company data or making unapproved charges.

Understandably, biometrics cannot be shared among different individuals (except in the case of twins or doppelgangers), making the technology inherently more secure than passwords.

For more information about how biometrics is slowly replacing passwords in the workplace, you can read this article by Raz Rafaeli, CEO of Secret Double Octopus. Read More

Generated by Feedzy

Disclaimer

Innov8 is owned and operated by Rolling Rock Ventures. The information on this website is for general information purposes only. Any information obtained from this website should be reviewed with appropriate parties if there is any concern about the details reported herein. Innov8 is not responsible for its contents, accuracies, and any inaccuracies. Nothing on this site should be construed as professional advice for any individual or situation. This website includes information and content from external sites that is attributed accordingly and is not the intellectual property of Innov8. All feeds ("RSS Feed") and/or their contents contain material which is derived in whole or in part from material supplied by third parties and is protected by national and international copyright and trademark laws. The Site processes all information automatically using automated software without any human intervention or screening. Therefore, the Site is not responsible for any (part) of this content. The copyright of the feeds', including pictures and graphics, and its content belongs to its author or publisher.  Views and statements expressed in the content do not necessarily reflect those of Innov8 or its staff. Care and due diligence has been taken to maintain the accuracy of the information provided on this website. However, neither Innov8 nor the owners, attorneys, management, editorial team or any writers or employees are responsible for its content, errors or any consequences arising from use of the information provided on this website. The Site may modify, suspend, or discontinue any aspect of the RSS Feed at any time, including, without limitation, the availability of any Site content.  The User agrees that all RSS Feeds and news articles are for personal use only and that the User may not resell, lease, license, assign, redistribute or otherwise transfer any portion of the RSS Feed without attribution to the Site and to its originating author. The Site does not represent or warrant that every action taken with regard to your account and related activities in connection with the RSS Feed, including, without limitation, the Site Content, will be lawful in any particular jurisdiction. It is incumbent upon the user to know the laws that pertain to you in your jurisdiction and act lawfully at all times when using the RSS Feed, including, without limitation, the Site Content.  

Close Bitnami banner
Bitnami