Goode reports on growth of biometric authentication

Revenues for mobile and wearable biometric authentication will exceed US$6.2bn by 2022, Goode Intelligence predicts. “By 2022, over 3.3bn users will be benefiting from secure convenient biometric authentication,” the research firm says. Biometric authentication technology on wearables is some “years behind the smart mobile device market” but analyst Alan Goode believes it will “eventually appear on commercially available consumer wearable devices potentially as early as late 2017 or during 2018.”

  • Willam Hugh Murray, CISSP

    Mobiles and biometrics are a natural fit. Possession of the device is one form of evidence in a two-factor authentication scheme, particularly when the owner has the capability to remotely disable and or geolocate lost or stolen devices. The biometric is the second form of evidence.

    The modern mobile comes equipped with both microphones and user facing cameras that can be used to collect biometric data. High-end devices may also have finger-print readers and tamper-resistant storage for holding digital vouchers, tokens, or credentials.

    Consider mobile banking between me and my community bank. Setup may seem a complicated but it takes place in easy stages. First I buy an iPhone with a fingerprint reader and a camera. Then I must register it with a carrier and insert a SIM. At this point, I have access to the Internet and the PSTN. To resist loss or theft of the device, I must now select a PIN and enroll one or more fingerprints.

    Now I must open a bank account. This involves visiting a branch, showing photo ID, providing a Social Security number or other tax ID, the PSTN number of my phone, a postal address, an e-mail address and depositing funds. The bank validates the each of these addresses by sending messages to each asking for a specific response and last, but not least collects the funds and credits them to my account.

    The bank will give me checks encoded with the newly assigned account number. At my option, it will mail a debit card to my postal address. Upon receipt of the card, I must acknowledge it by calling an automaton at an 800 number, enter the 16 digit card number, and choose a 4-6 digit PIN.

    The next step is to install and setup the banks app. Among other things, this involves binding the app to the device, my account number(s), to an e-mail address or userID and selecting an eight (or greater) character password. At this point I may use the app to access my account history,