Dear banks, online stores, airports, employers and anyone else who wants to unmask my true identity:
I get it. Now that I do everything possible on a mobile device you need to make sure that my mobile device is safe and that I am really the person behind its controls. You need to know who I am whenever I buy something or jet set out of town. As my phone gets smarter about identifying the real me, I get the jitters. You know more about me than I do (and when Mom and Dad said that to me it wasn’t always true).
We’re talking about biometrics here. Subtle ways for you to know I am who I am.
Until recently the main way you knew “me” was by my secret password. I don’t have to tell you how untenable this has become. The average user manages about 90 passwords. Forgetting them requires resetting them, answering a bunch of weird questions about yourself that even you don’t remember the answer to, and/or playing with those crazy identification puzzles called Captchas where you’ve got to prove you’re a human not a robot. Even with perfect password, it’s still possible for any self- respecting hacker to get a hold of what you’re doing by eavesdropping on your online session once you’ve logged in. Passwords are outré. A majority of security professionals believe passwords will be phased out by the year 2025, according to a new study.
Humans are made of many unique things: DNA, fingerprints, retinal patterns, vocal patterns, etc. Each of these is unique to us and when mushed together make for one unique human. Computer programmers have been busy at work creating biometrics, ways of measuring these unique characteristics to help verify you are you.
Last year a good chunk of mobile phones came equipped with fingerprint readers which many have adopted for extra security. Retinal scanners that scan your eye’s retina are most likely to be used in places like airports where, for instance, CLEAR, the TSA approved service for quick entry uses them. For phone calls, especially to banks or financial institutions, it’s not uncommon to have some sort of voice identification. And many of these are used in combination when security is high.
Millennials can rejoice now that the selfie photo is also being legitimized as a biometric. Uber, for example, routinely requires its drivers to snap a selfie and check it against the driver’s photo on record. Mastercard is experimenting with using selfies for everything from self-automated laundromats that monitor your laundry to online payments that combine selfies and fingerprints as an alternative to passwords.
Weird Science: Behavioral Biometrics
Within the next year or two my guess is that you’re going to see a new biometric authentication emerge… one that’s based on a combination of your behaviors rather than your biology. A new company called BioCatch, looks at 500 different characteristics of your life with your mobile phone. These characteristics include everything from which way you swipe your screen to which hand you use to how quickly you type and how hard you press the screen. Based on these behaviors, the company assigns a risk factor to the likelihood of you being you, a robot or a fraudster. Other startups in this field are KeyTrac and BehavioSec. Companies looking at your keystrokes to determine who you are forecast to have an $800 million value by 2020 according to Global Industry Analysts. But consumers won’t even know it’s happening. The companies call this “frictionless,” but consumers might call it TMI.
It gets more sci-fi, still. Companies like FST are creating “In Motion Identification” (IMID); these are identity-management solutions using a combination of technologies: face and gait recognition, body behavior analytics and voice verification. ContinUse Biometrics is working on a single-sensor platform that detects nanoscale movements in fully dressed people at any angle from a distance. These non-contact biometric captures are leading us into the biometric future where you’re scanned and verified without even knowing it.
Ultimately our mobile devices are quickly becoming proxies for us. Your phone already knows where you are, what you like to do or purchase and who your friends are. Combine that with your unique way of typing and swiping, a fingerprint or selfie, a look at your gait, body composition or any combination of physical and behavioral traits and you can be pretty sure who’s real and who’s a fraudster. That’s great for keeping your finances safe.
But to all of you on the cusp of adopting these new techniques. Just do us a favor--let us know what you’re doing and thinking. And let’s both hope that all the information you’re gathering doesn’t make it into the wrong hands.
Robin Raskin is founder of Living in Digital Times (LIDT), a team of technophiles who bring together top experts and the latest innovations that intersect lifestyle and technology. LIDT produces conferences and expos at CES and throughout the year focusing on how technology enhances every aspect of our lives through the eyes of today’s digital consumer.