Portable Authenticated Biometrics are the future of Biometric Authentication, one where you can use your biometric information across platforms and services. Learn how this powerful new technology allows users to hold their sensitive biometric information securely on their mobile device and what benefits it can offer your organization.
By: Tim Spring
What are Portable Authenticated Biometrics?
Many people are familiar with the term Biometric Authentication. It refers to the use of unique physical characteristics to verify a person’s identity, such as their fingerprint, voice, or face scan, and many people use it daily to access their phones or other technologies.
Portable Authenticated Biometrics take these characteristics out of a siloed database, and store them inside of a Verifiable Credentials on the user’s smart phone.
The problem they solve
Current methods of biometric authentication rely on databases of authenticated biometrics that have been proven to be able to be tied to their users. The main benefits being that biometrics are harder to impersonate than traditional passwords, offer more convenience for the user, and cannot be forgotten.
Unfortunately, as technology has advanced, we have realized a few major problems with this system:
Large databases will always represent a lucrative target for bad actors. There is no amount of security that can guarantee that these large collections of personal information stay safe.
Current systems rely on a connection to the database to function. No internet or service means that you cannot share your biometric data or prove your identity, representing another point of failure.
Storing your biometrics with a third party means that they have control over that information and use it as they see fit, including using it to track your digital or physical actions or sharing it without your consent.
How do Portable Authenticated Biometrics work?
Every time a new person is added to a biometric authentication system a template of that person’s biometric data is created, and the system learns what you look like. This is what the system compares your new scan to when you are trying to access your phone or documents. In the system these authenticated biometrics are tied to you, and enable you alone to be granted access.
Portable Authenticated Biometrics are a method Indicio has created of allowing users to hold their biometric data securely on their mobile device. Because of the way it is stored (inside a Verifiable Credential) the data inside cannot be manipulated once the credential is created.
The Benefits
The biggest benefit of this system is that a large database is no longer required to use biometric authentication. This reduces costs and liability for the organization, and offers a huge increase in security for the user’s data.
The second advantage is that by having each user submit their biometric template alongside the new scan, we achieve multifactor authentication built in without any additional effort from the user. All the increased security without the need to check your email or text messages for a one-time code.
The third, and maybe most game-changing feature is the portability inherent in this system. If an organization that you trust — for example the government — issues someone a biometric credential, you can set your systems to accept that biometric information without needing the user to create a new biometric template with your organization. Think of the ease of “login with Google” but even more secure, and backed by any organization that you trust.
Benefits in Context: A Banking Call Center
Let’s walk through a quick example.
When calling your bank to fix an issue — such as a declined payment — you will need to prove your identity. Currently, most banks will ask you for information like your name, account number, social security number, or security questions to try to positively identify you before sharing any personal information. This process is not typically particularly long, but it is also not particularly secure. Any bad actor can also collect this information from a data breach and pretend to be you, increasing the risk of fraud and being dependent on the bank representative to catch it.
With Portable Authenticated Biometrics, the bank representative can digitally request your biometric scan and authenticated biometric to identify you instantly, in a way that cannot be impersonated. Once identification has been achieved, you can move on with the purpose of the call, without having to jump through any additional hoops, saving both the user and the call center time while reducing the chance of fraud.
Getting Started
The technology behind Portable Authenticated Biometrics is built to easily integrate into existing systems to create a faster, more secure experience for users.
If you would like to learn more about Indicio’s system for streamlined user authentication and access management you can read about Indicio Proven here. If you are ready to have a more specific conversation about how to implement this system for your organization you can reach out to Indicio’s team of industry experts for a free consultation here.
