Biometric log on could be the answer to security threats
Secure: using a biometric scanner at George HW Bush Intercontinental Airport in Houston, Texas
Iris scan - one of the main biometric security methods. Photographs: Dave Einsel/Getty images and istockphoto
Imagine logging on to your eBay account with your fingerprint. Or perhaps accessing your Facebook account via an iris scan.
It might seem a bit much for the average computer user, but it may not be that far off if an initiative is successful.
The use of biometric data as an added security measure is just one of the solutions being proposed by a consortium of firms who have come together to form the Fast Identity Online (FIDO) Alliance.
Security is a contentious issue, particularly when it comes to biometrics. While everyone accepts the need for a certain level of security to protect a person and their property, biometric methods, which include everything from fingerprints to iris scanning, is often viewed with suspicion by the public at large.
Perhaps it is the thought of being watched by multiple cameras wherever you go, or the fear that sensitive data will be leaked by those who place a lesser value on privacy. But regardless of the perceptions, it seems that companies keen to keep private data away from prying eyes are turning to such methods of authentication to ensure that only authorised users can access the information.
The latest to look at such methods are online firms who are seeking to secure the private and personal information of their users. With scams like phishing refusing to die out, and users ignoring accepted best practice in favour of convenience when choosing passwords, additional methods of authentication are being sought.
PayPal is among the founding members of FIDO, which was formally established this month after being announced in July 2012, aiming to revolutionise online authentication. The group, which also includes organisations such as Infineon technologies, Agnitio and Lenovo, is hoping to eventually replace passwords used online with more secure authentication methods.
It is aiming to create an industry-supported open protocol based on agreed standards, and the founders are already developing the specification and FIDO-compliant products. Among the technologies supported will be fingerprint scanners, and voice and facial recognition.
Trusted platform modules, USB security tokens, near field communications and one time passwords are also among the other security options being considered by the alliance as a potential way to keep hackers out and information in.
“An open standard approach such as the FIDO alliance could help to improve biometric solutions which in the future could be used to improve security online or indeed in other systems,” says security consultant Brian Honan.
PayPal and its cohorts are not the only companies to voice dissatisfaction with the humble password. Earlier this year, Google said it hoped to eventually do away with the humble password, saying it was no longer sufficient to keep users safe. It is working on a new form of authentication with a small USB key to replace it.