Secure Authentication

Biometrics solve the “security vs. convenience” question. How? By providing a highly secure method of authentication using identifiers customers always have with them – their face, voice and fingerprints.

There is no one silver bullet for authentication. Biometrics need to be deployed in a layered approach to security as one of at least two factors to establish trust. At Daon, we combine biometrics with liveness techniques, device binding, geolocation, and more to enable inherent multi-factor authentication that combines something you are (your biometrics), with something you have (your smartphone), and even somewhere you are (GPS location). You can also require more than one biometric authentication for risky transactions, such as face via a selfie and voice via a spoken passphrase, using multimodal fusion to provide the greatest level of assurance available today.

The media loves to highlight spoofing attacks when they talk about biometrics and continually pose the question: “What happens if my biometric is stolen?” The reality is that biometrics are not secrets. Our faces and voices are public and our fingerprints are left on every surface we touch. The key to biometric security is to ensure the integrity of the process from capture to matching. Our customers are using a strong enrollment process so there just isn’t any opportunity for an imposter to inject a “stolen biometric” into the system.

Biometric spoofing attacks do not scale and in order to be successful the imposter would not only have to be able to successfully impersonate your biometrics, which is hard, they would also need to have your smartphone and gain access to it before you report it stolen or missing. Hackers often take the path of least resistance to carry out their fraudulent activities, and in this case, there are a lot of roadblocks on their way to being successful. What sounds easier to you, typing in a username and password or making a 3D-model of someone’s face, stealing their phone, impersonating their fingerprint to gain access to it, and then taking a picture of that 3D face while also making it blink?

 

Go to Convenient Authentication