Passwords are the backbone of the modern security apparatus. From the time we inherited our first personal email accounts to mission-critical enterprise security systems, almost every piece of security we deal with relies on passwords. Sure, some outliers like the iPhone’s fingerprint-scanning home button, but nearly every precious digital possession is protected by a combination of letters, numbers, and punctuation.
That might all change soon.
This outdated yet ubiquitous technology defines almost all modern security protocols. There are some updates to it (like multi-factor authentication via unique codes texted to the user’s mobile phone), but even these types of precautions can be hacked with enough skill and dedication.
Given the vulnerability to which these types of systems open us — and by extension, our companies and their sensitive and valuable data — it’s no wonder that the game’s biggest names are taking a stab at a new form of security.
A few weeks ago, at Google’s I/O conference, the company announced a much-heralded new security feature — Trust API. The MIT Technology Review wrote it up shortly after that:
During his talk at Google I/O, Daniel Kaufman, the head of the company’s ATAP (Advanced Technology and Projects) arm, casually mentioned the rollout of a new way of securing Android apps called Trust API. Rather than using standard passwords, Trust API will use biometrics like facial recognition, typing pattern, and even how you walk to help determine who you say you are.
Each metric will contribute to an overall “trust score” that will let you unlock your apps. The program will run in the background of an Android phone, using the phone’s suite of sensors to monitor the user’s behavior continuously. If the trust score falls below a threshold, a user might be prompted for additional authentication.
Visa, also a massive enterprise heavily preoccupied with security for its users, also has some futuristic tech in a similar effect.
Now, Visa’s advancements aren’t aiming passwords so much as traditional forms of payment. But, with another thought leader in an equally large and valuable industry making severe moves toward biometric security, it stands to reckon that much of the enterprise digital security apparatus will almost be sure to follow suit.
The proliferation of biometric security presents a host of apparent positive security advancements. However, it also raises several potential concerns — if a company like Google or Visa has access to all your biometric information, if that information is then compromised, identity theft becomes far more easily achieved by hackers. It might also smack of big brother-ism with private companies having that much access to deeply personal information like your fingerprint, gate, facial peculiarities, etc. All that’s to say, though, despite apparent advantages of biometric security, it will take a careful and planned implementation thereof to alleviate all the possible concerns associated with them.