The adoption of biometrics technology is gaining momentum as organizations seek security systems that protect data and valuable physical assets. In this environment, IT service providers can help customers better understand how biometrics tools can improve security across the IT enterprise while adding "cool" user-friendly technology to the consumer experience. IT service providers can gain a stronger relationship with their clients as they work through this process.
Defined as the measurement and recording of a person's physical characteristics for personal identification, biometrics has many modalities, including fingerprint, face, iris and palm. Organizations also use behavioral biometrics to identify people by how they do what they do. This includes using signatures and a person's voice to verify an individual.
As the need to create secure systems continues to evolve, biometrics tools offer IT service providers another way to protect information, authenticate users and mitigate fraud. Depending on the customer's requirements, service provides may deploy biometrics in conjunction with existing security applications, as a new layer of security, or as a replacement for old security systems that have outlived their usefulness.
"There are a number of opportunities for IT service providers," said Maninder Singh, associate director at Deloitte's cyber security practice in London. "Biometrics can be integrated alongside existing systems and processes, such as risk scoring, access management and single sign-on systems. This helps to create the right balance between security, which is crucial, and user experience."
Wider use of biometrics tools
The need to find better security solutions has helped push the use of biometrics across the financial sector, according to Frost & Sullivan, and at healthcare organizations, as noted in a MarketsandMarkets report. In recent years, the ability to pay for goods and services by using electronic signatures on mobile phones has helped catapult biometric use cases in the retail sector. Furthermore, the increasing use of facial recognition technology or fingerprint scans to unlock smartphones has improved consumer attitudes toward using biometric authentication, a report from the Center for Identity at the University of Texas at Austin stated.
Deloitte predicted that by 2023, more than three-quarters of all smartphone owners in developed countries will use some form of biometric authentication, and 80% of smartphones will have at least one dedicated sensor, such as a fingerprint or a 3D facial scanner. This compares with about 29% of owners who will use fingerprint authentication in 2018, and a base of about 42% of devices with a dedicated fingerprint sensor.
Biometrics in mobile devices will drive the technology's use across the retail sector, a report from Juniper Research found. The report reveals that mobile biometrics will authenticate $2 trillion worth of in-store and remote mobile payment transactions annually by 2023. That's 17 times the $124 billion expected in 2018. This will occur, in part, because initiatives associated with secure remote payment transactions are increasing and more biometric platforms will proliferate.
Another driver of biometrics is the desire to replace what Microsoft calls "an ancient security model -- the password." To that end, Microsoft recently announced web authentication for its Edge browser. That move ditches passwords in favor of face and fingerprint recognition to let users log in to any Windows 10 device.
Protecting valuable assets is another reason to install biometric solutions. For example, Michigan State University has implemented a biometric access control system that uses a fingerprint sensor and a face recognition camera to authenticate users and prevent unauthorized access to its computer science and engineering department's lab facilities where expensive servers, more than 100 workstations and proprietary research documents are housed.
Biometrics in healthcare
In the highly regulated healthcare sector, where data breaches can be costly and time-consuming, hospitals are using multiple biometric solutions to combat fraud, improve patient privacy and manage access to healthcare facilities.
Healthcare organizations will use several types of biometric applications to address many different use cases, predicted Sean Kelly, M.D., chief medical officer at Imprivata Inc., a Lexington, Mass., company that provides healthcare organizations with a security and identity platform.
"There is not a one-size-fits-all tool that magically works for all use cases in healthcare," Kelly said. "The case of someone presenting for chemotherapy requires a higher level of certainty and privacy than someone who wants to log into a patient portal to check the date of their next doctor's appointment."
Kelly added that macro trends in the use of biometrics among consumers mirrors the growing use of the technology in the healthcare sector.
"This is an exciting time: We are about to see an explosion of adoption and acceptance of biometrics in healthcare," Kelly said.
Handle with care
While IT service providers can broaden their business offerings with biometrics tools, Singh said they should be careful how they implement the technology.
Maninder Singhassociate director, Deloitte
"All biometric data can be regarded as personally identifiable information and must be protected according to relevant privacy legislation," Singh said. "There are two main ways to implement biometrics: local and centralized."
For local implementations of biometrics, Singh noted that the challenges include the inability to integrate into enterprise systems and infrastructure, the lack of scalability and how users have to enroll into each and every device used. This creates barriers to adoption.
"The challenges for centralized implementations of biometrics include potential legal implications of transmitting biometrics data, which varies depending on the geography being operated in," Singh explained. "In addition, this type of biometric authentication can suffer from delayed response, usually caused by network latency, and potential security concerns due to central storage and overly complex system architectures," he added.
To overcome these issues, vendors are teaming with other IT providers to develop a go-to-market strategy that will help customers adopt biometrics in healthcare and other vertical markets. For example, Imprivata has partnered with Fujitsu Frontech North America Inc. to use its PalmSecure palm vein recognition technology. PalmSecure is packaged along with Imprivata's patient identification offering for patient matching among healthcare customers.
Charles Yanak, director of product management and partner development at Fujitsu Frontech North America, said his company has seen a significant uptick of channel partner requests in markets, like the automotive industry, that once showed little interest in the technology.
"As far as marketing biometrics to end customers is concerned, channel partners love it because the technology offers them the ability to sell a technology that is convenient and has a more secure methodology of identifying individuals," Yanak said. "Compared to a password or a token or an ID card that all can be stolen, consumers like the fact that biometrics offers more security, more convenience and they like not having to remember anything or resetting passwords."
Looking ahead, biometrics tools may present a whole new level of user experience and safety to driving in the connected car.
"A driver will one day open his car door, start the car, and put his hand over a palm sensor which will identify who he or she is. Once that's done the seat, mirrors, the car radio and other electronics will be adjusted to the desired settings," Yanak said.
He added in the future one can foresee biometrics being used to match the identity of a person in the driver's seat to databases that list drunk drivers or car thieves that have a criminal record. In that use case, once the biometrics match is made the car is disabled and won't move.
"People are discovering that biometrics is a secure and convenient technology that also happens to be cool," Yanak said.