Fingerprint scanning isn’t the only way to identify you. Here are a few biometric modalities that we may see taking over soon.
1. Iris recognition
Interestingly, your eyes are a more favorable antispoofing modality than your fingers. The trick is that human iris has 260 identification points located in its vasculature, in just one eye. For comparison, human fingerprint — in the context of minutiae analysis — has only 16 key points.
Apart from uniqueness, iris is also quite stable and pretty easy to capture — telescopic cameras would be enough to do a prompt, noninvasive scan and complete authorization.
Retinal identification would be even more accurate and spoofing-resistant, meaning that it’s virtually impossible to peek at someone’s retina and copy it artificially. At the same time, it’s cumbersome, costly, and mortifyingly long to do.
2. Keystroke dynamics recognition
Behavioral biometric traits are also quite promising. They measure parameters that accompany our behavior: the way we walk, sign papers, what we prefer to browse online, and how we type.
But all new is well-forgotten old! Keystroke recognition has been around for almost two centuries — since the first day people began exchanging telegrams. It turned out the way a person taps a key to combine Morse code into a message is highly unique.
Operators were able to identify each other even if they never met in person. They could even read subtleties that revealed the mood of an operator at another end. Especially, if he or she transmitted news related to some sensitive topics: a sporting match, lost battle, political turmoil, etc.
Today, keystroke recognition is a cheap way to protect your smartphone, laptop and computer. If someone steals your password, they won’t be able to authorize — the system measures your typing with surgical precision. Then, it creates a template that contains tempo, rhythmical cadence, error ratio, and voilà: fraud won’t come through.
3. ECG
It’s quite probable that in the near future people working with sensitive data or items will be required to wear a relatively new type of identification device: smart wristbands.
They kill two or even three birds with one stone. First, such wristwear demands to be activated with the fingerprint scan. Second, it monitors heart beat, which, by the way, is also unique in every individual’s case. And third, although it’s optional, the wristband can be equipped with a GPS unit that will potentially track suspicious routes of a person.
But as with other Internet of things devices, it has its own vulnerabilities. Namely, quite shabby protection — hackers can worm into the system, intercept the pulse signal and tamper it to achieve their goals. It’s called an injection attack.
4. Multiple modalities
Finally, the future will surely call for maximum security. And this can be delivered by multimodal systems. They combine at least two types of biometric verification, which work in a harmonic ensemble: fingerprint + palm print, face + gait, voice + iris, and so forth.
These systems are already used, though sparingly. Their main selling point is that it’s harder to spoof two modalities at once. Imagine you have to construct a hyperrealistic silicone mask with someone’s likeness and built-in heat emitters set to normal body temperature. There’s no guarantee it will succeed. And then, it turns out there’s a second cover-up system to bypass!
So, multimodal systems working in the passive mode — which creates a ‘black box’ scenario when culprits don’t know how a solution works exactly — can be true biometric fortresses.
Stay tuned to learn about the fascinating world of biometric anti-spoofing!