September 18, 2013
Technology companies have realized that passwords are not always the most convenient form of security and are seeking alternatives. The new iPhone, for example, features fingerprint scanning while Microsoft’s Windows 8.1 operating system is optimized for fingerprint-based biometrics. Passwords are often long and complicated and difficult to remember. However, new security innovations are emerging that could lead to people relying less on passwords.
“Google Inc., PayPal Inc., Lenovo Group Ltd. and others, meanwhile, have come together in an organization known as the FIDO (Fast Identity Online) Alliance, which is aimed at creating industry standards for biometric and other forms of so-called strong authentication,” reports The Wall Street Journal.
Google is working on a hardware token create by Palo Alto, California-based Yubico Inc. The token would generate a temporary password to be used as a second form of authentication.
“But instead of having to read the password off the token and retype it, employees can simply plug the token into a USB port or touch it on a mobile device using near-field communication, a technology through which electronic devices communicate by making physical contact,” explains WSJ.
Google hopes to release the tokens to consumers next year to aid secure log-in to Gmail and other Google accounts.
Another option from RSA, the security division of EMC Corp., is risk-based authentication.
“This technology sifts through masses of user data from various groups at a company to establish ‘normal’ behavior, then assigns risk scores to each user,” notes the article. “If an employee does something unusual, like log in from a new location, use a different computer, or try to access a system other than his or her usual, the risk score will increase, and the employee may be asked to provide additional authentication, for example by verifying his or her identity over the phone.”
Additionally, employees may begin bringing more individual devices to work, and while this has been perceived as a security threat, it could actually be helpful to biometric authentication.
“We think that biometric authentication is going to be significantly more popular, and the driver and enabler of this is mobile computing,” says Ant Allan, research vice president at Gartner.
Since installing hardware for each employee can be expensive, utilizing personal devices could help cut costs. Employees with personal mobile devices will also most likely find fingerprint scanners easier than remembering passwords.
Other companies, such as Agnitio SL of Madrid and PixelPin Ltd in London, are also developing new security tools such as voice recognition and picture recognition, respectively.
“And, looking further into the future, researchers at the University of California, Berkeley, are studying the use of brain waves as authentication,” ads WSJ. “Test subjects in the research wore a headset that measured their brain-wave signals as they imagined performing a particular task, and the researchers were able to distinguish between different people with 99 percent accuracy. In theory, an imagined task like this could become a worker’s ‘passthought.'”