Look! No PIN!

By Philippe Le Pape, VP Partnerships and Presales • Safran Identity & Security

June 08, 2016

This week, Visa Europe presents a three-part series on a subject that is dominating the headlines: biometrics. We have invited Safran, the leading supplier of technology for security as well as aerospace and defence, to give us its perspective on why biometrics is such a hot topic today and where they see the industry heading. If you missed the first part of the series, “Cybersecurity and the Road to Biometrics”, you can read it here. The final part – “The Mobile-powered planet” is available here.

When discussing two-factor authentication, we touched on what makes for strong authentication: something that the user knows, something the user possesses, or something inseparable from the user. We could redefine ‘something inseparable from the user’ as ‘something you are’, as the human body provides numerous excellent ways for identifying an individual. Fingerprints, for example, have been used by police agencies around the world as a method of identifying suspect criminals since the end of the nineteenth century.

Biometric authentication uses physiological identifiers (e.g. fingerprints, facial recognition or iris scans) to confirm an individual’s identity. As such, a biometric system is essentially a pattern recognition system; an individual’s biometric data is verified against a previously stored example of that individual’s template. Fundamentally, biometrics provide the only way to link an individual’s physical identity to their digital identity.

A typical biometric system contains five main components: a sensor to capture and digitise data, signal processing algorithms that form the biometric template, a data storage unit, a matching algorithm that compares new templates to those previously recorded and stored, and a decision process that uses the results of the matching algoread rithm to accept or reject a new individual.

The type of biometric authentication used is determined by the target application, including the sensitivity and risk associated with the digital secured transaction. Data privacy management is even more crucial where user authentication takes place in the cloud. Any biometric system, especially one that involves a component of interconnectivity, must be very carefully designed to prevent the loss or interception of user biometric data. Typically, systems incorporate cryptographic safeguards to prevent the interception of biometric data while it is being communicated. Similarly, where a biometric template is stored on a device, it is protected by cryptographic and encryption tools.

Identification based on biometric characteristics is superior to traditional passwords and PIN based methods in several key ways:

  1. Ease of use
    • Identification based on biometric techniques obviates the need to remember a password or carry a token. Moreover, the software and hardware are designed for ease-of-use; even in lighting conditions where mobile screens are hard to read biometric techniques are easier to use than entering traditional passwords.
    • Biometric technology gives accurate results with minimal invasiveness; typically a simple scan or a photograph is usually all that’s required.
    • Biometric identification is extremely quick, which is another advantage over other traditional passwords, especially on mobile devices with small keypads.
  2. Increased security
    • Personal characteristics, such as fingerprints and iris scans, provide unique and accurate identification methods. These features cannot be easily duplicated, nor directly exploited to steal identity, which means a high level of security and only the authorised person gets access.

Biometrics has evolved from niche military applications, to broadly used criminal justice applications and, more recently, as a widely used civil identity solution. Today, biometric data is already used to manage and protect the unique identity of individuals and fight against fraud. As an example, in the UK, Safran Identity & Security is supporting the government’s new GOV.UK Verify program which provides a way for citizens to prove who they are online so that they can safely and securely access a range of digital government services, such as renewing driver licenses or filing taxes. Identity verification is linked to different Levels of Assurance according to the kind of information provided by the applicant. The highest level of assurance (Level 4) is subjected to specific processes, including the use of Biometrics, to further protect the identity from impersonation or fabrication.

A similar scheme – Idensys – is being piloted in the Netherlands.

On Friday, we’ll conclude this series by looking at how mobile technology can provide a solution for civilian identity problems and the role of R&D as we move into the future.

Share this post

Like this post

Related Articles

3 (billion) is the magic number for contactless

May 11, 2016

Last July we celebrated a major milestone for contactless technology: surpassing 1 billion “touch to pay” transactions made in a 12-month period for the first time.

Tristan KirchnerNick Mackie Read More

The mobile-powered planet

June 10, 2016

This week, Visa Europe presents a three-part series on a subject that is dominating the headlines: biometrics. We have invited Safran, the leading supplier of technology for security as well as aerospace and defence, to give us its perspective on why biometrics is such a hot topic today and where they see the industry heading.

Philippe Le Pape Read More

Many firsts at the Eurovision Song Contest

June 01, 2016

There were many ‘Firsts’ at the 2016 Eurovision Song Contest in Stockholm in May.

Christina Lind Read More

Money2020: Visa Europe Collab talks wearables and authentication

May 06, 2016

We were excited to be part of the Money2020 conference place earlier this year. Collab Innovation Partner Mike Philpotts took part in a panel talking about the evolution of wearables and authentication systems and shared some highlights with industry news site Finextra, as well as talking about some of Visa Europe Collab’s work exploring the space.

Mike Philpotts Read More

Securing the future

August 03, 2016

Historically, payments existed in a tightly controlled ecosystem – issuers were often also acquirers, the production of the plastic and the devices were managed through a strictly monitored programme. Looking back, it feels like it was a relatively contained environment.

That environment will not exist in the new economy – instead, we will have huge numbers of players with contributory roles, all interacting with each other.

Jonathan Vaux Read More

Contactless: The overnight success story 10 years in the making

April 26, 2016

“In the digital age of ‘overnight success’ stories such as Facebook, the hard slog is easily overlooked.” – James Dyson

Did you know that the word “contactless” was one of the Collins Dictionary’s words of the year last year?

Nick Mackie Read More