Biometric authentication could gain more traction as corporations focus more on device security and identity verification, amid the growing trend toward enterprise mobility.
Proving people are who they say they are has been a challenge for digital security since computers have been in use, according to Tracy Hulver, chief identity strategist at Verizon enterprise solutions. He added biometrics provided a "multifactor" authentication scheme: pairing "something you know" such as a user ID and password combination, with "something you are". This would make it much more difficult for a criminal to hack into systems pretending to be an individual.
"Biometric technology is a great way to authenticate individuals into corporate systems, resources, and data," Hulver explained. "The reasoning is simple: since everyone has a unique biological identity, let's apply that single biological identity to cyberspace to establish trust."
According to Chenxi Wang, principal analyst at Forrester Research, there will be room for new innovations and revenue opportunities as personal devices become the norm in enterprise computing.
She pointed out that over 70 percent of organizations worldwide already had some form of a BYOD program. Wang pointed to a Forrester survey which found 62 percent of those who used a smartphone, and 56 percent who used a tablet, for work purchased the device themselves.
Biometrics innovation growing
EyeVerify is one company looking to tap the mobile biometrics market with its innovation: a security verification system based on eye veins. Its "EyePrint" software, beta launched in March, makes use of a mobile device's camera to pattern-match blood vessels in the whites of users' eyes.
Toby Rush, CEO and founder of EyeVerify, noted "strong" biometrics historically had been limited due to the cost of deploying the extra hardware. "The cost and convenience factors were just too high. Face recognition has not been stable enough, and voice struggles from both accuracy and not being discrete enough.
"The eyeprint, or eye-vein biometrics, can provide accuracy like fingerprint, but it is available anywhere there is a smartphone," Rush said. "We will see biometrics launch on a number of devices in 2013 and 2014. By 2015, it will be commonplace."
The CEO pointed out frontrunners for adoption include markets where mobile devices were becoming critical for business operations, such as financial services, enterprise, healthcare, government, and also in consumer-facing password vault applications.
Another U.S. startup eyeing the market for mobile authentication is Passban. It offers a free service, called Passboard, which allows "multi-factor" security via either voice, face, motion, token, and location verification.
Its software automatically adapts to the users' environment. If it is too noisy, it uses face verification. If it is too dark, Passboard switches to voice verification. The software also is able to automatically adjust the level of verification needed according to a user's physical location.
"We will see biometrics launch on a number of devices in 2013 and 2014. By 2015, it will be common place."
CEO and founder of EyeVerify
Tipping point will come down to cost
"Biometrics, without a doubt, will become more prevalent as a component or add-on to mobile devices in the coming years," said Hulver.
However, he highlighted it was important not to become too complacent and assume the technology would be "fool-proof", adding that there would never be a substitute for personal due-diligence.
Despite its clear potential in the business environment, he noted the current challenge with tying biometrics to cyberidentity is, ultimately, cost.
Hulver said, as with any technology, the adoption rate for biometrics is dependent on the ability to use it in multiple locations in both physical and online environments. "There is a tipping point that occurs with all technologies where cost, ease of use, and available infrastructure combine to drive demand. We are not quite there yet with biometrics," he said.