{"id":7811,"date":"2017-05-31T12:30:06","date_gmt":"2017-05-31T20:30:06","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/31\/news-1593\/"},"modified":"2017-05-31T12:30:06","modified_gmt":"2017-05-31T20:30:06","slug":"news-1593","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/05\/31\/news-1593\/","title":{"rendered":"Dual biometrics may just be the authentication answer we need"},"content":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt0.staticworld.net\/images\/article\/2017\/05\/eyeball-100724409-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Evan Schuman| Date: Wed, 31 May 2017 12:51:00 -0700<\/strong><\/p>\n<p>A major problem with biometric authentication is that, when it doesn\u2019t work, there are few good options to proceed with the authentication. When the system says that\u2019s not your eyeball, there\u2019s no fallback akin to \u201cForgot your password?\u201d You have to revert to some less discerning authentication method, such as a PIN.\u00a0<\/p>\n<p>Some vendors are trying to deal with this by using a simultaneous, multi-biometric method. \u201cSimultaneous\u201d is important because using two methods consecutively would take more time, resulting in end users\u2019 resistance and lower participation rates.\u00a0<\/p>\n<p>One vendor, Sensory, is making serious headway in figuring out interesting ways to use dual biometrics.<\/p>\n<p>First, it realized that layering one biometric on top of another would just increase the error rate. When you use two authentication methods and a problem with either one leads to a failure to authenticate, then a lot of people are going to be rejected.\u00a0<\/p>\n<p>And the two methods it uses \u2014 voice and facial recognition \u2014 can fail for quite a few reasons. (It uses them, though, because they are highly compatible for simultaneous authentication. The nature of a retina scan, for example, pretty much excludes doing anything else at the same time.) Voice recognition can be flummoxed by background noise or laryngitis, for example. Facial recognition can be thrown off by poor lighting, a change in makeup, the use of contact lenses versus glasses, new beard growth, a deep tan or even an unexpected expression.\u00a0<\/p>\n<p>This all makes Sensory\u2019s sensitivity settings important. Sensory typically recommends allowing authentication from either \u2014 voice and facial recognition essentially act as each other\u2019s backup, so if one says no, the other will still allow access. In theory, then, the user won\u2019t have a problem unless he or she happens to be in a noisy room with really bad lighting. Not impossible, but the odds are in your favor.\u00a0<\/p>\n<p>Such lenient settings won\u2019t please all customers, of course, but they can tweak the level of sensitivity and even have them vary from one role to another. A bank, for instance, could use higher sensitivity for authentications to transfer money, but mid-level sensitivity for something such as looking at a balance. More simply, it could set higher authentication sensitivity for higher dollar amounts.\u00a0<\/p>\n<p>Another interesting aspect of this is that those higher sensitivity levels can be used to thwart spoofing attempts. Video can fool facial recognition, and recordings can trick voice recognition. By using a dual-biometric approach with settings that require at least low-level recognition of both voice and face, spoofing is more difficult.\u00a0<\/p>\n<p>This sort of combined recognition is where Sensory gets clever. According to Gordon Haupt, senior director of vision technologies at Sensory, his team is working on connecting the dots between the two methods. The idea is that instead of voice and facial recognition operating as separate streams toward authentication, both would factor in the concerns of the other. For example, the system would judge whether the lips appear to be saying the words that the mic is hearing.\u00a0<\/p>\n<p>\u201cWe\u2019re looking at the way your lips move when you say your passphrase,\u201d Haupt said. Yes, Sensory is trying to make a biometric authentication system that can read lips.\u00a0<\/p>\n<p>That certainly should make spoofing more difficult. And Sensory enables the use of passphrases that change from user to user and are randomly decided by an algorithm. If it\u2019s impossible for a thief to know the passphrase beforehand, that makes spoofing exponentially harder.\u00a0<\/p>\n<p>Think of the potential for ATM cash access. Could the software be trained to detect extreme fear (expressed by either the face or the voice) in someone who is not alone? That could alert law enforcement that someone is possibly being made to withdraw money at gunpoint.\u00a0<\/p>\n<p><a href=\"http:\/\/www.computerworld.com\/article\/3199112\/security\/dual-biometrics-may-just-be-the-authentication-answer-we-need.html#tk.rss_security\" target=\"bwo\" >http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"http:\/\/zapt0.staticworld.net\/images\/article\/2017\/05\/eyeball-100724409-large.3x2.jpg\"\/><\/p>\n<p><strong>Credit to Author: Evan Schuman| Date: Wed, 31 May 2017 12:51:00 -0700<\/strong><\/p>\n<article>\n<section class=\"page\">\n<p>A major problem with biometric authentication is that, when it doesn\u2019t work, there are few good options to proceed with the authentication. When the system says that\u2019s not your eyeball, there\u2019s no fallback akin to \u201cForgot your password?\u201d You have to revert to some less discerning authentication method, such as a PIN.\u00a0<\/p>\n<p>Some vendors are trying to deal with this by using a simultaneous, multi-biometric method. \u201cSimultaneous\u201d is important because using two methods consecutively would take more time, resulting in end users\u2019 resistance and lower participation rates.\u00a0<\/p>\n<p>One vendor, Sensory, is making serious headway in figuring out interesting ways to use dual biometrics.<\/p>\n<p class=\"jumpTag\"><a href=\"\/article\/3199112\/security\/dual-biometrics-may-just-be-the-authentication-answer-we-need.html#jump\">To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714],"class_list":["post-7811","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7811","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7811"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7811\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7811"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7811"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7811"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}