Bring Your Own Finger - The Consumerisation of Biometrics on Mobile Devices

Firstly, let me apologise for jumping on the BYO bandwagon. I did grimace a bit when writing it but in a way it is rather apt. Biometrics are always with you and you do bring them with you; to the shops, to work, when travelling.....

That's what makes them a very attractive proposition for identification purposes. With the ever-growing list of super-long passwords that we are required to use for an increasingly long list of digital services, the search for an agile method for securely identifying people has been the Holy Grail for some time. Link that with the move towards accessing digital services on mobile devices and you have a situation that creates a perfect environment for easy-to-use, convenient, authentication and identity verification services.

Without even considering the rush by mobile manufacturers to embed fingerprint sensors into their latest smart mobile devices, mobile devices have many sensors that can be leveraged for biometric identification purposes. Cameras (front and rear with the support to capture HD video, high quality microphones, accelerometers for behavioural biometrics etc.

In my latest report for Goode Intelligence, "Mobile Biometric Security - Market Forecast Report 2013-2018", I have revised the forecasts from the original report, published in June 2011, to take into consideration the rapidly changing landscape. My research into this sector has discovered that in the last two years the following factors has created an environment that will create a market that is worth US$8.3 billion by 2018:

The Consumerisation of Biometrics: Apple has changed everything and has again disrupted a market and rebranded biometrics as a convenient method of communicating with consumer technology. Previously, Biometrics has largely been associated with high-end security; border control, national ID solutions and for providing access control for high-security buildings. This has all changed with the Apple iPhone 5s and Touch ID

Convenient mobile device protection: Existing mobile device authentication is cumbersome and inconvenient.  This means that many devices are left with no protection. Replacing a PIN or Passcode with an easy-to-use biometric can reduce this burden

 Mobile Commerce: Mobile devices have become the prime method of carrying out digital commerce yet identity verification and payment authorisation has not yet been updated to match this form factor. Biometrics can offer a convenient and secure method to prove identity and to authorise payments

As part of a multi-factor authentication solution: Most of the major authentication vendors support, or have plans to support, biometrics in their authentication products. This will be supported by authentication standards initiatives such as the FIDO Alliance that will enable biometrics to be easily utilised, when available, on mobile devices

Mobile devices are getting more secure: Apple’s Touch ID fingerprint solution makes use of a ‘secure vault’ to ensure that the fingerprint templates are stored in a secure area of the hardware. It is thought that Apple is leveraging ARM’s TrustZone, a hardware-security environment for secure storage and trusted execution. Security services are being built into all mobile platforms to counteract malware and to protect sensitive information and transactions. Complimentary services such as Mobile Device Management (MDM), Secure Containers and Mobile Application Management (MAM) create a trusted platform to support biometric security on consumer mobile devices