This past month, FindBiometrics and Acuity Market Intelligence published a report on digital identity tech, focusing on helping decision makers in particular verticals choose platforms for securing their users and infrastructures. It’s a fairly comprehensive writeup covering a large number of vendors, with the central theme being biometric capabilities.
If you want to know where digital identity is truly going, this report is a fantastic headstart.
The authors have decided that the traditional keys to access, such as passwords, are increasingly irrelevant to our new age. In fact, when you think of the old paradigm of your access depending on what you know, it’s not just passwords, but also PINs, OTP, and KBA. It’s all just stuff you type in, any of which can be guessed, hacked, intercepted, or otherwise compromised.
authID gets called out in the report for our fast, friction-free user experience that provides a zero-trust approach to security. The authors recognized our value in citing “with its cloud-based biometric ID platform, authID shines bright as a Prism Catalyst, orchestrating identity while bolstering traditional security weaknesses …as a provider of end-to-end biometric digital identity that puts a premium on user experience.” The report also highlights our increasing success in locking down workforces for our growing list of customers.
At some point, the IT world added access based on what you have, meaning some kind of device. At the extreme end of cost and difficulty in provisioning, it’s a hard token. More commonly it’s your personal device, which is not only physically secured but also portable. Hey, how can they mess with that? It’s in your hand, right? Wrong. Devices are often compromised, including by an increasing use of state-sponsored kits that turn our smartphones against us.
Another aspect of the report is targeting the financial services, healthcare, government, and travel / hospitality markets. These all have their own unique requirements:
- Finserv (in the US) is beholden to the Patriot Act and the need to satisfy KYC/CIP mandates.
- Healthcare sweats HIPAA and the need to secure sensitive, personal health-related information
- Government / public sector must guard the public trust, and with the advent of Covid has seen an exponential rise in benefits fraud
- Travel and hospitality has its own security and anti-fraud requirements, but also invests heavily in user experience
And what do these have in common? The value they can realize from biometric onboarding and authentication.
So I mentioned what you know and what you have. Biometric leverages what you ARE. Leveraging a physical attribute to speak on your behalf is a thing that is uniquely yours, and cannot be presented by another person. Somebody can take your picture, but that doesn’t mean they can inject it into authentication process and use it to be you.
A big promise of blockchain is to allow users to control their own identity. Biometric authentication renders this control even more profound, since even in the blockchain you are simply ones and zeros, while your biometric is inherently you. It’s not data, it’s what you were born with.
At authID, we embody this value prop. We ingest your physical id (eg. license or passport) and your self-image, make sure both are valid, and ensure they match up to establish the viability of your identity. Then we register your facial biometric for subsequent authentication. Need access? Show your face. Lost your access and need to recover your account? Show your face. Lost or upgraded your smartphone? Show your face. The root of trust isn’t your password or device. It’s your face.
authID represents the next step in portability, since it’s not bound to your device, and you usually take your face with you everywhere you go. And on top of this, we process all images in 700 milliseconds, and in conjunction with the friendliest user experience on the market. Speed, accuracy, and a great UX. We like to say it’s the greatest level of assurance with the least amount of friction.
In many multi-factor schemes, there’s still a password that unlocks a second factor. Kind of makes the whole process vulnerable, doesn’t it? A second, stronger factor is not much safer if it’s secured by the weakest link. Criminals can know what you know. They can steal what you have. They can even infiltrate what you have, while you still have it. But a facial biometric is inviolable. It’s you, and you’re the only party who can put it forth.
In a digital world where you are only bits and bytes, isn’t it nice to know you can still assert yourself, announce yourself, and secure yourself with the thing they can’t take from you? Yourself.
Give us a call at authID and find out why we are a leader in biometric identity that puts a premium on user experience.