The Future of Mobile Authentication: Multimodal Biometrics
Identity fraud: a trillion dollar problem
The vast majority of modern authentication implementations strive to maximize both security and convenience; that is, to:
- Make it as difficult as possible for a fraudster to steal or spoof the rightful user’s authentication factors (e.g. device, password, token, biometric).
- Avoid interference with access to the protected asset or service for the rightful user.
- Dissuade the user from circumventing the intended security mechanisms.
Multifactor authentication (MFA) aims to meet these objectives by making it harder for fraudsters to defeat security mechanisms without adding inconvenience for the user. Mobile authentication methods often use two authentication factors to boost security:
- Possession: something you have, such as the smartphone itself.
- Knowledge: something you know, such as a password.
They can also be used in an “out-ofband” fashion, where authentication on (an authenticated) device is used to gain access through another channel, such as through a website via a browser on a laptop.