White Paper

Mobile biometric authentication: Multimodal approaches for improved matching and spoof detection

Identity fraud: a trillion dollar problem

The vast majority of modern authentication implementations strive to maximize both security and convenience; that is, to:

  • Make it as difficult as possible for a fraudster to steal or spoof the rightful user’s authentication factors (e.g. device, password, token, biometric).
  • Avoid interference with access to the protected asset or service for the rightful user.
  • Dissuade the user from circumventing the intended security mechanisms.

Multifactor authentication (MFA) aims to meet these objectives by making it harder for fraudsters to defeat security mechanisms without adding inconvenience for the user. Mobile authentication methods often use two authentication factors to boost security:

  • Possession: something you have, such as the smartphone itself.
  • Knowledge: something you know, such as a password.

They can also be used in an “out-ofband” fashion, where authentication on (an authenticated) device is used to gain access through another channel, such as through a website via a browser on a laptop.

Download PDF here if you are having trouble viewing.