Biometrics refers to the identification of humans using their physical characteristics such as fingerprints, face recognition, DNA, palm print, hand geometry, iris recognition, retina and so on.
It allows specialists to identify an individual in a far more secure manner than is provided through passwords, signatures and other identification forms that are more easily counterfeited, says Roberto Caprio, MD of Dial a Nerd.
Currently, fingerprint technology is the most popular form of biometric identification. For example, all visitors entering the United States have their fingerprints taken for security reasons and counter terrorism.
Fingerprint patterns cannot be guessed, as is the case with PINs or passwords and, unlike access cards and tokens, they can’t be lost or forgotten. A very common use is access control in any corporate environment that has secure areas, or even clocking requirements in factories to monitor presence.
Increasingly, passwords are becoming easier to crack. Today, hackers have developed large databases of basic strings of characters that are often used to create passwords, and they don’t need to run every possible combination to crack a password.
Web sites will show how weak or strong a password is. Passwords are still secure enough for most applications, but users have to choose a good one.
A classic example of two-step authentication is logging onto a Google account: users will need a password and a code that is sent to a cell phone via SMS to log in. Another very common example is whenever users are requested to put in a pin when making a payment with a credit card.
Two-factor authentication requires the use of two of the three authentication factors:
* Something the user knows (e.g., password, PIN, pattern);
* Something the user has (e.g., ATM card, smart card, mobile phone); or
* Something the user is (e.g., biometric characteristic, such as a fingerprint).
Anything that increases security should be used, but this choice is not so much in the hands of the consumer, but rather in those of the entity providing the service.