BIO-key MobileAuth

BIO-key MobileAuth

BIO-key International has introduced its new mobile app, BIO-key MobileAuth™ with PalmPositive™ the latest among over sixteen strong authentication factors available for BIO-key's PortalGuard® Identity-as-a-Service (IDaaS) platform. MobileAuth’s fast, touchless biometric user authentication – using a palm scan – works with any Android or iOS device to provide the unprecedented combination of a simple, privacy-protected, and convenient user experience with the identity integrity and availability that enterprises require.

While multi-factor authentication (MFA) is an essential part of any IAM strategy, organizations such as NIST and the FBI have warned that traditional MFA methods such as passwords and phone-based methods, including one-time password (OTP) generators and SMS codes, remain vulnerable to social engineering and cyberattacks. Moreover, relying parties, lose control over who is accessing their systems, since the end-user can share a credential or enroll additional users into their phones, without the relying party’s consent. In addition, hardware tokens with their lifecycle costs, lost token churn and difficult user experiences present other challenges.

According to the 2020 Verizon Data Breach Investigations Report, 81% of hacking-related breaches leverage stolen or weak passwords. This, along with other well-documented password challenges, has driven the adoption of passwordless workflows using phone apps secured with user-controlled device-based biometrics or other device-unlock factors.  While more secure than passwords, reports of account sharing, unauthorized delegation, and SIM swapping demonstrate that this type of biometrics lacks the integrity and availability required to support enterprise-level security.

BIO-key MobileAuth with PalmPositive offers a different way to authenticate, eliminating the inconvenience, security risks, and costs of traditional authentication methods by introducing the new category of Identity-Bound Biometrics (IBB), which are well-suited for everyday use cases including remote workforces, third-party access, Customer IAM (CIAM), and passwordless workflows.

Starting with PalmPositive as the first Identity-Bound Biometrics authentication method, future methods including voice and facial recognition will be added to BIO-key MobileAuth in 2021 to continue to offer the highest levels of:

  • Integrity: by permanently binding a biometric (palm scan) to the user’s digital identity to ensure only they can use their account privileges, not a proxy.
  • Availability: because the user is free to authenticate themselves across multiple devices, even if a new device is introduced.
  • Security: because biometrics cannot be forgotten, phished, stolen, or forged. Built-in liveness detection prevents imposters from using scanned pictures or fakes.
  • Accuracy: a palm scan is up to 400x more accurate than common user-controlled device-based biometric authentication methods.

  • Approaching the Education Market with Milestone

    Milestone’s Laurie Dickson addresses Open Architecture, new equipment and the cost of entry and upgrading VMS systems over time. She also talks about how K-12 and Higher Education campuses differ in regard to surveillance system needs. Schools have certain guidelines they must follow to protect student identities, and Laurie addresses this question as well.

Digital Edition

  • Security Today Magazine - November December 2021

    November / December 2021

    Featuring:

    • Navigating System Integration
    • Protecting Premises and People
    • Cashing in Your VMS System
    • Encryption and Compliance
    • Security Breach at 38,000 Feet

    View This Issue

  • Environmental Protection
  • Occupational Health & Safety
  • Infrastructure Solutions Group
  • Spaces4Learning
  • Campus Security & Life Safety