One of the most effective cybersecurity practices is to use stronger passwords. Most incidents of “hacking” don’t involve any compromises in the underlying system, but rather the password of the user. An attacker might guess or brute force their way through a simple combination.
That said, telling a smartphone user to use a stronger password is like telling people to wear specialized safety gear before getting in a car. It will make their journey safer, but at what cost? Entering a sophisticated passcode every time the screen on your smartphone lights up is nothing if not inconvenient.
Enter biometric authentication. Modern smartphones and laptops come equipped with face scanning and fingerprint reading sensors that let users unlock their devices using a simple scan of their face or, you guessed it, their finger. The whole thing takes less than a second.
Unfortunately, as convenient as these biometric scans are, some users can’t help but wonder about the privacy cost. “Can someone access these biometrics? Are they stored in the cloud? What about a hacker or a rogue application using this private data against me?”
To address these concerns, let’s look at what goes on behind the scenes when you put those scanners to use unlocking your device.
How Do Biometric Scans Work?
The moment you put your finger against the scanner or position your face for the camera to record your biometric data, something interesting happens. A sophisticated algorithm turns your unique biometric patterns into digital code. It is this numerical representation of your face or fingerprint that is actually stored in the system, not a picture of your face or a copy of your fingerprint.
The next interesting piece of the puzzle is the Secure Enclave. There is a dedicated chip on your device where the mathematical representation of your biometric patterns is stored. This chip is completely isolated from the rest of your phone, so even the operating system itself can’t access the dedicated chip, let alone any third-party applications. This information is also stored in a way that if someone managed to gain access to this data, it would read as corrupted.
So how does your device know it is indeed you using the sensor? Every time you run a biometric scan, the algorithm spits out the numerical representation and sends it to the Secure Enclave, which checks it against the encrypted version stored during the original setup. The encrypted representation of your biometric data never leaves the Secure Enclave. The operating system only gets a confirmation of whether the match was successful.
To put it simply, your data never leaves the bounds of the dedicated security chip on your device, and certainly never makes it to any cloud servers. In fact, the maker of your device couldn’t get this data even if they tried, as the system doesn’t have an option for it.
Apart from zero privacy concerns, this setup also ensures that any hackers or rogue applications won’t be able to get their hands on your biometric data. There is no way to access it because it’s never stored anywhere. Only an encrypted version of the mathematical representation is stored in the specialized chip. The visual scan is removed permanently within less than a second.
Should You Use Face or Touch ID?
Biometric authentication can make your life easier without any privacy or security concerns, so we don’t see any reason for not taking advantage of one of these options.
By using one of these biometric authentication options, you can set up a strong password for your device and your most important applications. Sticking to complex passwords is a lot easier when you don’t have to enter them every single time you turn on the screen.
Are these scanners infallible? No. But neither are strong passwords.
No one solution is “the “end all,” but biometrics are a convenient way to bring additional security to your devices and keep your data private.
If you’d like to learn more about authentication options or cybersecurity solutions for your organization, contact us at 888-782-7003 or visit here to schedule a FREE virtual telephone consultation with one of our Senior IT Consultants. Of course, you can always check out our website for additional information on our services or our blog page here where we our team posts security tips, alerts, etc.
Check out recent articles and webinars:
Outlook Intermediate Training Webinar Recording – If you missed this training session, access the recording here!
Microsoft Edge Browser Webinar: Should You Be Living On The Edge? – We’ve recorded this webinar for you!