Beyond fingerprint ID: 4 cool authentication ideas we're watching

February 19, 2016 Risk & Fraud
Jeremy Milk
By Jeremy Milk, Head of Marketing
Jeremy Milk
By Jeremy Milk, Head of Marketing

businessman pressing authentication button on login display

These days, account security is like an arms race. The criminals trying to circumvent your security are constantly upping their game, which has caused the vendors selling that security to follow suit. Everybody is looking for new and better ways to verify that a user is who they say they are.

Obviously, we keep a close eye on this innovation at WePay. Authentication is a key part of keeping payments safe, but clunky authentication is a huge impediment to getting a transaction done. The less you have to rely on hard-to-remember passwords and easy-to-guess security questions to authenticate a user, the better the experience is for everyone involved. So we’re always keeping our eye on promising technologies that can make authentication easier and more secure.

Here’s a look at some of the more promising developments we’re seeing.

Keystroke-based User Identification

Samuel F.B. Morse sent the first telegraph message on May 24, 1844. The dispatch, “What hath God wrought?” revolutionized communication in the United States. Over time, telegraph operators developed a signature style of sending messages. For example, each telegraph operator had a distinctive way of keying in the dots and dashes. This style could be “read” by the receiver to determine who was on the other end.

Just like telegraph operators, the way you type on your computer has a unique pattern. When you type a sentence, you pause on certain letters and those pauses are distinctive to you and only you. Computer programs can use this pattern as a form of identification.

By analyzing your typing, keystroke-based user identification software is able to tell who is using the computer. Companies like MSignia, IDControl and bioChec and the U.S. Department of Defense have all funded research into this identification technique.

Better Biometrics

Biometric identification has been around for years. There are programs to read your fingerprints, scan your eyes and recognize your face, but none of these technologies are foolproof. It’s easy to trick a biometric scanner by simply wearing a convincing mask or using a realistic fingerprint copy.

So researchers have taken biometric identification to the next level. Experts at India’s Jadavpur University are using the pattern of blood vessels within a person’s face to provide more secure identification.

Scientists take an infrared scan of your face with a thermal imaging camera. Then they process the image to create a map of all the arteries, veins and capillaries within your face. This map becomes the key to unlocking your account, and it’s almost impossible to mimic.

Multi-Factor Identification

Today, many people still use two-factor authentication. For example, Google’s Two-Step Authentication is a security feature that uses an app on your phone to generate a code, which, once entered, will allow you to log into your account. But there are plenty of ways to get around the security features offered by a simple two-factor authentication.

Multi-factor authentication is a much stronger method. Intel has added a new ‘Authenticate’ multi-factor security feature to their 6th generation core vPro processors.

Instead of relying on one security measure, Intel’s feature has three. These factors include something you know, something you have and something you are. This could mean asking for a password, sending a text message code to your smart phone and scanning your fingerprint. Individually, these security measures can be bypassed, but together they comprise a solid security system.

FIDO Alliance

The FIDO (Fast IDentity Online) Alliance is an industry group that works to create a common set of identification standards that work across all devices. That means the same identification technology will work on Apple iOS as well as a Google Android mobile operating systems—and everything in-between.

This year, the alliance announced big news. More than 100 authentication technologies are now FIDO certified, which means hundreds of millions of users have access to strong security measures across multiple platforms and providers, including Google, PayPal, Samsung, Bank of America, Dropbox and GitHub.

Just like the telegraph revolutionized the way Americans saw communication, new identification technology will transform how we think about online security. Here at WePay, we are dedicated to staying abreast of the latest developments so we can best serve our clients. Let us take care of your security needs so you can focus on what you do best—making your customers happy.

About the author

Jeremy Milk

Jeremy Milk, Head of Marketing

Jeremy is WePay's head of marketing. Earlier, he held marketing and product leadership roles for Intuit QuickBooks, where he got hooked on fintech, and The Clorox Company. He's also a die-hard UNC basketball fan.

More blog posts by Jeremy Milk