Mar 13 2018

For Higher Ed, Biometrics Promises One-of-a-Kind Security

Institutions explore identity authentication tactics involving fingerprints, irises and even hearts.

PINs and passwords are still the most common way to secure mobile devices, but that could change as biometric authentication goes mainstream. It’s already possible for individuals to unlock smartphones, access bank accounts and enter buildings by confirming their identity via fingerprint or facial recognition.

Security concerns, along with increased use of connected sensors, are making biometrics a more popular method of authentication, says Anil Jain of Michigan State University’s Department of Computer Science and Engineering.

“Biometrics really link an ID to a body,” Jain says. “Keys can be shared. ID cards can be stolen; fake ones can be made. And people often use a very simple password. That’s why biometrics is rising in popularity.”

At several institutions, projects are under way to develop new uses for biometric technology. Rutgers University researchers, aiming to reduce the risks of one-time verification, created an application that conducts periodic behavior checks to continuously monitor who is using a device.

For instance, the application can compare a user’s swipe motion to the owner’s prerecorded style of touch navigation, says Vishal Patel of Rutgers’ Department of Electrical and Computer Engineering.

“The amount of pressure you apply on the screen and the area of your finger you use are different than mine,” Patel says. “You can come up with a model and, if you see any deviation, lock the device.”

Early Adopters of Biometrics Address Roadblocks

A few early adopters are already incorporating biometric-based technology on campus. Georgia Southern University began using iris scans to grant access to student dining halls in 2013. Last fall, the University of Georgia instituted a similar system. The University of Southern California uses fingerprint scans for student housing.

For some institutions, the expense of replacing locks with keypads is a roadblock to adoption, Jain says: “In some situations, such as a high-security lab, it may not be detrimental. However, if a campus has a hundred buildings or more, you’re talking about a lot of investment.”

Security is another concern. Someone who managed to steal an individual’s biometric information could use that to fabricate face and fingerprint models, says Wenyao Xu, a professor at the University of Buffalo.

That’s why he’s working on a project that could circumvent just that type of identity theft: authentication using a 3D image of an individual’s heart, obtained using low-level Doppler radar. The heart, of course, is much harder to counterfeit than a fingerprint and isn’t susceptible to hiccups that can disrupt facial recognition technology, such as eyeglasses or a hat throwing off a sensor.

Two-Factor Authentications Boosts Security

Biometrics aren’t likely to eliminate passwords or PINs, for the simple reason that two-factor authentication provides better security.

That said, if a university is willing to make the investment, Jain sees a strong case for biometric technology, particularly at campuses that handle sensitive data or materials. For example, he said, “many higher education institutions have research that involves controlled substances. If you use biometrics, you have a trail of who accessed that cabinet.”

Petrovich9/Getty Images

Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.