Today people rely on passwords to protect digital information. For years, these strings of code have been the "keys" to access digital property. As 2013 arrives, will passwords be enough to protect valuable personal information?
As technology moves forward, an increased number of personal and business activities are conducted online. Many people are accessing their accounts using their mobile devices. As both mobile and use of online services grows, so does the risk of identity theft.
A technology company called EyeVerify says it has a new solution in biometrics. Biometrics are steadily moving forward as an alternate way to authenticate and access information that is widely viewed to be more secure than using passwords. EyeVerify has developed an authentication method using eye vein biometrics.
The company was launched in Jan. 2012. According to the company's website, EyeVerify's technology "enables mobile users to authorize transactions and access information in a manner that is secure, scalable, and convenient."
EyeVerify aligns with the philosophy that passwords are outdated and no longer able to provide the security needed in the modern world and that biometrics will be the future method to protect valuable digital information. The "brittleness of passwords have become painfully apparent", CEO Toby Rush said in an email to Digital Journal, noting "Voice and facial images [are] too susceptible to being reproduced. At EyeVerify, we are using a more private biometric, and ensuring we have strong spoof detection enabled in our system."
Digital Journal asked Mr. Rush a few other questions about the company and what it does.
Digital Journal: What inspired you to start EyeVerify?Toby Rush: It wasn't hard to see trends like mobile and the consumerization of IT are influencing this new era of BYOD [Bring Your Own Device]. Personally speaking, I do more web access on my smartphone than my traditional laptop.
Gartner predicts BYOD will become the top technology trend for 2013, with mobile devices surpassing PCs as the most common Web access tool. I agree. That said, I have almost 20 years of experience in mobile development, and many security protocols, especially in mobile, are horribly inefficient, exposing users to identity theft and fraud (e.g. mobile banking).
EyeVerify has created 'eyeprinting', a form of authentication based on eye vein biometrics
For instance, passwords, no matter how complex, are too easy to hack, not to mention that most people can't remember them. Voice recognition can be easily compromised by external elements such as background noise, or a bad cold. And there have been increasing privacy concerns relating to the popular usage of face recognition technologies. While Iris scanning is secure and reliable, it requires extra hardware installation, which makes its implementation extremely cost prohibitive for mobile users or businesses looking for BYOD security solutions.
I discovered the core concept of ‘eyeprinting’ at the University of Missouri Kansas City (UMKC) working with Dr. Reza Derakhshani and Dr. Arun Ross, both are leaders in biometric research. It was an interesting research project, and I quickly saw the potential for the mobile market and thus, EyeVerify was born.
Digital Journal: How does EyeVerify work?Toby Rush: Similar to how fingerprints historically were the standard in identifying individuals, EyeVerify has created the first and only mobile authentication solution that leverages the uniqueness of eye vein patterns to obtain a person’s ‘eye print'.
It's as easy as a mobile user glancing left and right using a regular smartphone camera to image and then pattern match the blood vessels in the whites of the eye. Since your eyeprint has four unique points of reference in each eye, this mobile authentication becomes a stable and convenient alternative to proving you are who you say you are. And, because the authentication also requires a ‘liveness’ detection, no one can steal your eyeprint.
Goals and launch date
Currently, EyeVerify has nine employees and is growing, according to Rush. At this time, the company's focus is on using this type of biometric authentication in conjunction with mobile devices, but "we are not restricted to that", he added.
At this time, EyeVerify is in beta and is planning to launch commercially during the first half of 2013. Visit this link to see a demo video on how it works.
Screenshot from EyeVerify demo video showing how the technology works
Many forecasts have been made regarding biometrics, along with several other types of biometric initiatives. According to Government ID News, the biometrics market is expected to reach $10.02 billion by 2014.
According to Reuters, nearly 12 million Americans fell victim to identity theft in 2011. Javelin Strategy & Research conducted the study which also noted identity thieves frequently target users of smartphones and social media.
Will 2013 be the year biometrics replace passwords? What do you think?