By: KV Sai Mounish, Department of computer science and technology, Student of computer science and technology, Madanapalle Institute Of Technology and Science, 517325, Angallu, Andhra Pradesh.
ABSTRACT –
This is especially important in the case of working with big amounts of data and when a user’s identity is rather vulnerable, the question of security plays a significant role. The act of verifying the user by using one or more factors in order to practice security is known as Authentication so as to create Multi Factor Authentication (MFA). Among all the types of Authentication factors, the Biometric, or the physiological /behavioral features like fingerprints, facial recognition system and Scans for Iris are becoming more popular since they are other additional and more secure ways of authenticating an individual or a thing. This paper looks at the following issues of concern to MFA systems; integration of bio metric technology, efficiency of the system and the repercussion of being a soft target. It also discusses other issues on the use of biometrics such as privacy, existence of risks of biases and the need to have laws on the use of this technology. Concerning the topic of threats at the stage of cyber protection, bet biometrics, which are used in MFA remain an essential factor of the future of authentications as it unites functions and sets the right level of protection at the same time.
KEYWORDS –
Vulnerable, Security, Multi Factor Authentication, Fingerprint, Facial Recognition, Iris, Privacy, Authentication, Biometrics.
INTRODUCTION –
In the modern world that is now connected through the internet and irrespective of the devices a person uses, one needs security more than anything else. With increased evolution of cyber threats, traditional techniques of securing information, for example through passwords and security tokens, are usually insufficient. This has created a sharp rise in the use of Multi-Factor Authentication (MFA), which is a security technique that draws on users’ multiple independent credentials[1]. ME to FE: When speaking of the factors utilized in MFA, biometric authentication that employs distinct physical and behavioral characteristics, such as fingerprints, face and voice
Recognition has recently received considerable attention[2]. Biometrics can hence be described as an efficient solution to the shortcomings of regular authentication techniques, being more secure and easy to use.
This paper focuses on the incorporation of the biometrics into the MFA systems, the position they occupy in giving a boost to security while considering the challenges and factors related to it. In this context, the present piece is outlined so that the importance of security in the age of globalization is underlined as well as biometrics is introduced as one of the necessary components of multi factor authentication.
1. Better Security with Unique Identifiers
What Biometrics Offer: Biometrics uses the physiological features of an individual including those external features such as fingerprints, iris pattern, face recognition among others and Behavior characteristic such as voice recognition, typing patterns among others to authenticate a particular person. Unlike password or PIN where frequently the same is compromised and used with either replicating the original character or translating it to another account, the biometric trait is unique for every user and thus makes biometric authentication a strong factor in MFA[3].
Security Benefits: When organizations incorporate the use of biometrics in as a part of MFA, it may lower the threat of unauthorized access despite if other components become vulnerable. The features of biometric data make it possible for only the holder of the biometric trait in question to pass the authentication.
2. Reducing Reliance on Passwords
Password Vulnerabilities: The previous MFA solutions tend to use passwords as the component of authentication that can be easily phished, socially engineered or brute-forced[4]. These risks are well explained by the following derivation of the biometric authentication because it does not employ the use of knowledge-based factors which can be easily compromised.
Convenience and Security Balance: Thus, biometrics can be seen as a good compromise between high security and the need of the user to use the system. For example, instead of typing the complicated password to open the gadget, using a fingerprint scan is faster and easier, but more secure.
3. Implementation in Multi-Factor Authentication
Multi-Layered Defense: The “something you are” was in an MFA setup normally applied with biometrics and “something you know” such as a password and “something you have” for instance the mobile device or the security token. This is built in and robust because even if one of the factors has been gamed, one is locked out by the other factors.
Real-World Applications: Biometric authentication is frequently used authentication factor of MFA across sectors in the society. For instance, at the moment, close to all mobile devices employ fingerprint or facial recognition as one of the factors of MFA when launching the donors’ applications or services. Internet financial companies, for example, employ the biometric data for the protection of online payment and those services and companies utilize the biometric MFA methods for guarding the physical and digital environment areas.
4. Challenges and Considerations
Privacy Concerns: This inevitably brings to the topic of biometrics as the core of MFA and their impact in the later aspects of privacy and data protection. Since biometric data does not alter and is so special, any breach could take a lot of time to be disabling. Biometric information about an individual is sensitive and can be hacked; thus, organizations are required to use safe storage mechanisms along with encryption.
False Positives/Negatives: Biometric systems are not perfect and may have issues for instance, false acceptance rate (FAR) the system will grant access to an individual it should not allow and/or false non-match rate it will reject an individual that should gain access. The former can be resolved by continuous improvements in the made systems while the letter can be dealt with by combining the use of biometrics with other variables.
Regulatory Compliance: Since biometrics is used in day to day life activities more and more regulatory authorities and standard are being introduced for the usage, storage and processing of biometrics[5]. It makes it extremely important for organizations to stick to the laws enacted for instance the General Data Protection Regulation, legally and in order to regain the trust of their users.
The role of biometrics in multi factor authentication is shown in Figure 1.
CONCLUSION –
Thus, the potential of digital factors that threaten is inherently increased, and, therefore, there is a need to properly manage and strengthen the security instruments. MFA today is an essential part of the employing of methodologies for enacting protected authorization and the case of biometrics is a worthy example. This is because biometrics are unique characteristics of a person’s physical and behavioral aspects that augment the MFA systems which make them less reliant on the infamous but highly vulnerable means which are passwords. However, as they apply these biometric technologies, the following glitches or challenges come with it. Some of them include: concern in relation to the privacy when using the biometric data, incidence of bias and the regulatory matters should therefore be well managed to give a positive angle of the biometric data. On the same note, it is equally important to state that it will only become even more imperative in the future to meet those challenges in order to help with the dissemination of the applications thus ensuring customer trust. Peering into the future, Dmitri makes a prognosis: the biometrics are to be included into MFA more and more as the progress here is to increase the level of effectiveness of MFA and the level of comfort which is puffed into it. Thus, one can confidently state that as a result of the work executed in the process of completion of the deliverables there is an opportunity to enhance the protection of information and identity of a user in organizations relative to new kinds of threats. Thus, the future of secured authentication is more about the engaged interaction of the biometrics with the other types of authentications, which forms the layers of safety against identity thefts in future.
REFERENCES –
- A. K. Wee, E. G. Chekole, and J. Zhou, “Excavating Vulnerabilities Lurking in Multi-Factor Authentication Protocols: A Systematic Security Analysis,” Jul. 29, 2024, arXiv: arXiv:2407.20459. doi: 10.48550/arXiv.2407.20459.
- H. Zhao, J. Jia, and V. Koltun, “Exploring Self-Attention for Image Recognition,” presented at the Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2020, pp. 10076–10085. Accessed: Aug. 09, 2024. [Online]. Available: https://openaccess.thecvf.com/content_CVPR_2020/html/Zhao_Exploring_Self-Attention_for_Image_Recognition_CVPR_2020_paper.html
- G. Callant II, “Password-less two-factor authentication using scannable barcodes on a mobile device,” EWU Masters Thesis Collect., Jan. 2021, [Online]. Available: https://dc.ewu.edu/theses/668
- S. Manikandan, M. Rahaman, and Y.-L. Song, “Active Authentication Protocol for IoV Environment with Distributed Servers,” Comput. Mater. Contin., vol. 73, no. 3, pp. 5789–5808, 2022, doi: 10.32604/cmc.2022.031490.
- L. Triyono, – Prayitno, M. Rahaman, – Sukamto, and A. Yobioktabera, “Smartphone-based Indoor Navigation for Guidance in Finding Location Buildings Using Measured WiFi-RSSI,” JOIV Int. J. Inform. Vis., vol. 6, no. 4, pp. 829–834, Dec. 2022, doi: 10.30630/joiv.6.4.1528.
- Zamzami, I. F., Pathoee, K., Gupta, B. B., Mishra, A., Rawat, D., & Alhalabi, W. (2022). Machine learning algorithms for smart and intelligent healthcare system in Society 5.0. International Journal of Intelligent Systems, 37(12), 11742-11763.
- Kaur, M., Singh, D., Kumar, V., Gupta, B. B., & Abd El-Latif, A. A. (2021). Secure and energy efficient-based E-health care framework for green internet of things. IEEE Transactions on Green Communications and Networking, 5(3), 1223-1231.
Cite As
Mounish K.V.S. (2024) Biometrics in Multi-Factor Authentication, Insights2Techindo, pp.1