Biometrics are great as long as we understand.

Biometrics are probabilistic, therefore not 100% accurate every time

They should not be shared in central databases. If they are there must be safeguards and strict privacy policies associated with their use

The better approach is to use the biometric to unlock your device or prove you are present.

Your device should then be cryptographically authenticated by the relying party.

The relying party should maintain a list of devices (Authenticators) you register.

The device proves uniqueness.

The Biometric proves presence on that unique device at that moment in time.

Frictionless authentication of the device.

Active verification when the risk demands assurance of the individual who is authorizing or instructing.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.