Fingerprint, face or iris scan? Biometric unlock options on mobile devices all work on the same basic principle: getting users to verify their identity using unique personal physical characteristics. But which approach to authentication is the most secure?
With the latest smartphones, users can choose from a range of biometric authentication options — including facial recognition, fingerprint and iris scanning, and even voice — to unlock their device. These biometric authentication technologies continue to improve, with more sophisticated sensors and algorithms helping to reduce false acceptance rates (FAR) and block attempts at spoofing. On the other hand, biometrics must take into account user convenience and environmental considerations, such as how quickly the user can unlock the device and in what environment it will work most effectively.
Efforts to satisfy both security and user convenience requirements continue to drive new innovations in the biometrics space. For example, the latest phones in the Samsung lineup, including the new Galaxy S20 series, have introduced an ultrasonic, in-display fingerprint sensor, which creates a 3D image of your print and is more secure than traditional capacitive fingerprint readers.
Here is a quick rundown of the biometric security options available today and how secure they are.
Fast, easy and convenient, facial recognition is a great option for consumers and many business users. Using facial recognition, unlocking your device is almost instantaneous, as long as the device is angled in the direction of the user.
However, there are security limitations with facial recognition. Implementations that do not map the face in three dimensions can potentially be spoofed using a photo of the user, while even sophisticated facial recognition technologies have a higher FAR than many of the advanced biometric authentication options discussed below.
In addition, facial recognition can be prone to false negatives. That’s when your device fails to unlock because you are wearing glasses or makeup, or just due to differences in ambient lighting. Security-conscious organizations handling sensitive data should consider fingerprint or iris scanning for greater protection.
Iris scanning using an infrared sensor was introduced on Samsung’s Galaxy S8, S8+ and Note8 in 2017, and also featured on 2018’s Galaxy S9, S9+ and Galaxy Note9. It offers an extremely high level of security and allows users to “unlock with a look,” even when on the go or wearing gloves.
Your iris is an extremely data-rich physical structure and contains a pattern that’s unique to each individual and virtually impossible to replicate. Additionally, because eyes are self-cleaning and image capture is performed without physical contact with the reader, readings are highly accurate and reliable.
What's the Best Phone for Your Business?
Take this quick assessment to find the smartphone most tailored to your business needs. Download Now
Compared to facial recognition, unlocking with iris scanning tends to be marginally slower, as the user must align their eyes with the infrared sensor holding the device 10-14-in. from the face. Additionally, iris scanning can be affected by wearing glasses or contact lens. Bright sunlight can also lead to false negatives due to infrared noise.
The bottom line is iris scanning provides a strong combination of security and convenience, especially for those needing to unlock while wearing gloves.
Capacitive Fingerprint Sensors
The first biometric authentication method to appear on mainstream smartphones, capacitive fingerprint scanning is fast and offers low FARs.
Unlike early optical scanners that essentially took a “photo” of the user’s fingerprint, capacitive scanners detect the ridges of the fingerprint as they make contact with a conductive plate. This means capacitive fingerprint scanners won’t be spoofed by a two-dimensional copy of the user’s print. There have been reports of sophisticated three-dimensional replicas being used to fool capacitive sensors, but this risk is minimal for most businesses.
Capacitive fingerprint scanners are a good choice for most enterprises, as long as users don’t typically wear gloves (as some field-based workers do).
Ultrasonic Fingerprint ID
Introduced first on the Galaxy S10 and S10+, ultrasonic fingerprint ID is a new type of fingerprint sensor that uses ultrasonic waves to create a 3D image of your fingertip. Fooling the ultrasonic sensor is much harder, since the scanner doesn’t just reference your fingerprint’s pattern, but also the exact contours of the ridges, notches and abnormalities. Samsung has also backed up this upgrade with a machine learning algorithm that helps detect the differences between real fingerprints and forged 3D replicas.
The other major advantage of ultrasonic fingerprint ID is that the sensor operates through the display. This has allowed Samsung to place the sensor on the front face of the phone within easy reach of the user’s thumb, without sacrificing screen real estate. Users should make sure they don’t have a screen protector applied when they register their fingerprints, as this can interfere with the ultrasonic sensor. If using a screen protector, it’s important to choose one that is compatible with ultrasonic fingerprint ID.
Bottom line: Ultrasonic fingerprint ID provides significant improvements in both security and usability, making it an excellent option for enterprises and business users.
Securing Data With Samsung Pass
Unlocking your device with your iris or fingerprint is just the beginning of leveraging biometrics. Biometrics can also be used to replace account passwords or authenticate to data separation solutions.
One convenient way to do this on Galaxy smartphones is Samsung Pass. Samsung Pass lets users replace user IDs and passwords while browsing the web using Samsung Internet, as well as on supported apps. With the addition of Secure Folder — which makes use both of Samsung’s hardware-partitioned security capabilities and its cloud security system — you can ensure that the sensitive data and personal information you store and share on your phone stays completely secured.
Download our comprehensive guide to better securing the personal and work data on your mobile phone.