Users prefer biometric authentication methods

Biometric identity authentication technologies are on the rise. Users prefer these friendlier and more secure processes to secure their data and, surveys reveal, they are ready to forget all about passwords.

The global biometric industry is forecast to reach USD 136.18 billion by 2031, experiencing a 13.3% CAGR over the next years, according to Transparency Market Research.

Among the drivers for this growth, shows a survey conducted by PYMNTS, is the fact that more than one third of users are willing to use biometric authentication methods.

PYMENTS’ survey reveals that almost half of the consumers are keen to use fingerprint scans in private and public settings and ready to forget about passwords.

The data is consistent with that published by VISA, that says that in the United States 86% of consumers are interested in using biometrics to verify identity or to make payments and 70% of consumers think that biometrics are easier to use while 46% believe biometrics are more secure than using passwords or PINs.

Adding up is the Digital Identity Services report by iProov. It surveyed 16,000 consumers in eight countries to assess their attitudes to online security and digital identity, including biometrics.

The results are significant, as 64% said they already use face authentication to access their mobile banking and financial services app or are willing to if available. More than half (55%) already use biometrics, either face recognition or fingerprint recognition, to unlock their mobile devices.

Why should applications and websites offer biometric login?

First, using biometric technology to authenticate the user’s identity enhances security and helps prevent security breaches.

In the last years security data breaches have grown at a light-speeding rate. According to IBM’s Cost of Data Breach Report, in 2022, “stolen or compromised credentials were not only the most common cause of a data breach, but at 327 days, took the longest time to identify”.

IBM report states that this attack vector costed USD 150,000 more than the average cost of a data breach.

There are ten fundamental reasons why securing access to businesses digital assets through biometric identity authentication methods is a good idea. Among them:

  • Biometrics is based in the measurement and analysis of individual physical characteristics unique to each person.
  • Biometrics impedes that data can be copied or hacked. With biometric authentication all a person needs is him/herself.
  • Personal smartphones equipped with biometrics capabilities are becoming the standard, serving as the storing hardware of the individual’s biometric patterns.
  • Users have control over their identification data stored in their smartphones.
  • Biometrics improves accountability enabling companies to better track their transactions and activities, minimizing the risk of security breaches and data loss.

Second, biometric identity authentication methods are friendlier to the user. It is convenient and cost-effective for companies and improves the overall user experience.

Compared to Multi Factor Authentication or Two Factor Authentication (2FA), that requires the user to provide two or more verification factors to gain access to a resource, biometric methods of authentication do not require an extra effort from the end user.

For example, in the case of 2FA, to verify their identity users are required to enter a code received by SMS or email.

Thus, the user needs to leave the site or app, go to their SMS service to copy the code, go back to the site or app and paste the code; or they need access their email to click a link.

All this hinders the user experience with the consequent impact on the balance sheet.

B-FY, frictionless and passwordless

Protecting people and their identity is one of the fundamentals of B-FY.

B-FY is a biometric system of “Identification as a Service” (IDaaS), with which our clients can truly identify their users instead of simply “matching” certain authentication credentials, either knowledge or possession credentials.

Our identification protocol does not incorporate passwords or credentials of possession or knowledge of any kind. Nor does it not store any biometric data. Instead, it takes advantage of the biometric identification capabilities of the user smartphone together with the biometrics that they already have stored on them.

To identify the user, B-FY only needs to validate their phone number and email, which are linked to their device where they have stored their biometric pattern. This allows user identification exclusively from that specific physical device and with the user’s biometrics.

If the device is stolen, it will not be possible to access a service protected with B-FY. To access the service providing the biometric data of the device’s owner is a must.

Additionally, with B-FY the user’s data never leaves the user’s physical device, nor does it go to any server, so it is not susceptible to hacking. The user always has control of their biometric data.

Do you want to know more? Request a free demo here.