Safeguarding information with a “something you know” password, no matter how complex, cannot prevent a data breach. Instead, companies are now implementing “something you are” passwords such as fingerprints and facial patterns, or biometrics, as part of their multi-factor authentication approach.
However, as biometric authentication becomes increasingly common in the financial services industry, employees and customers are beginning to show reluctance to comply with these new security measures.
And rightfully so, considering they can always change their password or get a new ID badge, but they can’t change their fingerprint or facial geometry. When adopting “something you are” passwords, it is crucial that companies understand how to safely store biometric data to ensure that they aren’t subjecting their employees to identity theft.
Here are five ways companies can secure biometric data:
When implementing biometric passwords, the first question that comes to an employee’s mind is “who has access to my fingerprint?” The answer should be a select number of individuals who have privileged and limited access to company and employee data. In essence, the less people who have access to employee biometrics, the better. Encryption
It is important for companies to encrypt all biometric data. This can be done through the use of a cryptographic key. By encrypting fingerprints, facial geometry, voices and other features, companies can keep malicious insiders and outsiders from replicating or using employee biometric information.
Since there are such risks associated with using biometrics, companies need to carefully consider whether they are even necessary for the information they hope to secure. In other words, not every data set needs biometric protection. In fact, the less biometric data you need to store, the less risk you create. That being said, decrease the amount of biometric data that you store by prioritizing which groups of data require biometric protection.
Businesses are using biometrics as part of a multi-factor authentication system – a layered security approach that combines passwords, biometric technologies, among other factors to limit access to critical information. But the multi-factor authentication system is actually part of a larger identity and access management strategy. If you don’t have one already, introduce an identity and access management solution to your security system that allows users to monitor who is accessing sensitive information. An identity and access management solution will notify admins if a suspicious user is attempting to log into a company account.
Rather than reworking your entire cybersecurity strategy, integrate biometrics into your existing systems. Work with your planning committee to introduce biometric passwords one step at a time. Be sure to set quantifiable goals to measure the system’s performance at each level of integration.
Before introducing biometrics, it is crucial that companies understand the risks associated with storing and managing thousands of employee fingerprints, facial patterns and other types of personal data. Through careful and well-planned integration, implementation, financial services companies can safely and successfully adopt “something you are” passwords.