Cyber Defense eMagazine January 2021 Edition

handle the IT and security challenges, identities became more vulnerable and in turn protection more
valuable than ever. As 2021 kicks off, it’s important that businesses understand the benefits behind
biometric-based digital onboarding to ensure organizational integrity as they continue to secure the digital
identities of employees and customers alike.
Enhance remote authentication against increased cyber activity
Since the beginning of 2020, there have been more than 445 million cyberattacks reported, which is
double when compared to the entirety of 2019. When the pandemic forced millions of employees into
remote work settings, it opened up huge opportunities for cybercriminals to take advantage of any security
weak points to attacks aimed at stealing personally identifiable information (PII). In March alone, phishing
attacks related to COVID-19 surged 667% as hackers aimed to separate consumers from their
credentials, looking to leverage fraudulent pandemic-related information and many individuals initial entry
to the all online world to gain access. Still today, as the large majority of the world remains remote and
people do more shopping, learning and working at home, hackers are looking harder for ways to take
advantage of weakened security.
Biometrics make the identity proofing process more robust and secure. They can’t be stolen in the same
manner as your login credentials or lost like a password. They leverage unique personal data – such as
face, voice, finger or iris prints – that people can store and then match later as a single or multi-factor
authentication process. With facial recognition being 99.7% accurate and improving yearly, according to
NIST, biometrics provides that extra layer of defense to ensure identities remain protected. Regardless
of increased threats targeting users who don’t have the security training to help them to flag phishing
emails and other related scams, their identities are more secure.
Ensure your customer is who they say they are by keeping fraudsters out
While facial recognition is a particularly useful biometric modality for mobile onboarding and
authentication – with nearly all mobile devices having built-in cameras and microphones – the method is
still vulnerable to so-called “presentation attacks” – otherwise known as “spoofs.” In short, a fraudster
can try to spoof the biometric data on file by presenting a facsimile, such as a photo, video recording or
mask. In mobile un-proctored onboarding, a fraudster can try to impersonate a victim using a false match
presentation attack. In doing so, they can falsely use their victim’s identity to open a new account. By
registering a false image – a picture of a random person, a smudged image that wouldn’t be biometrically
searchable – a fraudster could work to open up new fake accounts.
To protect against these ploys, it’s essential to apply robust liveness detection when using facial
recognition for unattended or un-proctored mobile applications. There are a couple of ways in mitigating
the risk of facial presentation attacks through liveness detection algorithms: by analyzing facial images
to determine whether they are of a live human being or a reproduction or by adding a second biometric
modality, such as voice or speaker recognition. “Passive” liveness detection addresses this issue by
distinguishing between a live person and a spoof without forcing the user to participate in the matching
process.
Cyber Defense eMagazine – January 2021 Edition 31
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.