The future of Multifactor Authentication (MFA) took a big step forward with the introduction of the Galaxy S8, Samsung’s highly anticipated successor to the popular -- yet occasionally fire prone -- Galaxy S7.
The device specs are impressive: a wrap-around wide format curved screen, an integrated AI assistant called Bixby, as well as the introduction of DeX, a desktop extension that promises to transform your handheld into a fully capable desktop platform.
However, what caught our attention here at iovation, was the native integration of a variety of multimodal biometric authentication methods that are baked into the device itself, including an embedded iris scanner, facial recognition, and fingerprint scanner. While Samsung has already taken some lumps in the early reviews regarding the ease in which its facial recognition scanning can be defeated by a simple photo, the bigger picture is becoming clear: biometrics are now table stakes for device manufacturers.
We’ve Come a Long Way
It’s hard to believe that June will mark the 10-year anniversary of the iPhone and it’s easy to forget just how far we’ve come. Apple introduced Touch ID, its first fingerprint recognition feature with the launch of the iPhone 5S in 2013. Since this time, Touch ID has become a standard feature on all its latest devices, including the newest iPads and MacBook Pros. With Samsung upping the ante on biometrics as a prominent feature of their flagship device, it’s probably safe to assume that Apple will follow suit and introduce their own facial recognition and iris scanning capabilities with the launch of the iPhone 8.
All of this to say that consumers will soon have an even wider range of biometric features from which to validate their mobile identity. While fingerprint recognition was a natural starting point for biometrics, the ability to present users with a variety of biometric options that range in security strength (for instance, Samsung noted in a statement that facial recognition can only be used to unlock a device but could not be used to authenticate access to their payment service) represents an important step for businesses looking to improve their user experience and eliminate the notoriously insecure password for good.
So, what type of businesses and apps will be the first to integrate these new biometric capabilities? Most likely, banking and payment providers will blaze these trails given their relatively high exposure to risk. But beyond the strong business case, financial institutions as a whole are recognizing that new authentication methods are not only more secure than passwords, they also provide a more seamless user experience that can differentiate their service offerings in general.
In fact, a recent survey conducted by iovation in conjunction with Aite Group found that 85% of online banking customers were eager to replace passwords with more modern forms of authentication, with all generations of users surveyed indicating that they favored biometrics as their preferred authentication method.
It will probably be at least a couple of months however until we begin to see Samsung’s new biometric features being integrated into consumer-facing apps. Samsung will first need to release their Software Development Kit (SDK) and those are typically not released for at least a few months following the device being released to the market. Fortunately for iovation customers, the LaunchKey Authenticator SDK is architected in such a fashion that we can easily incorporate new methods of authentication as they become available to us through the device manufacturer and/or OS. So just as we incorporated the biometric fingerprint scan on applicable Samsung and Apple devices when those hardware features became available, so too will we be able to quickly integrate the iris and facial recognition authentication factors from this new Samsung S8 model.