Google has launched its latest competitors to the iPhone, the Pixel 4 and Pixel 4 XL, with several new cool features including a new biometric face unlock that uses radar technology.
The Pixel 4 is the first device to include secure facial recognition hardware that’s fully compatible with Android 10, which is recognized as a valid form of biometric authentication. Google believes face unlock is secure enough to serve as an authentication method across Android (There’s no more fingerprint sensor on the Pixel 4).
Google confidence in the Pixel 4 face unlock approach is a dramatic statement and may have far reaching implications for authentication vendors. Specifically, vendors that employ behavioral biometrics as their main source of authentication.
Behavioral biometrics have become a widely used payment verification tool. Allied Market Research published earlier this year, indicated the behavioral biometrics market will reach $4B by 2025. The increase in the number of online transactions, development of IoT landscape coupled with the need for enhanced security systems, has driven the growth of the global behavioral biometrics market.
The base premise of behavioral biometrics is that a user can be identified by learning and processing a multitude of specific and unique individual data points. Behavioral biometrics use built-in devices sensors, such as the accelerometer and gyroscope in a phone, to measure and record a user’s behavioral pattern. For example, the way and angle you hold your smartphone, swipe your finger on a mobile screen, the force and manner of your finger, how quickly you scroll etc.
The system learns the way a user naturally interacts with a device or with an application to create a user profile, and detects the difference between an authorized user and an imposter.
What makes behavioral biometrics timely is that once the user has been successfully authenticated, based on their behavioral biometric profile, there is no longer need for cumbersome passwords, tokens and dated SMS verification techniques. Legacy payment authentication methods became obsolete.
On the other hand, behavioral biometrics have multiple imitations.
The lack of accuracy in capturing and binding identity indicators, to the specific user, can lead to failure of the system. For example, a user’s behavior isn’t constant; people act differently when they’re tired, injured, intoxicated, preoccupied or in a rush. In addition, physical activity such as running or working out at the gym, that induces a high pulse or sweaty fingers, will impact detection accuracy. The way people type at the office desk is different from when they’re laying with their laptop on their sofa at home. Behavioral biometrics can be impacted directly and indirectly by external variables and circumstances.
Behavioral biometrics is only as strong as the built-in behavioral indicators found in most present-day smartphones. With the ability of identifying mobile users using face recognition, behavioral biometrics may be in trouble. Think about it… How you hold the phone, how you scroll, whether you use your right hand or left becomes insignificant. Moreover, as facial recognition becomes prevalent, existing applications will have less touch-based data to analyze. This may inevitably mean more fraud and more friction.
Google’s Face Unlock technology will undoubtedly inspire other vendors to get into the face recognition authentication bandwagon. It only makes sense that in the coming years face-based authentication will mushroom. And payment authentication vendors who employ behavioral biometrics alone for fraud prevention should be concerned.
Paygilant’s believes that the most effective way to stop mobile fraud and provide a frictionless transaction experience requires a multi-layered mindset.
Founded by ex-Trusteer people – pioneers in fighting web-based fraud – Paygilant is an anti-fraud visionary in the mobile space. It employs its deep expertise, insight and ingenuity to offer the best mobile anti-fraud solution. Unlike others in the field, who are spread across multiple channels, Paygilant specializes in tackling fraud threats to mobile – making it ideal for mobile platforms and behaviors.
At the core of Paygilant is a super-effective anti-fraud solution, that is frictionless the end-user and is seamless for companies to integrate too.
What makes Paygilant unique is that it combines six intelligence sets – Device DNA, User Space, Activity Map, Bio Markers, App Insights and Transaction View. Paygilant’s secret sauce is the interweaving of its intelligence sets to generate actionable insights and determine fraud/no fraud in milliseconds.
From the outset, Paygilant believes that “behavioral biometrics is not enough”. With Google Pixel 4 reaching the market this may not only be an approach, but rather the reality.