Blending Big Data and Biometrics Bolster Mobile Security
August 7, 2014 Leave a comment
- NFC tattoos and pinky rings, USB keys, fingerprint scanners, front facing cameras, and the reams of usage data streaming from our mobile devices will change the very idea of identity
- The result will be an emerging idea of ownership based upon physical proximity and pattern recognition, a potent cocktail of biometrics and big data
We are creatures of habit, and gladly so, I might add. Consistency helps us become more efficient, makes the world more understandable, and often gives us something to look forward to. For example, the small gift that is “Tater Tot Tuesday.” This workplace institution should regularly grace any well provisioned cafeteria each and every Tuesday. But what if this were to suddenly and inexplicably shift to Monday or Wednesday? Wouldn’t that elicit surprise, disappointment and maybe even downright anger, particularly among tater tot-loving alliteration enthusiasts?
Each of us in our daily, weekly, and even yearly routine form innumerable patterns such as “Tater Tot Tuesday.” They form the basis of our trust in what is the system of our lives. And we constantly feed those patterns into our mobile devices, even if we’re not actively aware of it. That’s why my Android phone knows to pop up a Google Now navigation card to help me get home after I’ve spent any amount of time at a regular destination (For more on that subject, please see Wearable Computing Will Forever Alter Collaboration, But Not How You Might Think, July 15, 2014). Unexpected deviations from those norms create what are termed outliers in big data analytics parlance. That’s how your credit card company knows to ring you up and inquire about any sudden shopping sprees in foreign climes.
This same idea of identifying patterns and outliers based upon our daily routines is now poised to remake mobile security, creating a better foundation of trust between us, our phones and our enterprise back end systems. Actually, its big data together with physical security measures that will reshape mobile security. Take for example, multi-factor authentication techniques such as the use of USB keys and one time passwords as a means of proving that you are the owner of your laptop. Consider also the use of near field communications (NFC) to unlock both phone and laptop if the two are brought into contact with one another. And look at Apple’s iPhone fingerprint scanner or Amazon’s Fire phone facial recognition tool for unlocking phones.
These two-factor authentication tools are here to stay and should eventually become a key component of every enterprise IT mobility program. But if you’ll recall nearly every sci-fi film that employs some form of biometrics (eye, finger, palm, etc.), there are some pretty serious drawbacks to their use in isolation, namely the loss (some might say dismemberment) of that second authentication factor. Now imagine the combination of multi-factor authentication with outlier recognition algorithms based upon personal device usage patterns. Where are you most likely to login from your mobile phone on a given day at a certain hour?
What we will have is a series of checks and balances across password, two-factor authentication, and outlier pattern recognition that will ensure that you are indeed you when logging into your corporate network, not someone, who just happened to find your phone and your USB key in the back seat of a cab. Of course this is all still very much something for the future, but what it tells us and the vendors delivering both big data and mobile device management software right now is that the two should not be seen as mutually exclusive of one another. It will take a strong cocktail of both endeavors to protect both mobile devices and our precious corporate assets.