Biometric authentication, particularly smartphone face recognition, has gained significant popularity in recent years, promising enhanced security and convenience. It became mainstream when smartphone manufacturers began to include it in their latest models.

Recent research shows that most native smartphone face biometrics are vulnerable to spoofing attacks. Most of these biometric systems are easily manipulated using simple techniques such as showing a photo or video of the authorized user.

So, what's the alternative?

Native smartphone biometrics vs. biometric solutions

First and foremost, it is essential to distinguish between native smartphone face biometrics and biometric systems used in business workflows. Native smartphone face biometrics are designed primarily for convenience and accessibility. In other words, they're designed to verify users on that particular phone. You, your kids, or your spouse or whoever is allowed to create a biometric template on the phone will be able to unlock the device.

Although this isn't a concern when we're talking about unlocking a phone (unless you store super-secret plans on it 👀), it's a concern if your customers are using the phone's native biometrics to authenticate digital banking transactions, for example. It gets even scarier when we look at the above-mentioned report. According to the study, 40% of the phones could be opened with a printed photograph. Worse than that, the photos used for this test were not even particularly high resolution and were printed on a standard office printer on normal paper.

What makes biometric solutions better than native smartphone biometrics?

Using native smartphone biometrics for authentication processes presents several risks for organizations. Firstly, organizations have no control over the security process of native smartphone biometrics. They cannot guarantee the level of security provided by the device manufacturer or the implementation of biometric features on different smartphone models.

There may be a higher rate of biometric accuracy for premium smartphone models, such as iPhones and Samsungs, compared to mid-range models, but the bottom-line is that, by relying on native smartphone biometrics, businesses are levelling their security at the weakest link.

Secondly, relying solely on mobile biometrics as an alternative to PINs or passwords is a threat to security. PINs can be easily shared or guessed (59% use their name or birthdate in their password) and mobile biometrics can be compromised if someone else gains access to the device.

Lastly, native smartphone biometrics do not establish a direct relationship between the biometric data collected and the customer's identity. The organization cannot be certain that the person accessing the device using biometrics is the actual customer, which can lead to identity-related issues and potential fraud.

A biometric solution will not be easily fooled by a picture or a video. Modern face authentication solutions are spoof-proof, combining active and passive detection methods to distinguish between a live-picture or a presentation attack. These methods can detect the subtle differences between a real person and a video or photo of them. This makes biometric solutions extremely secure and reliable for authentication purposes.

Moreover, biometric software enables continuous improvement by detecting spoofing attempts and patterns. Since businesses lack control over the technology used by their customers, this continuous improvement process cannot be achieved when relying solely on native smartphone biometrics.

See biometric software in action

Overall, biometric solutions provide a more reliable and secure option for business workflows compared to native smartphone biometrics. By implementing these solutions, businesses can mitigate the risks associated with spoofing attacks, ensure trustworthy authentication processes, and protect their customers' sensitive data.  

Looking for a biometric authentication solution? Watch the video below and see how we combine authentication and identity verification in a business workflow.

This solution is compatible with almost all enterprise systems and can be implemented into your app or our website in just a few minutes. Ask us how.