The market for biometric authentication apps will soar from just six million this year to a staggering 770m+ in four years' time, according to a new study from analyst Juniper Research.
Its new report – Human Interface & Biometric Technologies: Emerging Ecosystems, Opportunities & Forecasts 2014-2019 – predicts that several big name deployments will drive widespread adoption.
Unsurprisingly, Apple will lead the way, with the combination of its Touch ID authentication system and tokenization in Apple Pay appealing to a wide range of consumers.
Tokenization makes transactions more secure by replacing a user’s card number with a special number created to make a payment.
That device-specific token and a one-time passcode are collected by the merchant and then forwarded to the issuing bank, where the token is translated back into the card number and authenticated.
Fingerprint authentication will account for the majority of biometric apps up to 2019 as scanners are embedded into an increasing number of mid-range smartphones, following the iPhone’s lead.
However, other biometrics will begin to gain popularity, such as Descartes Biometrics’ ERGO ear print biometric, and voice authentication from Nuance. These have the added benefit of not requiring any embedded scanning functionality in the device itself, Juniper claimed.
Online service providers like Facebook could also begin to roll out biometrics to better secure their users against account fraud, the report argued.
However, a major education effort will be needed to assure users of the usability benefits and enhanced security, over traditional password-based systems, Juniper claimed.
David Stubley, CEO of security testing firm 7 Elements, warned that the industry is still not mature enough for widespread adoption.
“Fingerprint authentication applications account for much of the growth due to scanners being introduced on mobile phones. However, fingerprints may be the weakest biometric as prints can be lifted and copied with ease, meaning they are easily spoofed,” he told Infosecurity.
“More focused testing of real world implementations is essential to gain assurance that organizations are able to effectively protect biometric data.”
This will require work done on back-end services, especially “biometrics template extraction and transmission and storage,” said Stubley.