Taking Dual-Factor Authentication to the Next Level

By Dave Sweeney

A recent survey about logical access control pointed out that in most people’s minds, passwords are passé. An overwhelming 84 percent of those surveyed supported eliminating passwords, while 76 percent of respondents felt an alternative form of verification would make their data more secure.

In the physical security realm, we are increasingly seeing a movement toward something beyond single factor authentication, such as an access card or a key code alone. Many companies have combined the two, but just like passwords that can be shared liberally, codes have a way of getting passed around too.

So how does one up the level of protection beyond the single form of authentication? Dual-factor authentication is usually focused on something you HAVE (a card) and something you KNOW (a code), but there is also something you ARE — a biometric.

A few things are working in favor of biometrics these days. First, the technology has improved and the cost has come down. While far from the least expensive form of authentication, those who opt for biometrics now can feel confident that it will perform as needed.

Second, biometrics are increasingly being integrated into existing security systems. In the early years, a fingerprint reader or palm scanner was a stand-alone product that required its own database.

Another benefit is that aside from the uniqueness of biometrics — making it nearly impossible to steal it from someone else — this authentication factor is always with you. Unlike a card that can be misplaced, or a code that is forgotten, your iris, palm, finger or retina goes where you do.

This can translate into both time and cost savings if lost cards are an issue, which can be an issue with students where cards serve as access into buildings and payment for foodservice. This is why some institutions are opting for biometrics over cards.

It’s important for end users to consult with their integrator about how best to incorporate an additional factor like biometrics into a dual or multi-factor authentication program. Is it something reserved for high-security areas, or do you incorporate it at the main entrance, knowing that once you’re confident about who has entered, you can go with more standard access procedures on inside doors?

And what about the environment in which the biometric is used? A fingerprint scanner that requires people to touch a unit may not be the best choice in a hospital, nursing home or daycare center where germs are a concern.

Biometrics continue to migrate into the mainstream. A perfect example is the finger scan used to unlock your smartphone or computer. Why not consider biometrics as another tool in a dual-factor physical security authentication program?