When we talk about authentication at RSA, we talk a lot about convenience and security—and the tug of war between secure access and a frictionless user experience. That’s why striking a balance between them is key to effective identity and access management. It’s also why we’re so excited about the latest feature of the new iPhone X from Apple. Apple Face ID demonstrates the next evolution of security and convenience balanced and blended in one authentication technology. Here’s why:
1. Mobile Device Security Increases with New Biometric Authentication Method
Mobile authentication methods continue a steady trajectory toward more stringent methods of validating users for access to the device. Facial recognition surpasses its biometric predecessor – fingerprints – by introducing facial recognition as a means of authentication. In Apple’s implementation, Face ID requires users to set up a pin code up front, which immediately adds a layer of security for access to the phone that wasn’t there before. And, unlike early iterations of facial recognition technology, it doesn’t rely on using ordinary camera images to recognize a user’s face—which could be easily spoofed with a photo. Rather, it depth-maps the user’s face with 30,000 infrared dots and then “reads” the result to authenticate the user. That makes it a powerful tool for organizations seeking Identity Assurance, or the confidence that users requesting access really are who they say they are.
2. So Intuitive It’s Practically Impossible Not to Use It
In the new iPhone X, Apple Face ID completely replaces Apple Touch ID, taking another step in the direction of convenience. All a user has to do to authenticate is what he or she would naturally do to use the phone anyway: pick it up and look at it. Apple Face ID takes it from there. So rather than adding a cumbersome layer of security that a user has to actively engage, authentication happens with no effort at all on the user’s part. As a result, the device is more secure than ever, while users are less conscious than ever that they are even authenticating.
3. Plays Well With Other Authentication Factors
We’re proponents of multi-factor authentication (MFA) at RSA, and we’ll be supporting Apple Face ID (just as we’ve supported Apple Touch ID) as one of a number of means of authentication for access to applications and other resources. Always relying on a single form of authentication, regardless of how effective or secure it may be, isn’t advisable, especially when highly sensitive applications or other higher-risk scenarios are involved. Multi-factor authentication can be as simple as combining Apple Face ID with physical location data, user behavior patterns or other factors, making Apple Face ID fit seamlessly into the risk-based approach to authentication that RSA embraces.
Flexible authentication is one of the keys to successful identity assurance. With its careful balance of high security and low friction for users, facial recognition technology seems poised to become an important component in any program of flexible authentication. Download our white paper to learn more about all six keys to successful identity assurance.