Using the Fido Alliance Plenary Meeting as a backdrop, Authentify, Inc. today disclosed its expanded biometric support by announcing its support for the Samsung Galaxy S5 fingerprint reader.
Having deployed speech recognition applications since 2001 and voice biometrics since 2004, the fingerprint reader on the S5 is the first fingerprint device to be supported by Authentify.
Attending the FIDO meeting, Authentify's Chief Technology Officer (CTO) Andy Rolfe focused on the role multiple biometrics will play in mobile commerce.
"Mobility has added a level of difficulty with regard to knowing your user or customer," offered Rolfe. "An end-user and a device can be almost anywhere. Ensuring the device is still in the hands of the same user is critical, and biometrics are the most reliable way to do so. We are able to handle a wide range of use cases and end-users employing multiple biometrics. The FIDO model has done a great deal to spur thinking around the use of multiple biometrics for some users."
Relative to the widely reported successful hacks of both the S5 and Apple iPhone fingerprint sensors, Rolfe was optimistic: "Successfully hacking a fingerprint reader with a gelatin model requires access to both the phone and the end-user. Most crimes committed online are remote, and the cybercriminals don't have access to the end-user. It's a very labor intensive hack. Plus, both Apple and Samsung are working on improved 'liveness' detection to thwart spoofing via gelatin models."
The Samsung Galaxy S5 fingerprint reader will be supported in release 3.5 of the Authentify xFA platform.
"The x in xFA is representative of the x number of authentication factors you can apply by rule or policy as a risk profile might dictate," according to Alan Dundas, vice president of product for Authentify and former security architect at Symantec. "The underlying authentication in xFA employs public key infrastructure (PKI) digital certificates, on top of which voice print, fingerprint, PIN and pattern may be layered. Use one 'authentifier,' or use them all, as your use case dictates."