Behavioural biometrics will replace passwords by 2022
According to a Gartner forecast, it won't be long until we can all safely forget those cumbersome passwords we use to secure and unlock our devices, thanks to "on-device" artificial intelligence (AI).
Gartner analysts believe on-device AI, as opposed to cloud-based AI, will mark a paradigm shift in digital security. “On-device AI is currently limited to premium devices and provides better data protection and power management than full cloud-based AI, since data is processed and stored locally,” Gartner says in a report published on January 4.
The research company outlines 10 AI solutions expected to run on 80% of smartphones in 2022 that will become an essential part of vendor roadmaps and our everyday lives. At least four of them impact security.
“Smartphones will be an extension of the user, capable of recognizing them and predicting their next move,” reads the report. “They will understand who you are, what you want, when you want it, how you want it done and execute tasks upon your authority.”
This ability will not only ensure that your digital devices act under your authority, and your authority alone, but it will also ensure you know what to expect from them in terms of functionality and behavior. Going by Gartner’s forecast, “digital me” will be a crucial selling point for IoT / smart home vendors in the next couple of years.
New-generation smartphones will collect behavioral data to more accurately profile the user, paving the way for dynamic protection and assistance in emergency situations. It will also benefit insurers. Gartner speculates that car insurers will be able to adjust insurance rates based on driving behavior.
Behavioral Biometrics is an emerging technology that analyzes user behavior (including keystroke dynamics, gait analysis, voice ID, mouse use characteristics, signature analysis and cognitive biometrics), and creates a unique biometric template on the device. When the behavior doesn’t match the template, the (presumed) impostor is blocked from using the device or the device requires multi-layer authentication (just in case it makes a mistake).
A device with on-board AI could automatically detect inappropriate content – such as objectionable images, videos or text – and flag it, or block it altogether.
“Computer recognition software can detect any content that violates any laws or policies,” according to the report. “For example, taking photos in high security facilities or storing highly classified data on company-paid smartphones will notify IT.”
Probably the boldest, but also the most-likely-to-materialize prediction from the report is the idea that on-device AI will render password-based authentication obsolete. Passwords / passcodes and PINs are indeed a weak defense, with hundreds of millions of credentials leaked, stolen or otherwise compromised every year.
For example, a list of 100 worst passwords compiled by SplashData was only made possible thanks to 5 million leaked credentials.
“Password-based, simple authentication is becoming too complex and less effective, resulting in weak security, poor user experience, and a high cost of ownership,” Gartner asserts.
“Security technology combined with machine learning, biometrics and user behavior will improve usability and self-service capabilities. For example, smartphones can capture and learn a user’s behavior, such as patterns when they walk, swipe, apply pressure to the phone, scroll and type, without the need for passwords or active authentications.”
Gartner isn’t just making assumptions either – Australian scientists have successfully prototyped a small wearable that uses your gait as an authentication token.
Other AI technologies that Gartner expects in portable devices by 2022 include emotion recognition, natural-language understanding, audio analytics, and more.
The road to “true AI”
Artificial intelligence was founded as an academic discipline in the 1950s and it has since had many ups and downs. Tasks requiring “intelligence” from a machine are often discarded from the definition as they become ubiquitous.
Optical character recognition, for example, has become so mundane that it no longer fits the definition. This has led computer scientist Larry Tesler to postulate a theorem along with a now-famous quip: “AI is whatever hasn’t been done yet.”
More recently AI has become a controversial topic, where even those actively developing AI systems express deep concerns about its implications if not handled correctly. Tesla CEO Elon Musk and theoretical physicist Stephen Hawking are just two of many prominent figures of our time casting a gloomy projection of AI in the years to come.
Still, humanity is a long way from true AI. Even the most complex computer systems today can’t emulate the most basic characteristics of human intelligence, such as reasoning or planning.
Originally published 5 Jan 2018: https://hotforsecurity.bitdefender.com/blog/behavioral-biometrics-will-replace-passwords-by-2022-gartner-19401.html