In some ways, it's a marvel that even half of consumers bother to lock their phones.
You would think the benefits would be obvious enough: by entering a few numbers, you can achieve a basic level of protection from prying eyes. But according to a recent study, 44% of users said that even this was too much of a hassle - worse, 30% weren't even worried about mobile security at all. From 0000 to 9999 there are 10,000 possible combinations of digits, yet in a sample of 3.4 million passwords, over 10% were cases in which somebody decided that "1234" was their best choice.
For years now, consumers have been demanding a better way, something more convenient and less time-consuming. As it turns out, they may have had the answer all along without even knowing it - their body parts can serve as their next password. Biometric identification, which works by using the unique characteristics of your body to prove who you are, may be the key to a much more effective system.
In fact, it is an almost certainty that within the next few years, three biometric options will become standard features in every new phone: a fingerprint scanner built into the screen, facial recognition powered by high-definition cameras, and voice recognition based off a large collection of your vocal samples.
To many in the industry, this is not a surprise but an inevitability. We store an enormous amount of our most intimate and personal information on cell phones. Businesses today are already struggling with policies regarding bringing devices from home, and it's only going to get more difficult. A study by Symantec highlighted the depth of the problem - around the world, all different types of companies consider enterprise mobile device security to be one of their largest challenges. PIN codes are better than nothing at all, but nowhere near enough in a world where cell phone theft now makes up a major portion of urban crime, and a missing device means lost company secrets.
Ever since Apple purchased Authentec Inc in July of last year, there has been an endless stream of news stories obsessing over whether Apple will include a fingerprint scanner in their next release. In reality, Apple is one among many players, and whether they include a biometric sensor in the 5S or wait till the 6 is largely irrelevant, the mobile industry has been headed this way for years now. Samsung's Galaxy Nexus phones include facial recognition already (although, they did not do a great job). Accessories that can add a fingerprint scanner to your current phone have proven to be popular, and voice recognition is now available through many different services.
What makes this so feasible is that the technologies needed to make these changes are already in place.
Facial and voice recognition are just software; they can use the powerful cameras and microphones already in your phone. And as the next generation of devices are made with better internal components, these systems will only get more powerful and more accurate. Fingerprint scanners have also matured greatly over the last few years, and at least one company has already figured out how to embed the sensor directly into the screen of the device. These more sophisticated types of log ins enable new types of functionality as well - CrucialTec has invented a system where scanning each finger can be programmed to load a different app.
This switch would mark a major shift in how we interact with our devices - and if the goal is security, there's certainly other less extreme, more measured steps that can be taken. But behind the language of needing better passwords is a much bigger push to build trust in the idea that a mobile phone can securely be used for sensitive transactions. Going forward, our mobile phones can serve as the gateway to our health information, location data, government services, and much more. Entire new industries are being built using these devices as the platform.
Americans still lag behind citizens in other developed nations in how they use their phones. But all that means is that there's a larger opportunity here. If you can have a user feel like James Bond when they touch their screen, they are a lot more likely to believe that a "mobile wallet" is a practical thing.
There are separate questions as to whether these technologies are ready for such a wide-scale deployment. While each have their own strengths and weaknesses, together they provide quite an improvement over the status quo. No system is hacker-proof, but using several biometrics, as opposed to just one or just one password, could go a long way in helping to solve a few of the largest problems we associate with mobile security.
Anytime you are constantly sharing personal information there are potential privacy concerns. With this issue though, the dangers may not be as obvious as they seem at first - after all, biometric identification would be in the form of optional features. And there's no more direct privacy violation than having your phone stolen, and with it, temporarily losing control over all the social media, financial, and personal accounts you had tied to it.
Whenever Apple, or another giant, decides to fully embrace a biometric solution, the sheer scale and frequency which people will use it will have an enormous impact on the future of how we are identified. When you have your body scanned multiple times a day to send a text or tweet, it becomes harder to see the process as an invasive, potentially perilous influence. In the long march of biometric technology into all corners of our daily life, this may mark the turning point where all of a sudden this type of authentication becomes normal and familiar - and forever change the way we interact with the systems around us.