Biometrics is Only PART of the Answer

The time will come when you will be able to walk into any shop, chose what you want, pay for it where you are standing, and walk out with it, without having to go through the nonsense of lining up. The same will apply to getting through airport security/immigration, into a concert, onto public transportation and so on. Each of these ‘transactions’ will happen in the background.

The time will also come when whom you are is enough to make all of these transactions happen almost seamlessly, and biometrics will be an enormous part of that. However, WHAT you are does not equal WHO you are, and that’s where biometrics vendors miss the point. No form of static authentication (of which biometrics is one, same as passwords) can encompass your entire identity. Your likes, dislikes, hopes, fears, ambitions, friends & family interactions, even your reputation. The things that make you human, and 100% unique.

Also, what biometrics cannot do is replace every other form of authentication in the near term. Certainly not the authentication of payments for example when you consider that all payment card schemes globally are united behind the PIN.

“But that’s already happening!” you may say, and you’re right, you can authenticate payments with a fingerprint via your mobile device (Apple Pay for example). Then again, I can spend £20 (£30 from this September) at a time with my Visa / MasterCard contactless card with typically no authentication at all.

Ultimately, what we’re trying to get to is the universal demonstration of the one thing upon which all the above transactions rely; trust.

No single form of authentication (biometrics included) is going to get you a car loan, or a mortgage, but it WILL get you a cup of coffee, because authentication is just a sub-set of the overarching principle related to the demonstration of trust; Identity Management. The who you are, or more to the point, who you have been, is what gets you the mortgage, all your face is going to do is give the lender reasonable assurance that they are talking to the right person.

Authentication is not the answer that addresses the trust challenges we face today in a distributed world. Trust is not built on how you authenticate, it’s built on a irrefutable representation of your life; your credit history, criminal record, work history, references, social media profile, public statements of opinion (blogs, etc.) and so on. You are not going to place trust in someone you will likely never meet in person until you are reasonably satisfied that they will keep their end of the bargain.

Even multi-factor authentication is only going to give more certainty that the person you’re dealing with is the person you expect, it does nothing to ensure that your transaction will go as planned. Only identity can give you that kind of assurance.

Every transaction in the future will be a combination of identity management and authentication, and how much you need of each will be agreed by both sides, up front. This is a complete departure from today where trust is mostly one way, and should address the majority of the current challenges we have related to fraud.