Not long ago, a phone was mainly used to make calls, send text messages, or play pre-installed Snake games. But with so much of our daily activities now depending on smartphones, it’s more important than ever to secure our devices.
Thankfully, there are several authentication methods to unlock your phone. Along with PIN codes and passwords, smartphone manufacturers have introduced biometric authentication methods, such as facial recognition, fingerprint, and iris scanning, to give users a faster and more convenient way to access their phones.
However, not all authentication methods offer the same security and convenience. So which one provides the best security for your network and devices?
The 5 Main User Authentication Methods
The sole purpose of user authentication is to ensure that only the right people have access to the right resources. It verifies a user’s identity, which is the first step in securing data and devices. Here are the five most common methods used to unlock modern systems.
1. PIN
A PIN or passcode is the most common security option available on most devices. It’s a combination of numeric characters, often four to six digits in length, depending on the phone’s operating system. Many users prefer PINs because they are short and can be entered quickly using the keypad.
A major drawback of using a PIN is that it requires users to memorize the code. This is why most people end up using PIN codes that are easy to insert and often easy to guess, such as birth dates. Security research on PINs by Ross Anderson confirms that most users choose PINs that represent dates, student IDs, phone numbers, or repeated digits, which are not hard to guess.
Pros
- Short and easy authentication method.
- Better user experience.
Cons
- Slower unlocking compared to other authentication methods.
- Requires users to memorize numbers.
- Recovery can be hard if you forget the PIN.
- Often predictable.
2. Password
Password-based authentication is another common unlocking option. Passwords are lengthier than PINs and can include letters and symbols. But similar to PINs, people often create guessable passwords with publicly available personal information and dictionary words. Furthermore, 61 percent of users reuse the same password on multiple websites, so a single password compromise can render several accounts vulnerable.
While many would think passwords are safer than PINs, they are not. The hassle of entering long strings of numeric and alphanumeric characters through a small keypad can lead users to simplify passwords. This leaves their accounts vulnerable to keylogger attacks, dictionary attacks, brute force attacks, and more.
Pros
- More secure than a PIN.
- Improved user experience.
Cons
- Easy to guess.
- Slower unlocking.
- Password recovery can be as hard as a PIN recovery.
3. Fingerprint
Fingerprint recognition is a secure authentication method that provides quick access to a device. The sensor looks for specific characteristics of your finger, such as the ridges and bifurcations of your fingerprint.
The performance of the sensor depends on its quality and placement on the phone. Quality, in this case, refers to the speed and accuracy at which the sensor reads your finger. As for the sensor placement, there is no one-size-fits-all fingerprint sensor position. Phones come with front, rear, and side-mounted fingerprint sensors, but I prefer in-display sensors.
Fingerprint recognition trumps PIN- and password-based authentication methods in terms of security. It isn’t easy to hack a fingerprint scanner, and recent developments in scanning technology have further improved its security.
But the technology is still not perfect, and every manufacturer allows some margin of error. The higher this margin, the easier it is to cheat the system. Hackers have developed a number of ways to get past fingerprint security. These include using masterprints, forged fingerprints, or residual prints that users leave behind on the scanner or other items. A few years ago, a hacker managed to fake fingerprints of a German minister using photos of her hands.
Another drawback of this authentication method is the issue of failures. Scratches, dirt marks, fingerprint mutilation, and heat marks on the screen can cause recognition issues.
Additionally, unlike passwords, you can’t change your fingerprints once they get compromised. For better security, we advise using fingerprint recognition together with another authentication method.
Pros
- Fast and convenient authentication method.
- Safer than PIN and password.
Cons
- Fingerprints can be replicated.
- Fingerprint distortion can cause failures.
- Higher recognition issues compared PIN- and password-based authentication.
4. Facial Recognition
Facial recognition arrived on the Android 4.0 operating system, also called the Android Ice Cream Sandwich version. It uses the front camera of the phone to take your picture and use it as a baseline to unlock the phone.
Apple devices use a similar authentication feature called Face ID, although the technology behind it works slightly differently. Face ID works by 3D scanning your face, making the method more secure. Apple claims there is only one in a million chance to fool the system.
Technology remains facial recognition’s biggest drawback. Comparatively fewer devices support this feature, and those that handle facial recognition have a slightly higher price than devices without facial recognition features.
Another major problem with facial recognition is that varying lighting conditions and facial changes, like aging, can impact the scanner’s readability. For some devices (though not those using Apple's Face ID), the front camera needs ideal lightning to be able to take a clear picture of your face. Moreover, some sensors can also be fooled using users’ photos. Similar to fingerprints, once facial recognition is compromised, it’s compromised for life.
Pros
- Fast unlocking method.
- It doesn’t require memorizing codes and passwords.
Cons
- Light effects and facial changes can cause failures.
- Screen orientation and distance from the camera can impact readability.
- The scanner can be fooled by user’s photos or sometimes familial similarities.
5. Iris Recognition
When using iris recognition, the reader scans unique characteristics of the eyes and encodes them for searching and matching. It’s different from retinal scanning in a way that it only scans the surface appearance of the eye. Iris recognition is performed using a specialized camera that uses infrared light to measure the unique features of the iris that are imperceptible to the human eye.
Iris recognition doesn’t require physical contact with the sensor, making it less intrusive than other touch biometric methods. Since it uses infrared light, the scanners can work in any setting and lighting condition. Furthermore, the iris doesn’t change with age, so its false rejection rate is less compared to facial recognition.
Iris scanning is the most secure authentication method, but it still isn’t perfect. It has trouble distinguishing between live and dead tissue and may match against your eye, whether you’re conscious or unconscious.
Pros
- Safer than other authentication methods.
- The false rejection rate is the lowest.
- Iris scanners can work in any setting and environment.
Cons
- Iris scanners are costly compared to other biometric devices.
- Distance from the scanner can affect readability.
- Having your eyes scanned in a particular position can cause discomfort.
What Is the Most Secure Authentication Method?
Facial recognition, fingerprint scanning, and even iris scanning are secondary security methods. They are currently not safe enough to be used as the sole authentication method to secure your device. This means you’ll have to use multi-factor authentication (MFA) to maximize your protection.
That's why, for instance, Apple's Face ID also requires you enter a passcode in certain situations, including when you turn your device off then on again.
Nonetheless, for most people, a combination of two factors, i.e. PIN and facial recognition, should be adequate to secure your smartphone or tablet.