In this biometric option, users authenticate themselves by speaking words or phrases and having the vocal patterns matched against those stored in a database.
"Voice biometrics can be a way to replace the knowledge-based questions that banks typically use to authenticate people in contact centers," says Shirley Inscoe, a senior analyst at Aite Group.
National Australia Bank fits this use case. In late November, the bank said it would use voice biometrics to allow customers to access bank accounts by using their voices. It's currently using the technology for call centers, but may eventually extend usage to ATMs. Speaking at a media event in Sydney at the end of November, a representative of the bank said the system saves about three minutes on the phone and reduces the fraud threat. Instead of asking for a password or security questions, the technology, which was developed by Telstra, authenticates users by listening to their voice.
And Wells Fargo uses voice authentication in its wire room to spot people who have committed fraud in the past by comparing incoming callers against a database.
The argument for using eyeballs for authentication is their uniqueness and sustainability. The average iris has more than 2,000 unique attributes that don't change during a person's lifetime. It's also a form of biometric security technology that's been widely used for some time.
Government agencies such as the Department of Defense have used iris scans to identify staff at the Pentagon, and Bank of America has used iris scans to identify staff at its Charlotte headquarters. Many DMVs also use iris scans in their drivers' license centers. Inscoe says iris scans are among the most popular forms of biometrics that she hears about when speaking with banks, along with voice prints and facial recognition.
In this method, the fingerprint is supplanted by the entire palm. One of the big advocates of palm print identification is Intel Labs, which is developing a new authentication model around it.
Intel uses palm print software and a biometric sensor embedded in the computing device to identify the user and the device. That in turn opens up access to social media sites as well as other account-based sites such as banks. The argument is the palm is a better mode of authentication because it's more reliable than fingerprints. And in the case of Intel Labs, the palm is read remotely at a short distance, rather than actually coming into contact with the reader.
In an earlier interview with BTN, Sridhar Iyengar, director of security research at Intel Labs, which will work with service providers over the coming years to incorporate sensors into their technology, said making laptops, smartphones and tablets responsible for identification removes the need for websites to perform authentication via password.
Another form of "hand related" biometrics is signature verification, in which a digital signature executed on a pad is measured and compared to a signature stored in a centralized database, using factors such as speed and pressure on the pen. Other, older versions of "hand biometrics" include users placing their hands on an actual reader, which measures the shape of the hand, such as width and length of fingers.
Computing devices themselves can also be "fingerprinted," which aids in authentication.