Industry’s giants – Paypal, Intel, Lenovo and Synaptics – announced that they have joined forces to bring fingerprint authentication to PC consumers.
In a joint statement, Paypal, Intel, Lenovo and Synaptics said that the ultimate goal of the multi-company collaboration is to enable Lenovo customers to make online payments with services like PayPal using fingerprint authentication instead of a password.
To make this goal a reality, Intel will offer its 7th Gen Intel Core processors with Intel Software Guard Extensions (SGX) – a hardware-protected biometric authentication that will secure the biometric information and credentials of users.
For its part, Synaptics will offer its Natural ID™ fingerprint sensor – an enterprise-level security with TLS 1.2 encryption and anti-spoofing algorithms.
Johnson Jia, senior vice president for PC & Smart Device Business Group at Lenovo, said, “We’re excited to be the first PC company to partner with Intel, PayPal and Synaptics to bring users simpler and safer online authentication based on the released FIDO standards, through fingerprint readers designed for improved security on our laptops starting with the Yoga 910 convertible.”
Bill Scott, vice president for Identity Product and Engineering at PayPal, said, “Security has always been a priority for PayPal, and we are committed to offering our customers secure, password-less authentication options leveraging FIDO standards.”
Dangers of Using Passwords
According to Paypal, Intel, Lenovo and Synaptics, while identity authentication has long been the domain of passwords, these have become “less safe to use without security factors in today’s digital world.”
Yahoo recently revealed that half a billion of passwords were stolen during a 2014 breach.
Based on the 2016 data breach report released by Verizon, 63% of confirmed data breaches involved the use of default, weak or stolen passwords.
What is FIDO authentication?
Established in 2012, FIDO (Fast IDentity Online) Alliance, is a non-profit organization that aims to address the need of interoperability among strong authentication devices. The organization provides authentication standards across industries and applications.
FIDO members include Aetna, Alibaba Group, American Express and Google.
With FIDO authentication, the user only needs to do any of the following:
• Touch something (fingerprint sensor, security key, wearable)
• Look at something (iris scan, facial recognition)
• Say something (voice recognition)
In a statement, FIDO said:
For security, FIDO uses public key cryptography and is strongly resistant to phishing, while user credentials and biometric templates are never stored on servers and never leave the user’s device.
“When we started tackling the password problem, we knew that our solution first and foremost would have to be based on proven security to stop the ongoing onslaught of data breaches,” Brett McDowell, executive director of the FIDO Alliance, said in a statement.
In addition to the security aspect, the executive director of the FIDO Alliance said that it is also important for users “to actually want” this other type of authentication method.
As of 21 September 2016, the organization announced that more than 250 products from global technology leaders have been certified by FIDO. The alliance certified the iris scanner of mobile phone maker Fujitsu. FIDO also certified the fingerprint scanners of mobile phone makers Sharp and Sony.
Images from iStock and Shutterstock.