Story image

Gartner: Smartphone biometrics coming to the workplace

14 Feb 2019

By 2022, Gartner predicts that 70% of organisations using biometric authentication for workforce access will implement it via smartphone apps, regardless of the endpoint device being used - in 2018, this figure was fewer than 5%.

Lower costs and improved user experience/customer experience (UX/CX) are fueling this increasing interest in biometric authentication.

“Security and risk management leaders responsible for identity and access management (IAM) and fraud prevention continue to seek approaches for identity corroboration that balance trust and accountability against the total cost of ownership and UX/CX,” says Gartner research vice president Ant Allan.

“Biometric authentication uses biological or behavioural traits unique to each person and offers better UX/CX and accountability than other common methods. Implementing this via smartphone apps provides more consistency in UX/CX and is technically simpler than supporting it directly on a variety of different endpoint devices.”

Midsize and large organisations looking to implement biometric authentication via smartphone apps must be aware that biometric approaches that can be readily supported on any smartphone are vulnerable to presentation attacks or ‘spoofing’ using photos, videos, voice recordings, and so on. 

Therefore, presentation attack detection or ‘liveness testing’ is essential.

Gartner predicts that, by 2022, 40% of global midsize and larger organisations will use IAM capabilities delivered as software as a service (SaaS) to fulfill most of their needs - up from 5% in 2018.

SaaS-delivered IAM is often deployed to enhance access management software implementations. 

The ease of implementation and rapid time to value of SaaS-delivered IAM offerings have proved valuable to organisations that favour SaaS adoption and do not consider the operational management of IAM functionality core to their business.

“Based on our client interactions, most SaaS-delivered IAM purchases are for access management and lightweight identity governance and administration functionality, such as single sign-on,” says Gartner associate research principal analyst Abhyuday Data.

“These offerings provide excellent connectivity and include solid access management and password management features. B2B and B2C are the most established use cases with matured access management capabilities.”

The steady movement of applications to cloud and mobile architectures is also influencing adoption. 

The combination of functional offerings that are configured, rather than customised, and modern application architectures is causing a substantial portion of the market to adopt SaaS-delivered IAM.

“Organisations looking to use SaaS-delivered IAM should first ensure they have established satisfactory and well-supported traditional IAM software stacks. They then need to consider SaaS-delivered IAM once functional needs are met and the organisational benefits are realised,” says Data.

Interview: What you can expect from LogicMonitor's APAC expansion
LogicMonitor is a provider of SaaS-based infrastructure monitoring software for hybrid IT environments – and it has big plans to shake up Asia Pacific this year.
Cryptomining apps discovered on Microsoft’s app store
It is believed that the eight apps were likely developed by the same person or group.
A multi-cloud approach - what is in it for me?
OVH CEO Michel Paulin explains the benefits of a multi-cloud approach to an organisations digitalisation and what to consider before implementation.
Why the IT service integration market is becoming highly automated
"The SIAM market is not large, but it is one of the fundamental pillars of every digital transformation strategy."
Intel and Rakuten partner to address 5G network gap
“We believe this full end-to-end virtualised network will help us to shift away from reliance on dedicated hardware and legacy infrastructure.”
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
HCL and IBM collaborate to encourage global hybrid cloud uptake
HCL announced a collaboration with IBM designed to help advance the hybrid cloud journeys of organisations worldwide. 
Robots to the fore – Key insights for New Zealand Business into RPA in 2019
From making artificial intelligence a business reality to closer ties to human colleagues, robotic process automation is gearing up for a strong 2019.