One of the biggest challenges faced by IT and security teams is the proliferation of Internet of Things (IoT) capable devices within the workplace.
Despite considerable strides over the past few years, security for these devices remain a constant challenge both for manufacturers and for cyber security teams.
As we look forward to potential solutions, security experts are starting to turn their attention towards biometric security solutions as a way of safeguarding IoT devices, helping to keep their networks secure and limit the potential backdoors that are caused by IoT connected devices.
What are IoT connected devices?
As reported by McKinsey back in 2017, “The Internet of Things (IoT) has the potential to fundamentally shift the way humans interact with the world around them.”
From the distribution of electricity, water and gas to the deployment of emergency services and traffic management, cities are already leveraging the IoT in ways that most of us are unaware of as we go about our daily lives.
Of course, there are other IoT integrations that, as consumers, we are more aware of. Fitness devices, fridges, home assistants and more are all IoT connected devices that help us go about our day to day lives and every day, more and more devices are being fitted with IoT capabilities and herein lies the potential risk.
What are the threats from IoT connected devices?
One of the biggest vulnerabilities that have come about as a result of the IoT revolution is the fact that the total number of access points has increased dramatically. Juniper Research carried out a study that predicted there will be 46 billion IoT devices by 2021, demonstrating the scale and magnitude of the IoT revolution.
Any of these devices, when connected to a home or business network can potentially be targeted by a hacker and if just one of those devices has a vulnerability, the whole network is put at risk.
A big part of the problem when it comes to IoT security is that not all devices are made equal. Whilst many of these devices will come with their own inbuilt measures for cyber security, the reality is that these products are all developed by different companies and brands all with different knowledge bases and abilities to keep their devices secure from cyber threats.
Then there is also the responsibility of the business or owner to keep the device up to date when it comes to patches as these will often include security updates. Many people simply plugin and leave their IoT connected devices and this is when problems and vulnerabilities develop.
That is why businesses are starting to consider biometric solutions as a way of protecting IoT connected devices and improving the security, both at the source and when connected to a home or business network.
What are biometrics?
Biometrics present companies and individuals with an answer to a fundamental security question – how do you ensure a user is who they say they are?
Whilst passwords have become more sophisticated, many people and businesses still leave IoT connected devices with a simple default password which increase the vulnerability of that device.
With biometric technology, a device’s security system can identify a person based on unique personal characteristics which are much harder for hackers to replicate. Biometric security solutions include fingerprint, iris recognition, voice recognition and facial recognition.
Unlike other security measures such as passwords, keys and RFID badges, owners cannot lose biometric markers and they cannot be easily replicated or stolen by hackers. Whilst no security measure is completely safe from hackers, biometrics offer a layer of security within a network that is very difficult for hackers to exploit and one that is often convenient for the end-user.
Biometric security for IoT connected devices
The two most common biometric identifiers that are currently in use in some IoT connected devices are fingerprint and voice recognition.
Voice recognition is perhaps the most familiar as many people now have a home assistant, either in their own home or at the office. These rely on voice commands to function and use voice recognition as a core functionality.
Most of these devices, such as Google Home and Alexa, support the use of voice recognition to access different features, like multi-user profiles.
Fingerprint recognition is one of the most common biometric technologies on the market and also one of the most familiar to users. Many of today’s smartphone devices use fingerprint recognition as a security feature for unlocking the phone as well as applications, however, fingerprint recognition is also being utilised in IoT connected devices. Law enforcement agencies around the world have embraced the use of fingerprint recognition in IoT connected devices and it is a popular choice when it comes to device security.
There are more complicated methods of biometric identification and whilst there is already a wide adoption of facial recognition, we expect the use of facial recognition in IoT connected devices to increase. Facial recognition can be a controversial biometric, however, its uses across a wide range of fields mean it’s a technology that is here to stay. When used ethically, facial recognition is one of the most accurate as well as one of the fastest biometric identifiers.
Advanced forms of biometric identification for IoT devices
Taking things a step further, iris recognition is another biometric identifier that could see more practical applications for IoT connected devices. Whilst iris recognition has typically been a technology saved for science fiction movies, the fact is that it’s a reliable way to identify individuals in a secure way.
One area that can be applied in the workplace is behavioural tracking as a biometric measure. Systems can be designed to track someone’s typing habits for example – measuring the average time between keystrokes and whether specific keys take longer to reach than others. These forms of biometric identification are less likely to be rolled into IoT connected devices than some of the methods already discussed, however, they do present an option to companies who are looking to strengthen the security of their network.
Biometric security for IoT devices in the medical sector
One area of IoT that is growing rapidly is the Internet of Medical Things (IoMT). This sector is utilising IoT technology to improve the quality of healthcare systems and also to add an extra layer of security into a multi-million-dollar sector.
Doctors are able to use IoMT devices to track biometrics to keep track of a patient’s health, even after they have been discharged, without the need for follow up visits. There is already a range of IoT connected smart devices such as watches and other wearables that track biometric information like heart rate or blood pressure and access to this data via secure biometric identification can help doctors to manage patient health without needing to be in the same physical space.
One area where this technology can be really helpful is during the current COVID-19 crisis. With healthcare systems around the world under strain, it makes sense at this time for doctors to consult from the safety of their own home, without putting themselves at risk.
NEC recently worked with a team of Kiwi developers to create an App that can help to monitor the health of patients who are showing the signs of Corona Virus. The NEC iQuarantine app prompts patients to check-in up to three times daily, allowing healthcare professionals to monitor their health directly in the app. Any changes to their health or symptoms are immediately flagged and the patient can be advised on the next steps. The NEC iQuarantine app uses facial recognition in order to accurately identify the patient and moving forward, this app can be applied to a number of different scenarios within the healthcare sector.
Biometrics is the future of IoT security
As you can see, integration of biometric technology to IoT connected devices is already happening and over the next few years, this will continue to grow as businesses look to tackle the potential threats caused by unsecured IoT devices on their network.
At NEC New Zealand, we are a global leader in the field of biometric authentication with our R&D into fingerprint and facial recognition dating back to the 1970s. Our biometric technologies are currently deployed worldwide, and we continue to work on ground-breaking projects such as the NEC iQuarantine app.