Check someone is who they say they are using their unique physical features, like their fingerprint, iris, face or voice.
Biometric authentication using fingerprints uses a scanner to gather data about a fingerprint, such as the position of ridges or unique marks. To verify a person’s identity, an algorithm checks if the scanned fingerprint matches a previously enrolled fingerprint.
IF thinks that biometric authentication using a fingerprint can be an efficient way of gaining access to data. As with other authentication patterns, there should always be a fallback for when people might be impaired, either temporarily (e.g. wet or damp fingers) or permanently (e.g. missing fingerprints).
- In most consumer devices today, it is not possible to change a fingerprint in the event of a data breach in the same way you can change a password.
- Fingerprint scanners may not work with wet or damp fingerprints.
- Secure implementations of this pattern require additional hardware and software components. For example, Apple’s Secure Enclave or a Trusted Execution Environment on a processor to store fingerprint data separate from other applications on device.
- Enrolling a fingerprint can take time, effort, and a number of interactions. This has implications for user experience, including for accessibility.
Was this pattern useful?