Editor's note: 3D biometrics is already a requirement for the modern mobile technologies. Read on to learn why it is more powerful than 2D biometrics and feel free to contact ScienceSoft for professional application development services.
Since its appearance on the mobile market, biometrics has been expected to introduce a higher level of security than that offered by passwords, patterns and PINs. iPhone and Sony fans have already appreciated the capabilities of this technology after the introduction of Touch ID – a momentary unlock triggered by a fingerprint. Yet now, when many are hooked on the feature, mobile manufacturers claim 2D biometrics to be insufficiently secure and are headed towards 3D verification based on complex image analysis instead.
Why 2D biometrics isn’t enough
Various types of 2D biometrical scanners on mobile devices target various parts of the body, from fingerprints and eyes (iris or retina) to an entire face. A few years ago, this type of technology sounded like something straight out of science fiction and was believed to guarantee top-notch security. Yet, as other technology sectors have been evolving too, without any ill intention they’ve paved the way to a hack for these sophisticated biometrical locks.
Today’s photography provides high enough quality to capture all the details necessary for scanners to analyze a sample and match it with the one stored on the mobile device. So be it an iris or a finger, the pattern can be captured clearly: any face-capturing faults are all the more so out of the question. A pattern can then be printed out and, with the help of some easy-accessible materials (a transparent contact lens for an iris and glue/plaster for fingerprint printouts), turns into a biometrical ‘lock-pick’.
Mobile 3D face recognition pioneers
In summer 2017, Apple got surrounded by rumors about its Touch ID feature soon being replaced with 3D face recognition. Although first the company’s representatives declined to comment on the subject, it was later confirmed that Apple is indeed doing serious research based on its patent app. The app is capable of detecting a user’s face, as well as its movements and skin tone, even when the device is in sleep mode. There’s no telling whether the research will be finished by the time of a new iPhone release or not, but the results are to have large impact on future Apple products anyway.
(Update 12/09/2017 : Now that we have an iPhone X release date, it's clear that Apple made it in time.)
The dust from the Apple’s announcement hadn’t yet settled as Sony and their partner KeyLemon presented a demo of 3D face authentication at Mobile World Congress in Shanghai. KeyLemon spokesman explained that their scanner creates a 3D depth map that analyzes non-frontal face parts too, so it’s impossible to trick with a 2D photo. Unfortunately, for legal and business reasons, there’s a high chance US users won’t get to see this feature on Sony phones – just like they didn’t get their hands on fingerprint identification, literally.
Desktop 3D biometrics is already on the market
Using an attachable camera with 3 lenses, Microsoft’s Windows Hello creates a 3D projection of the user’s face and can recognize them from about 0.5-4 feet distance. The camera’s compact, but still is attachable, because it didn’t fit in the company’s Surface laptop a few years ago. Needless to say, Microsoft didn’t see any point in trying to implement 3D recognition on their mobile phones (although their mobile app development team did try to create a 3D Capture scanning app). Perhaps now that Apple and Android device manufacturers are taking a step forward.
It isn’t that 3D biometrics is absolutely secure. A three-dimensional printout is technically possible too, and it has already helped Michigan police to create a fingerprint sample and unlock a murder victim’s phone. Still, 3D printing is definitely not so easy to access, so as long as 2D printing remains more ubiquitous and advanced, 3D biometrics authentication will remain more secure.
As seen from this overview of RiskIQ’s mobile security report, mobile users aren’t fully aware of how close the danger of getting a device hacked is to us all. Still, judging by the attention new authentication technologies receive, there’s hope that people aren’t just in it for the gimmicks and look out for more security measures out of their deep understanding of existing security risks.