Achieving a digital identity that closely mirrors our physical identity is key to effectively safeguarding digital environments. However, according to Juan Pablo Yagüe, Global Head of Strategic Partnerships at Serban Group, this goal is unattainable with the use of passwords.

During the B-FY Pulse event, Yagüe emphasized that this is why biometrics, as an authentication factor, plays a crucial role in unmistakably identifying individuals and safeguarding our digital identity.

Serban Group is a Spanish company with 20 years of experience in IT architecture, biometrics, and digital identity. Currently, it serves over 180 clients in more than 20 countries, with the majority located in Latin America.

Recently, Serban Group and B-FY entered into an agreement to promote the implementation of B-FY's Identification-as-a-Service (IaaS) solutions. This partnership signifies recognition for B-FY from a well-established company specializing in comprehensive architectural models that combine disruptive and traditional technologies.

Passwords, the most vulnerable formula

Over the past four years, cyberattacks have doubled, and they are expected to double again in the next two years, explained Yagüe. He added that 80% of these attacks occur due to improper password usage.

Regarding the economic impact of these attacks on companies, particularly in the financial sector, he noted that it is highly concerning, with an average cost of $18.5 million per attack.

"We have more than 50 or 60 digital identities across different environments: for payments, purchases, car usage, etc. These identities that we manage daily have different roles and data. However, the problem is that, being data, they are manipulable. Therefore, that digital identity is exposed to hackers who can impersonate us," Yagüe explained.

He also mentioned, "As we are not capable of remembering all the passwords, we reuse about 51% of them." All these factors contribute to the vulnerability of the username and password formula.

Biometrics, secure authentication

Biometrics is an element that, unlike data, can uniquely and securely identify us. In other words, it refers to specific traits that distinguish us. Examples include the dynamic signature, which captures signature dynamics; typing style, a form of biometry in itself; and other static elements such as DNA, fingerprints, facial recognition, voice, and palm prints. These static and dynamic characteristics enable precise identification.

Biometrics can be classified as static and dynamic. Static refers to fixed characteristics like DNA, which is very secure but inconvenient to carry. Then there are elements like fingerprints and facial recognition that are static and can be spoofed if not properly verified.

On the other hand, dynamic or gesture-based biometrics, like the dynamics of signature or typing style, require some kind of action. While not as dynamic as us, they still need an action to authenticate.

Dispelling myths and doubts

Juan Pablo Yagüe explained that there are several myths and doubts surrounding biometrics: "Some people believe that biometric data can be stolen. However, these data can be protected by following regulations like GDPR. Solutions like B-FY avoid storing biometric data and rely on the biometrics already present in our devices," he points out.

Another myth, he says, is that biometrics can be intercepted. However, when biometrics are used on a device with solutions like B-FY, which doesn't store biometric data, the data never travels out of the device, enhancing security.

Regarding the belief that biometrics can be impersonated, he explains that biometric technology is designed to prevent impersonation through anti-spoofing techniques, such as avoiding the use of photos or recordings.

Lastly, concerning whether biometrics is intrusive, Yagüe clarified that many people already use biometrics in their daily lives, like using fingerprints to access their phones or apps on them, without feeling that it's intrusive.

Usage and complexity of biometrics

Biometrics' usage is common nowadays and not complex. It's used for various everyday activities like making payments in a store or unlocking a mobile phone, Yagüe affirms.

He further explains that there are differences between biometric identification and authentication: "Biometric identification involves finding a biometric pattern in a database to recognize a person. Biometric authentication, on the other hand, refers to verifying whether a biometric pattern matches the one registered for a specific person." This is crucial to understand execution speed in different situations.

In summary, Yagüe points out that biometrics has become an important part of digital identity, used across various sectors. "B-FY is a solution that eliminates the need to store biometric data, leveraging the existing patterns on mobile devices," he concludes.