Researchers from the University of Surrey claim they have come up with an authentication system to end all systems. Pronounced Pass Infinity, Pass∞ can replace word-based systems with a combination of biometric authentication actions and more, allowing users to decide which security method suits them best #biomagic
The technology, developed by the Department of Computer Science’s Dr Shujun Li and PhD student Miss Nouf Aljaffan, allows users to check their identity using their eyes, face or fingerprints. But there’s more. The all-in-one can combine those biometric authentication methods with written passwords, picture selection, a selection of points on a picture, a specific drawing or styling some characters.
Pass∞ developers say that it’s backward-compatible with existing computer systems. In atechnical terms, it’s easy to implement on any computer system with little or zero alterations to the current infrastructure. If it’s deployed at the client side, it can be used as a manager of passwords or as a browser extension. On the other hand, if it’s implemented at the server side, end users can decide which biometric methods to use and how to combine them.
This is a great discovery since it reinforces the idea that multi-factor authentication systems shouldn’t be treated as a whim but as the only secure way to keep your data private. Unfortunately, you’ll have to wait a while until Pass∞ is patent approved and commercially available.
Until it becomes functional and cost effective, your best bet is two-step authentication systems that several companies are offering now, including FotoNation. A combination of iris scanning with liveness & spoof detection and facial recognition for mobile payment, for example, is two times more secure than a fingerprint authentication system and incredibly more safe than a text-based password.