Hoyos Labs Wants to Kill the Password with Biometrics… And Your Face
Biometric innovators are hoping to change the standards of security, and your beautiful face is the most important part of their efforts.
New York-based Hoyos Labs unveiled a free mobile app that utilizes the device’s camera to analyze the user’s face as a security measure at CES. HoyosID, as it’s called, will measure facial topography, muscle movements, and irises in order to ensure you are who you say you are. It can be used for example, to unlock smartphones, computers, and approve transactions.
Retailers, banks, and other financial service providers can lease servers from Hoyos Labs for large-scale authentication. These servers send out keys to authenticate users and never store data. If someone wanted to steal payment information for instance, they would need to attack the mobile device directly, which would theoretically be costly and inefficient.
Forbes attempted to break HoyosID but there are safeguards in place to prevent the most obvious of efforts. Something like holding a picture of a user’s face to the camera won’t work, since there is no topography (2D images won’t cut it). Modeling someone’s face won’t work since there is no facial movement (the user must be alive). HoyosID distinguishes the distinct differences in irises, so your evil twin won’t be able to steal your identity.
As for business applications, HoyosID may be a worthy replacement to anything that’s currently using passwords as standard protection. It may be used by banks to allow customers to carry out mobile banking by logging in with their face. It may also allow for merchants to checkout customers biometrically, similar to what PayPal was testing last year.
While this may seem more secure, will consumers be ready to embrace biometric security? After all, Apple’s new iPhone, with its fancy fingerprint reader was cracked in two days.
If we’ve learned anything, it’s that no obstacle is ever impenetrable. If this proves successful, biometrics may take off as a worthy successor to passwords and PINs, and provide maximum security for minimum effort for the end user.