Survey: Mobile app developers see biometrics as top security option

UAE – A new Evans Data survey of mobile application developers finds that security is their top concern and biometrics authentication is their primary method for providing security and privacy of applications and users.

Biometric authentication involves the use of various aspects of human physiology or behaviour – such as fingerprints, retinal scans, voice and more – to provide access to systems.

According to the survey, 36% of respondents selected biometrics authentication as their preferred method of security, followed by on-device hardware encryption (25%), Near Field Communication – (NFC) based authentication (18%), and on-device software encryption (14%).

Biometrics ease of use appeals to developers

“Although biometric authentication isn’t new technology, it’s still considered the best form of authentication by mobile developers,” Janel Garvin CEO of Evans Data, said in a statement. “Iris scans and facial recognition have more novelty, but fingerprint scans are easier for the user and thus appealing to the developer.
“The Evans Data study also found that 39% of developers believe the application layer is most important in securing mobile applications, followed by 28% of respondents who said that securing the mobile operating system is most important. Yet the survey also showed that developers would most likely pursue data encryption as the primary method of securing data on devices.
This most recent survey, a poll of developers actively building mobile apps, was conducted in July and covers a range of topics related to development for mobile devices, including development environments, tools and software development kits (SDKs), mobility in the enterprise and cloud, security, targeted platforms by region, application, type and features.

Biometrics versus passwords

Although the Evans Data Survey found that developers view biometrics as the preferred method of securing mobile apps, analysts at CEB, a best practice insight and technology company, challenged the efficacy of biometrics versus plain old passwords.
Jeremy Bergsman and Daria Kirilenko of CEB said in the media recently that their research shows that only about 20% of firms have actually deployed biometrics. “A big reason for low adoption could be that they are less secure,” the article said.
Moreover, the article notes that CEB data shows that 50% of organisations have not evaluated biometrics for their business and of those that have, only 16% are planning to deploy them in the next two years. The CEB team maintains that biometrics will be easier to hack than passwords.
“Not only are they subject to all the current attacks that work when hacking passwords, but biometric data was never designed to be secret,” the CEB team’s article said. “Most people make sure not to divulge their passwords, but it’s difficult to imagine a world where everyone wears gloves constantly to avoid leaving fingerprints.”
The article also notes that stolen biometrics have greater repercussions for users than stolen passwords because biometrics reveal uniquely personal information about a user’s identity. Bergsman and Kirilenko also downplayed biometrics because biometric-based authentication lacks revocability.