The Internet of Things (IoT) is a network of connected physical objects such as electronic devices, vehicles, buildings, and other items that are embedded with electronics, sensors, software and network connectivity, which permits those objects to gather and interchange data with one another.
With IoT, everyday objects that have seemingly no meaningful use other than for their ordinary intended purposes are turned into smart devices that help automate and enhance our lives. In other words, IoT provides direct integration of the physical world with computer-based systems of which the convenience, efficiency and accuracy of the whole system is enhanced.The number of devices connected to the Internet is increasing rapidly due to technological advancements in recent years. This has made the IoT concept particularly popular and some of its representative applications are in smart cities, smart homes, smart cars and smart devices. Undoubtedly, this makes life more convenient but it also comes with increased security risks if not properly secured. Not securing them properly is the digital equivalent of leaving the back door unlocked.Biometrics authentication is a conclusive and logical way to verify an individual’s identity.
It offers better security as it is unique to an individual and not as susceptible to be compromised. As more and more Internet-connected devices find their way into our homes and businesses, it is important to remember that they represent a security risk. In the rush for convenience, our privacy and safety is often an afterthought. User authentication has always been a component of securing networks and data. However, traditional methods for authentication such as passwords are being rendered moot because they present insecurities and inefficiencies that are unjustifiable for the IoT era.The growth of network-connected devices through IoT have created immense benefits to our society as a whole.
However, IoT security has been left behind and have not kept up with the rapid pace of innovation and development. (U.S. Department of Homeland Security, 2016) This represents a huge security risk as we are increasingly integrating network connections into many parts of our lives. The IoT ecosystem introduces risks that include malicious actors manipulating the flow of information which may lead to theft of sensitive data and loss of consumer privacy.
Furthermore, the use of traditional authentication methods for access control like passwords is outmoded. (Guo, et al., 2016) This is because passwords are the riskiest since they could be easily hacked, stolen, lost or forgotten. Moreover, since they are single-layer authentication methods, there is no countermeasures to stop an intruder from unauthorized access of our network-connected devices.
Another problem with using passwords is that most of the time, for their own convenience, users would use rather simple passwords that faces a high security risk. (Liu, et al., 2012) They would also reuse the same simple password across all their connected devices or accounts. Inputting complex passwords is onerous particularly when it comes to mobile devices, and mobile devices are where IoT is flourishing the most.There are some research efforts taken to try and implement a two-factor authentication (2FA) based solution. Two-factor authentication is the combination of passwords along with a second level of protection (usually with tokens) to provide user authentication.
However, it becomes insecure and inconvenient because it relies on the faulty foundation of passwords. (Hossain, et al., 2016) Therefore, a new paradigm is needed because the granting of physical access that IoT brings will be unforgiving to solutions that are insecure and inconvenient. This is where biometrics as a new authentication method would come into play. (Shahim, et al., 2016)