Page 10 - Cyber Warnings
P. 10







that passive facial recognition can become an invisible, painless step in simultaneous multi-
factor authentication.

The user simply takes a selfie using a security app, and then whenever they turn to look at their
device, the app performs a scan to make sure the right person is in control. The user just does
exactly they would have done anyway, plus one additional security step like a password, PIN, or
fingerprint, and you’ve enacted multi-factor authentication without requiring multiple active steps
to frustrate the device owner.

Of course this means the facial recognition software has to be smart enough to see through a
photograph, but such innovations are already available on the market.



It’s Not About Outrunning the Bear

You’ve probably heard the old joke about two friends being chased by a bear: “I don’t have to
outrun the bear. I just have to outrun you!” A similar principle applies in cybersecurity. If a
hacker has his choice of which system to try and breach, he’s likely to pick the easiest target.

Simultaneous multi-factor authentication is powerful deterrent because it means the hacker will
have to do more work to get in and out unscathed, and a hacker who sees such a system in
place may well decide to seek out softer prey.
And if the barrier to enacting multi-factor authentication is that each successive factor requiring
active participation from the user is more likely to be ignored, at least one factor should require
no participation from the user at all beyond doing what they were already going to do: looking at
their device.

The key to strong security is not an impenetrable system, because impenetrable systems don’t
exist. Strong security should be easy on you and hard on the hackers. With smart facial
recognition technology, at least one easy step for customers and employees becomes a serious
hurdle for criminals.




About the Author

George Brostoff is the founder and CEO of SensibleVision, a technology firm specializing in
Simultaneous Multi-Factor Authentication headquartered in Cape Coral, Florida. He has
founded three successful tech companies, holds seven patents, and grew up working in a family
business. George can be reached at [email protected], on Twitter at
@SensibleVision, and at SensibleVision.com.







10 Cyber Warnings E-Magazine – May 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   5   6   7   8   9   10   11   12   13   14   15