Brett Beranek, vice-president & general manager, security & biometrics at Nuance Communications, discusses how biometrics can protect cryptocurrency wallets
With investment in Bitcoin continuing to rise, security needs to be highly considered.
Bitcoin is never far from the news agenda. In recent months, valuations have soared and its price hit an all-time high this fortnight, taking it above £34,000 for the first time in its history. To put that in perspective, Bitcoin has now overtaken both Facebook and Tesla to become the ninth most valuable asset in the world. Needless to say, investors will be keenly monitoring the situation, as well as businesses and individuals who’ve stockpiled the cryptocurrency in their wallets.
However, the headlines surrounding Bitcoin aren’t always positive. Take the story of Stefan Thomas as an example. In 2011, the US-based programmer was gifted 7,002 bitcoins, worth $2-$6 each. He stashed them away in an anonymous digital wallet and they’ve since become worth over $220million. The problem is that Thomas has forgotten the password to unlock this fortune, leaving it all but lost in the ether.
Whilst extreme, this case is far from being the only of its kind. The all too familiar phenomenon of forgotten passwords has haunted humans for generations. For businesses and individuals choosing to invest in a cryptocurrency, forgetting your digital wallet password isn’t just inconvenient — it could cost millions.
The traditional password has had its day
Access to cryptocurrency wallets has traditionally been controlled and managed by passwords and other knowledge-based credentials. Yet time and time again, it’s being proved that these methods – which have long been considered the hallmark of authentication – are no longer fit for purpose. They are inconvenient for the user, with two in five (38%) individuals forgetting a password at least once a month and having to reset or request for it to be resent. They also create an easy target for fraudsters looking to steal cryptocurrencies.
The fraud landscape has opened up in recent years, with malicious actors constantly phishing for personal information over email, phone, text or in-person. As a result, PINs, passwords and challenge questions often fall short when it comes to security. Whether it’s your address, your mother’s maiden name or a special date, nothing is untraceable. In fact, these credentials can often be purchased online by fraudsters.
What to know about user authentication and cyber security
What’s more, inadequate measures like One Time Passwords (OTP) via SMS, give a false sense of security but do not represent an effective way to stop ID theft and account takeovers. In fact, they leave individuals and businesses wide open to SIM swap attacks. For example, a few years ago, tech investor Robert Ross lost just shy of $1M in less than one hour at the hands of a fraudster, who managed to convince a support agent to change his phone number to a new SIM. Once in possession of the number, the fraudster requested password resets on Rob’s email and financial accounts and every one-time password was sent to the perpetrator’s device. This gave the fraudster total control, enabling them to gain access to multiple accounts and steal Rob’s life savings.
A reliance on these traditional means of authentication is costing individuals, businesses and the economy. This is why it’s time for cryptocurrency exchanges and digital wallet providers to rethink how they safeguard their customers.
A golden age in authentication
Enter biometrics. A more powerful and effective alternative to passwords and PINs, these technologies could provide an answer for the cryptocurrency password dilemma; bolstering security and stopping potential fraudsters in their tracks, without the need for users to remember any information at all.
Voice biometrics, for example, uses sophisticated algorithms and artificial technology to analyse more than 1,000 voice characteristics – from pronunciation to size and shape of the nasal passage. Using it could not be more convenient with an individual simply needing to say a short phrase – for example, “my voice is my password”. Each human voice is as unique as a fingerprint and so this type of technology can be used to validate whether someone is who they say they are immediately based on how they sound.
Will biometrics replace passwords, or complement them?
Passwords are not on their way out altogether but biometrics, multi factor identification, layered security, biometric password vaults and a host of other options mean that authentication rather than just passwords are the future. Read here
Another protective layer often added on top of voice biometrics is behavioural biometrics. This measures the most minute details – such as how an individual holds their phone, how they type and even whether they pause once they finish a task – in order to create an expected profile and identify a person. Systems that incorporate biometrics – alongside other technologies such as multi-factor authentication, end-to-end encryption and public key infrastructure – are considerably less susceptible to fraud attacks.
With cryptocurrencies such as Bitcoin playing an increasingly influential role in the payment ecosystem, protecting and securing them has never been more important. Businesses and individuals who choose to invest need a convenient and secure way to access their digital wallets, and traditional passwords no longer fit the bill. Biometrics could provide a solution by authenticating individuals immediately based on their unique characteristics. By diminishing the risk of both password loss and password theft, these technologies could save those investing in Bitcoin millions.