Light Dark
March 16, 2018 By Shane Schick 2 min read

A new research study found 86 percent of companies said they’re either using biometric authentication or are planning to do so by 2020, despite concerns about false positives and transparency around vulnerabilities with the technology.

In the report from Spiceworks, which was based on a survey of close to 500 IT professionals across North America and Europe, 62 percent said they’re using the technology today, and 24 percent they would follow suit within the next two years. More specifically, 46 percent said they’re taking advantage of the fingerprint readers built into smartphones and using biometric authentication as a way of giving employees access to applications.

Additionally, a quarter are using it on laptops, and nearly as many (22 percent) were offering the technology on iPads or other tablets. In areas where security is at a premium, such as data centers or server rooms, 11 percent said a fingerprint or iris scan may be the only way to open the door.

Ongoing Concerns With Biometric Authentication

Despite all this traction, less than a quarter of Spiceworks survey respondents foresee biometric authentication being used over manually typed passwords within the next two to three years. In fact, 65 percent said vendors should be more forthcoming about flaws in biometric technology that could be targeted by cybercriminals or internal threats. Nearly the same number (63 percent) believe vendors aren’t being clear about how they’re collecting the data used in their biometric products and services.

One of the biggest fears — expressed by 64 percent of those surveyed — is the potential for a fingerprint or iris scanner to make a mistake and give access to the wrong person. That’s why biometric authentication may be best used as part of a multipronged approach to security, combined with passwords and other mechanisms.

The Biggest Players — So Far

Some of the most popular fingerprint scanners in use by organizations today are made by firms more associated with the consumer market rather than those that focus on safeguarding enterprise data. Apple’s Touch ID was used by 34 percent of those surveyed, whereas Lenovo and Samsung were both cited by 13 percent, followed by Dell and Microsoft at 11 percent.

Until there’s a secure enterprise option, organizations must be diligent in how they roll out — and, when necessary, roll back — biometric authentication. Consumers may appreciate the ease of access with this technology, but security must trump convenience in a business setting.

 |  |  | 
Shane Schick
Writer & Editor

More from

December 23, 2024

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

November 22, 2024

What does resilience in the cyber world look like in 2025 and beyond?

6 min read -  Back in 2021, we ran a series called “A Journey in Organizational Resilience.” These issues of this series remain applicable today and, in many cases, are more important than ever, given the rapid changes of the last few years. But the term "resilience" can be difficult to define, and when we define it, we may limit its scope, missing the big picture.In the age of generative artificial intelligence (gen AI), the prevalence of breach data from infostealers and the near-constant…

November 21, 2024

Airplane cybersecurity: Past, present, future

4 min read - With most aviation processes now digitized, airlines and the aviation industry as a whole must prioritize cybersecurity. If a cyber criminal launches an attack that affects a system involved in aviation — either an airline’s system or a third-party vendor — the entire process, from safety to passenger comfort, may be impacted.To improve security in the aviation industry, the FAA recently proposed new rules to tighten cybersecurity on airplanes. These rules would “protect the equipment, systems and networks of transport…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature