October 6, 2022
HODL on! Can biometrics strengthen cryptocurrency storage?
By Aida Hosseini
By Aida Hosseini
The use of cryptocurrencies is growing and diversifying. Once the open secret of a select group of tech-savvy users, many are now being drawn to the transactional freedom of BTC, ETH and a host of other altcoins and tokens.
Cryptocurrencies are typically associated with the (decentralized) movement of high volumes and high values of transactions, making it an attractive target for attackers. Work is being done to secure it against unique vulnerabilities like crypto clipping, but questions are still raised about how to securely store this digital value to prevent unauthorised access.
Limitations of exchanges & wallets
The three main ways to store cryptocurrency – exchanges, hot wallets and cold wallets – are secured with a private key, a string of letters and numbers (like a password) which allows a user to access and manage their cryptocurrency funds.
Most will be aware that since hot wallets and exchanges are connected to the internet and the custody of the private key is managed by the exchange, they’re more susceptible to unauthorized access and cyber-attacks. Hot wallets stay connected to the internet but are self-custodial so only the owner possesses the private key. Cold wallets are generally considered the most secure of these options as they’re isolated from the internet and self-custodial. But what happens if someone loses or forgets their private key? Regaining access is near impossible. Or worse, what if their credentials become compromised through the likes of phishing scams and data hacks?
In December last year, hackers were able to drain $196 million of cryptocurrency from a crypto exchange by stealing a private key that opened two hot wallets. Compromised private keys are all too common – from large data breaches and malware attacks to the blockchain bandit’s guesswork.
Could biometrics help keep crypto on ice?
Biometrics have changed the way people access and authenticate themselves in many aspects of their daily lives, from unlocking their phone to ordering products from Amazon’s Alexa. Using unique physical characteristics to authenticate a user provides extra security without sacrificing convenience in an increasingly connected world. Now, as cryptocurrency becomes more popular, there’s an opportunity to consider how embracing biometrics at scale could positively impact the crypto ecosystem.
Cryptocurrency, like the smart home or the smart workplace, can benefit from the security and convenience offered by biometric authentication at the access point. For its users, biometrics will enable them to migrate from relying on PINs and passwords, which are just as easily compromised in the crypto ecosystem as they are anywhere else.
When considering how to integrate biometrics and cryptocurrency, from a hardware point of view, it doesn’t require the reinvention of the wheel. Instead, device makers can leverage the progress made in logical access to bring biometrics to a combination of hot and cold wallets. It is worth noting that biometric authentication is already widely used, enabling users to log in to their crypto exchange apps.
The key to securing cryptocurrency access
The move to introduce biometrics into crypto wallets is already in progress with some of the biggest names in the ecosystem evaluating and deploying the technology as it can strike the right balance between security and convenience for crypto HODLERS.
Having pioneered the world’s first integration of a sensor into an Android smartphone, Fingerprint Cards has always had a relentless focus on improving the quality and security of strong authentication through R&D. The result? Our technology has now been integrated into more than 600 smartphone models, helping users in every corner of the globe to live and work, smarter and safer.
Because of this, adoption of biometrics has diversified, and our solutions are now protecting payment card holders’ financial information in 30+ biometric payment card pilots and commercial roll outs globally, physical and logical access control in more than 100 applications and devices and 40+ PC integrations. That’s more than 1.5 billion sensors in all.
“Vendors of access cards, USB tokens and other access control devices around the world are working to find the best way to add secure and convenient passwordless multi-factor authentication to their solutions. Using biometrics for logical access control brings a reliable and consistent user experience, and limits the potential for attacks through strong resistance to spoofing and presentation attacks.” - Jonas Nilsson
With each integration, we learn and develop. This brings innovation in the size, shape and coloring of the sensors to enable design freedom for the device manufacturer. New and even more rigorous qualifications and certifications like Visa, Mastercard, FIDO, Windows Hello and more. And algorithmic developments such as anti-spoofing measures, the ability to fit inside a single chip, processing speed and more.
Biometrics can bring stronger authentication to cryptocurrency storage, helping OEMs and service providers to offer robust and consistent user experiences and strengthen security.
Learn more about the technology that’s enabling secure, unified access control that’s portable across uses from logging onto shared PCs and accessing VPNs through to restricted spaces throughout the physical and digital estates, on our website.