Many organizations interested in promoting the security of information online or in company databases have begun recommending a dual authentication procedure. In this type of protocol, a password alone is not enough to gain access. Instead, access is granted based on two factors, one of which must be something you ‘have’ instead of something that you merely know. An ATM card combined with a password, for example, would represent dual authentication.
One of the most powerful factors available for dual authentication procedures, however, is not a physical card that can be stolen, but something associated with your body. Biometric techniques such as scanning a fingerprint or even a face can address the need for a highly secure authentication factor, but facial recognition programs in particular are becoming a contentious issue in Congress, where Senator Jay Rockefeller has expressed concerns about the technology's probable uses.
Facial recognition programs can allow for online searches based on an image, and this raises privacy concerns. However, the technology could also be used to make sure that entry into a secured area was only granted to authorized individuals. The same would be true for access to a database filled with customer or employee data.
As this technology and the laws surrounding it continue to evolve, businesses interested in using facial recognition or other biometrics in their dual authentication systems should work closely with an IT consulting firm that can stay abreast of all the issues related to implementation and use.