Q: What are the differences between code, gesture, TouchID, FaceID and voiceID?
A: Each of these methods can be used to protect your child’s device from unauthorised access. The code, or PIN, is perhaps the most traditional method, consists of entering a numerical code to unlock the device. Gesture-based authentication, often referred to as a pattern lock, requires users to draw a specific pattern on the screen to open the device. In both cases, your child should pick a number combination or a pattern that they can easily remember but that is difficult to guess by strangers. Then there are biometric options: TouchID, FaceID and voiceID. Each of which use the unique features of the user – a fingerprint, a face structure or their tone of voice – as a key to unlock the device. These authentication methods are modern and quite popular for two main reasons: they are convenient (the user does not need to remember any codes or manually enter them into the device), and they are relatively secure. Most biometric authentication options are difficult to duplicate – however, with the development of deepfake and AI technologies, even biometric data, especially voice, can be artificially replicated to gain access to a locked device. Overall, even with biometric authentication, there are downsides to keep in mind. FaceID, for instance, may need good lighting to function. This is why biometric authentication methods are often combined with the more “old-school” options. When biometric authentication fails, your child can still open their device by entering the code or drawing a pattern.
Q: Which of these methods is the safest?
A: It depends. It may be the safest option for your child to create a very complex pattern lock, but it would also be very inconvenient and difficult to remember. In general, it can be said that FaceID and TouchID tend to provide the highest level of security for your child's smartphone. Both methods use advanced technology with a high degree of biometric precision, making it exceptionally difficult for unauthorised users to gain access. Contrary to some people’s fears, it's highly challenging to unlock a device secured with FaceID using a photograph or mask, and attempting to replicate a fingerprint is also exceedingly difficult. Additionally, when it comes to children and biometric authentication, there is also the convenience factor. It can be challenging for kids to remember complex PINs or patterns, so modern biometric options are safer than a simple and not particularly secure gesture or code.
Q: So, are biometric authentication methods totally foolproof?
A: Unfortunately, no authentication method can make the device 100% secure. Why? As with passwords, codes or PINs, biometric data can be stolen if it is unsafely stored, the device is lost, or the data breached. To avoid this, it is important to follow the basics of cyber-secure behaviour, including:
- Always keep the device and its apps updated. Old software versions can be more vulnerable to threats.
- Use safe passwords. If your child uses unsecure passwords on their apps or social media, their data is more likely to become stolen in a data breach.
- Never share the passwords with others. Children may share their passwords with their parents, but they should not freely share them with classmates or even friends.
- Teach your children about safe online behaviour. Your children may not be ready to understand all the intricacies of phishing or malware, but they can – and should – know the basics of staying safe online. For instance, explain to them that when they receive an email urging them to change their password or click a link, they should always consult you before taking any action.
- Download security software. By securing the device by with an anti-malware solution, you add another layer of security and make it even more difficult for cybercriminals to gain access to your child’s data.
Q: How frequently should children change or update their authentication methods?
A: Regular updates of authentication methods were, for a long time, viewed as beneficial for users’ security. However, The National Institute of Standards and Technology (NIST) no longer encourages users to change their passwords periodically. Overly frequent changes in authentication methods can be tiresome – especially for children. So, overall, your child does not need to update authentication methods often. Biometric data such as fingerprints and facial recognition typically do not need to be altered unless there is a significant change in your child's appearance. On the other hand, if you suspect a security breach, or if your child's device is lost or stolen, it's crucial to change passwords, PINs, or any other authentication methods immediately to prevent unauthorised access.
Q: How do authentication methods change in time? Are there any trends we should be aware of?
A: Authentication methods are constantly evolving to enhance security and user experience. Biometric authentication methods continue to improve in accuracy and speed, and are becoming more widespread. Some websites use behavioural biometrics which analyse user behaviour patterns, such as typing speed, touchscreen gestures and mouse movements. This method can provide an additional layer of security and uncover cybercriminal activity before it causes any harm. Biometric liveness detection technologies are also an innovation used to counter deepfake attacks and ensure that the biometric data is from an authentic live source, not a recorded construct. But while these trends are certainly fascinating, they will probably not significantly alter your child’s user experience. However, the not as recent trend of using MFA (multi-factor authentication)can significantly aid their security. What is MFA? As security analyst Neil J. Rubenking explains, “There are three generally recognised factors for authentication: something you know (such as a password), something you have (such as a hardware token or cell phone), and something you are (such as your fingerprint).” MFA is a method used to verify the identity of a user by requiring them to provide two or more authentication factors from different categories, making it more challenging for unauthorised individuals to access sensitive accounts or information. To make your child’s digital experience more secure, it is certainly a good choice to use an MFA. Finally, there is another emerging trend that should not be forgotten – passkeys. These are arguably the future of authentication for websites and platforms, making the login process quick and fairly effortless. A passkey consists of a pair of matching keys in the form of encrypted characters. One is stored on your device, and the other is uploaded to the servers or services you use. When you try to log in, all you need do is authenticate with your device-lock mechanism (such as PIN or FaceID), and the server verifies that the two keys match. If everything checks out, you can log in – without the need to remember any passwords. Learn more with our Internet Matters online lesson on digital Privacy and Security.