Biometric authentication is a mode of online or offline security that relies on a person’s unique physical attributes to verify that they are who they claim to be at the time of access or authorization. Biometric authentication is used to more easily manage access to physical and online assets, for example corporate resources, consumer applications, physical settings and Internet of Things devices.
Legacy biometric authentication frameworks often capture the templates of the user and centrally store them among those of many other persons in a central library, against which a user’s template is matched at the time of access or payment. Newer systems decentralize the biometric templates onto the endpoint allowing the user to match his or her information (e.g. selfie) locally, and then communicate with the online service through tokens.
This latter form of biometric authentication occurs through a mix modern-day mobile device capabilities and public-key cryptography (PKC). In either system once the biometric information on the user is matched against its template or itself, access is granted.
Example:
"Our employees were falling victim to phishing attacks, so our security team enforced the use of FIDO U2F Devices. Since we started using FIDO U2F tokens as authenticators, we've seen a significant decrease in phishing attacks."