Understanding Wallet Biometric Security

What is Wallet Biometric Security?

Wallet biometric security refers to using biometric security measures as a means of securely accessing a crypto wallet, or approving transactions. This biometric data involved could be a fingerprint, a facial scan, or even an iris scan, which is interpreted by the algorithm to determine that the person accessing the wallet (or approving a transaction) is who they claim to be. It is a common security feature on mobile wallets, due to the in-built biometric scanning systems used by modern smartphones.

Wallets that use biometric security features take advantage of the unique physical traits of a specific wallet user in order to authenticate their access, rather than traditional methods such as passwords, PINS, or having to provide a private key. Biometric security however should not be used to replace these methods, but rather used as an additional security layer and convenient feature. While extremely difficult to achieve, it is possible for biometric security checks to be passed fraudulently. 

Biometric security features are particularly useful for self-custodial wallets, where the owner has control of the wallet’s private key. Added layers of security can be an important means of maintaining access to a wallet in the event that private keys, passwords, or phrases are forgotten by the user. 

How Does Biometric Wallet Security Work? 

Biometric wallet security can be implemented in a number of different ways, either through proprietary solutions or by leveraging existing ones. When a wallet application uses biometric security features on a smartphone, it will typically take advantage of existing hardware such as Apple’s Face ID technology on iPhones. Many laptops also have the ability to scan fingerprints, which wallets with these features will leverage to prove the identity of the person accessing it. 

Biometric wallet security features typically won’t store any data related to the user on chain, as it can pose security risks. Instead, this data will be stored locally on the device running the biometric verification application. When the process is complete, the wallet will receive an authentication token informing it whether the attempt passed or not. This way, the wallet never has to actually host or interact with the user’s biometric data to verify it. It’s important to remember however that the hardware storing this info could also become compromised, but it is still less vulnerable than if this info was stored online.

On a more technical level, this authentication system is known as FIDO2 or WebAuthn, which are both passwordless login standards which can be used by dApps and web 2 applications. Using these standards allows wallets to let users not only sign-in with their biometric data, but use it for interacting with a huge variety of applications. For example, if a user wishes to make a token swap from their wallet, these standards allow the DEX being used to verify it as an authentic transaction without needing to know anything about the user.

What Wallets Have Biometric Security?

Biometric security features offer users both an additional layer of security to their wallet, and a highly convenient method of accessing and using their funds. As a result, many popular crypto wallet solutions implement these features. MetaMask, Phantom, and Trust Wallet, some of the most popular crypto hot wallets, currently utilize biometric login and transaction approval features. Since hot wallets are constantly connected to the internet, biometric security adds another useful layer of authentication to prevent unwanted access. Gemini Wallet also makes use of biometric security features.

Conversely, cold-storage wallets, such as Ledger and Trezor, tend not to use biometric security for accessing funds. Since the wallets exist offline, biometric security doesn’t add a significant benefit. As a physical wallet, the potential for this feature to be abused is greater, as they introduce the risk of someone being forced to give someone access to their funds. However, cold-storage wallets sometimes utilize biometric security features for approving transactions.  As the biometric security technology continues to advance, it’s likely that it will become a necessary security feature, alongside other security practices such as 2FA.

Interested in setting up a crypto wallet that takes advantage of biometric security features? to get started with Gemini Wallet.