Biometric verification confirms that a user is the legitimate account holder by comparing a live biometric sample to an enrolled template. Modalities include face, fingerprint, voice, and iris. Strong implementations pair liveness detection with presentation attack defenses to prevent spoofs using photos, masks, or recorded audio. Enrollment quality, device capabilities, and environmental conditions affect accuracy, so systems enforce capture guidance and quality thresholds.
Risk based policies apply stricter settings for high value actions or administrator roles. Privacy is critical, with on device template storage when possible, encryption, and minimal retention. Provide recovery paths using re proofing and secondary authenticators in case of device loss.
Combined with passkeys or FIDO, biometrics deliver phishing resistant, low friction authentication for recurring access and step up events.