Using Mobile Device Biometrics for Authenticating First Responders

Executive Summary

Public safety organizations (PSOs) face technology challenges that hinder their ability to accomplish their missions. A report from 2015 explained one of these challenges:

“In the explosion of technology supporting public mobility and ubiquitous connectivity, law enforcement, justice, and public safety agencies have been left behind: great difficulty still exists in making the connection to the last mile…the police officer, deputy sheriff, firefighter, and paramedic in a vehicle or in the field. These professionals—our colleagues—need immediate access to critical information from the wide variety of systems technology available (particularly portable computers, tablets, and smartphones) to make the best possible decisions and protect themselves and the public. Hand in hand with access challenges is the imperative to ensure robust internal controls on security […].”

To address these challenges, all PSOs need to improve their identity, credential, and access management (ICAM) capabilities.

Many PSOs are adopting mobile devices to provide first responders with immediate access to the sensitive information they need from any location. However, authentication requirements meant to safeguard that information, like entering a complex password or retrieving a cryptographic token and reading a one-time password from it, can hinder access. Any delay—even seconds—could exacerbate an emergency.

Biometrics can help identify individuals based on their physical characteristics. Biometric capabilities for fingerprint and face scanning have become ubiquitous on commercial smartphones and tablets. Using biometrics with mobile devices could potentially help make authentication faster and easier, but there are challenges with mobile device biometrics in general and also specifically for first responders.

This report examines the potential use of mobile device biometrics by first responders and discusses the challenges in detail. The goal is to educate PSOs on the topic so that they can make better-informed decisions about first responder authentication.