Biometric and Behavioral Authentication in IAM: Security, Privacy, and Continuous Verification Trade-offs

Kiran Kumar Puipati

doi:10.64917/fecsit/Volume03Issue01-01

Open Access

Biometric and Behavioral Authentication in IAM: Security, Privacy, and Continuous Verification Trade-offs

https://doi.org/10.64917/fecsit/Volume03Issue01-01

PDF

Kiran Kumar Puipati ¹

⁴ Research Scholar, Department of Information Studies, Trine university, USA

Abstract

Fingerprint, face, and iris recognition biometric technologies are increasingly applied in systems used for identity and access management (IAM). Another sophisticated technique, behavioral biometrics, infers recognition from dynamics of keyboard typing, movements of a mouse, and even walking. This paper addresses the opportunities and challenges of security, usability, and privacy in biometric as well as behavioral authentication. It assesses the dangers of spoofing, the risks of adversarial machine-learning assaults, and the potential privacy implications of storing biometric data. The comparison shows that while biometric systems improve ease of use, they are burdened by legal and moral issues, and while behavioral biometrics offer dynamic, situationally appropriate defense, they have low accuracy. The case studies illustrate the use of systems in finance, mobile technology, and essential facilities. The research found that integrating biometric and behavioral elements within multi-factor authentication (MFA) frameworks provides the marriage of resilience and user-friendliness while preserving privacy.

How to Cite

Kumar Puipati, K. (2026). Biometric and Behavioral Authentication in IAM: Security, Privacy, and Continuous Verification Trade-offs. Frontiers in Emerging Computer Science and Information Technology, 3(01), 01–14. https://doi.org/10.64917/fecsit/Volume03Issue01-01

⬇ Endnote/Zotero/Mendeley (RIS) ⬇ BibTeX

References

📄 Sumalatha, U., Prakasha, K.K., Prabhu, S. and Nayak, V.C., 2024. A comprehensive review of unimodal and multimodal fingerprint biometric authentication systems: Fusion, attacks, and template protection. IEEE Access, 12, pp.64300-64334. Available at https://ieeexplore.ieee.org/abstract/document/10511051/

📄 Shayea, G.G., Zabil, M.H.M., Habeeb, M.A., Khaleel, Y.L. and Albahri, A.S., 2025. Strategies for protection against adversarial attacks in AI models: An in-depth review. Journal of Intelligent Systems, 34(1), p.20240277. Available at https://www.degruyterbrill.com/document/doi/10.1515/jisys-2024-0277/html

📄 Okeke, R.O. and Orimadike, S.O., 2024. Enhanced Cloud Computing Security Using Application-Based Multi-Factor Authentication (MFA) for Communication Systems. European Journal of Electrical Engineering and Computer Science, 8(2), pp.1-8. Available at https://ejece.org/index.php/ejece/article/view/593

📄 De Mel, V.L.B., 2023. Survey of evaluation metrics in facial recognition systems [online] Available at https://www.researchgate.net/profile/Vlb-De-Mel/publication/372232460_Survey_of_Evaluation_Metrics_in_Facial_Recognition_Systems/links/64ab2724b9ed6874a509ddc8/Survey-of-Evaluation-Metrics-in-Facial-Recognition-Systems.pdf

📄 Kumar, D.A., Bhatia, D.A., Mishra, D.A. and Gupta, T., 2024. A Model Apporach for Identity and Access Management (IAM) System in the Cloud. Available at SSRN 4969660. Available at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4969660

📄 Taherdoost, H., 2021. Data collection methods and tools for research; a step-by-step guide to choose data collection technique for academic and business research projects. International Journal of Academic Research in Management (IJARM), 10(1), pp.10-38. Available at https://hal.science/Hal-03741847/

📄 Olabanji, S.O., Olaniyi, O.O., Adigwe, C.S., Okunleye, O.J. and Oladoyinbo, T.O., 2024. AI for Identity and Access Management (IAM) in the cloud: Exploring the potential of artificial intelligence to improve user authentication, authorization, and access control within cloud-based systems. Authorization, and Access Control within Cloud-Based Systems (January 25, 2024). Available at https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4706726

📄 Gudala, L., Reddy, A.K., Sadhu, A.K.R. and Venkataramanan, S., 2022. Leveraging biometric authentication and blockchain technology for enhanced security in identity and access management systems. Journal of Artificial Intelligence Research, 2(2), pp.21-50. Available at https://www.researchgate.net/profile/Srinivasan-Venkataramanan-2/publication/390877598_Leveraging_Biometric_Authentication_and_Blockchain_Technology_for_Enhanced_Security_in_Identity_and_Access_Management_Systems/links/68015e68ded43315572a9210/Leveraging-Biometric-Authentication-and-Blockchain-Technology-for-Enhanced-Security-in-Identity-and-Access-Management-Systems.pdf

📄 Geo Jolly, 2024. Biometric methods: Streamlined biometric authentication for seamless operations. Available at https://www.veriff.com/identity-verification/news/biometric-methods

📄 Muddychetty, N.S., 2024. A Comparative Analysis of SecurityServices Using Identity and Access Management (IAM). Available at https://www.diva-portal.org/smash/record.jsf?pid=diva2:1842261

📄 Bojović, N. and Fazelpour, M., 2024. The Impact of App Update Frequency on User Satisfaction: Exploring the Relationship Between Update Intervals and User Experience in Hedonic Apps. Available at https://www.diva-portal.org/smash/record.jsf?pid=diva2:1905191

📄 Nzeako, R.A.S.G. and Shittu, R.A., 2024. Leveraging AI for enhanced identity and access management in cloud-based systems to advance user authentication and access control. World Journal of Advanced Research and Reviews, 24(3), pp.1661-1674. Available at https://www.researchgate.net/profile/Godwin-Nzeako/publication/387524483_Leveraging_AI_for_enhanced_identity_and_access_management_in_cloud-based_systems_to_advance_user_authentication_and_access_control/links/67873bed2be36743a5d6ae2a/Leveraging-AI-for-enhanced-identity-and-access-management-in-cloud-based-systems-to-advance-user-authentication-and-access-control.pdf

📄 Abdulrahman, S.A. and Alhayani, B., 2023. A comprehensive survey on the biometric systems based on physiological and behavioural characteristics. Materials Today: Proceedings, 80, pp.2642-2646. Available at https://www.sciencedirect.com/science/article/pii/S2214785321048513

📄 Threat Analysis, 2025. SECURITY RISK MANAGEMENT. Available at https://www.threatanalysis.com/security-risk-management/

📄 Kamaruddin, N.H.C. and Zolkipli, M.F., 2024. The Role of Multi-Factor Authentication in Mitigating Cyber Threats. Borneo International Journal eISSN 2636-9826, 7(4), pp.35-42. Available at http://majmuah.com/journal/index.php/bij/article/view/667

📄 Suleski, T., Ahmed, M., Yang, W. and Wang, E., 2023. A review of multi-factor authentication in the Internet of Healthcare Things. Digital health, 9, p.20552076231177144. Available at https://journals.sagepub.com/doi/abs/10.1177/20552076231177144

📄 Campbell, J., 2024. Unlocking Personal Characteristics: Harnessing Keystroke Dynamics for Identifi. Available at https://ueaeprints.uea.ac.uk/id/eprint/98919/

📄 Fastercapital, 2024. Legal And Ethical Considerations For Data Privacy. Available at https://fastercapital.com/topics/legal-and-ethical-considerations-for-data-privacy.html/1

📄 Omotunde, H. and Ahmed, M., 2023. A comprehensive review of security measures in database systems: Assessing authentication, access control, and beyond. Mesopotamian Journal of CyberSecurity, 2023, pp.115-133. Available at https://journals.mesopotamian.press/index.php/CyberSecurity/article/view/109

📄 Riyana, S., 2025. Enhancing Security in Digital Wallets Using Multi-Factor Authentication and Behavioral Biometrics. International Journal of Emerging Trends in Computer Science and Information Technology, pp.559-570. Available at https://www.ijetcsit.org/index.php/ijetcsit/article/view/302

📄 Ihar Kliashchou, 2023. Why Face Recognition Is the Next Big Thing in MFA. Available at https://regulaforensics.com/blog/biometric-mfa/

📄 Allam, F.Z., Hamami-Mitiche, L. and Bousbia-Salah, H., 2022. Evaluation and Comparison of the performance of Biometric Recognition. International Journal of Industrial Engineering and Production Research, 33(1), pp.1-12. Available at https://www.researchgate.net/profile/Vlb-De-Mel/publication/372232460_Survey_of_Evaluation_Metrics_in_Facial_Recognition_Systems/links/64ab2724b9ed6874a509ddc8/Survey-of-Evaluation-Metrics-in-Facial-Recognition-Systems.pdf

📄 Shihab, M.A., Marhoon, H.A., Ahmed, S.R., Radhi, A.D. and Sekhar, R., 2024. Towards resilient machine learning models: Addressing adversarial attacks in wireless sensor network. Journal of Robotics and Control (JRC), 5(5), pp.1599-1617. Available at https://journal.umy.ac.id/index.php/jrc/article/view/23214

📄 Indusface, 2014. Sensitive Data Exposure – A Nightmare To All Business Enterprises. https://www.indusface.com/blog/sensitive-data-exposure-nightmare-business-enterprises/

📄 Kumar, K. and Zolkipli, M.F., 2024. A Review on Identity and Access Management (IAM) for Digital Environment Security. Borneo International Journal eISSN 2636-9826, 7(4), pp.43-48. Available at http://majmuah.com/journal/index.php/bij/article/view/666

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors retain the copyright of their articles published in this journal. All articles are licensed under the Creative Commons Attribution 4.0 International License (CC BY 4.0). This license permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are properly cited.