Netflix, Prime and other streaming platforms are considering fingerprint check to prevent password sharing

With the announcement of the creation of Disney+, many specialists and enthusiasts anticipated the start of a war between the various existing streaming platforms that would ultimately benefit consumers. According to a research by the Wall Street Journal, Netflix could lose up to 30% of its subscribers to Apple TV and Disney+. However, web application security specialists believe that the real warfare of streaming platforms will be fought against their common enemy: piracy.

Combating piracy has been one of the main problems for the entertainment industry; in addition, as the audiovisual market progresses, the ways of accessing content without paying also evolve. In the case of streaming services, the main issues are password hacking and sharing, practices that represent a loss of billions of dollars for these companies.

The first joint efforts to combat these practices date back a couple of years, with the creation of Alliance for Creativity and Entertainment (ACE), an association of companies such as Sony, Warner, Netflix, HBO, Disney and Amazon, which in the future will focus on eliminating password sharing. 

According to web application security specialists, one of the possible solutions posed by ACE is the establishment of a periodic password reset policy to reduce the impact of potential hacking incidents. Another policy that streaming platforms could rely on is the implementation of multi factor authentication, so that account owners should enter a password (sent via SMS) to be able to log into the service. In addition, streaming companies plan to set tighter controls on the limit of devices connected to the same account.

For this to happen, companies could resort to indicators such as IP address or distance between smart devices that attempt to log in. If these measures don’t work, streaming services could play one last card: the implementation of biometric identification. The use of fingerprint identifiers, or even facial recognition, would ensure that only account owners can access streaming services, limiting to a wide extent any tricks known by users or hackers.

Although this measure seemed like a good idea it has multiple drawbacks. The first problem is that, according to web application security experts, not all smart devices have the ability to register biometric data, as this is not yet an industry standard feature.

On the other hand, many users of these services might find these measures way too invasive, which could keep them away from streaming platforms, as well as impacting on the interest of potential future customers, mainly younger people.

Finally, web application security specialists from the International Institute of Cyber Security (IICS) point out that adequately secure millions of biometric records would be too complex work for streaming platforms and, without the relevant security measures, they could expose its users to dangerous variants of attack and electronic fraud.