Biometrics may be just another industry buzzword to some. To others, it has already become routine. The word may vaguely conjure up images of a dystopian future. Security professionals tout it as the next step towards better personal security. What are biometrics? How are they being used today? And what will the future hold for them?
Biometrics is the use of personal and unique biological traits to identify an individual. This most commonly takes the place of a fingerprint reader. Some technologically inclined people may already be using their fingerprint to secure their laptops or cars through a special scanner. People with high security clearances often use more obscure alternatives such as retina scans. Another upcoming method is facial recognition, where a computer scans a person’s face and does a visual comparison to authenticate identity.
As an example of biometric usage, take Disney World. In order to fight ticket resale and fraud, Disney World captures numerical data extrapolated from fingerprint scans to identify authentic ticket holders. It is not mandatory. A photo ID may also be offered to a representative instead. Is lining up to get your fingerprint scanned before entering a tourist park a welcome addition? Privacy advocates cite a lack of transparency on the issue. On the other side are those who say the extra security is for the best of everyone involved. Both sides offer reasonable points. As people are not likely to stop going to Disney World anytime soon, Disney is able to monitor the issue as they see fit.
Another example is the recently released iPhone 5s (the better model) and iPhone 5c (the budget model) that sold over 9 million worldwide units during its recent debut weekend. One of the new features Apple touted was a fingerprint scanner. Ideally, you just run your finger over the scanner (something people are used to doing already when they ‘swipe’ their phone) and you instantly authenticate. This replaces the need to enter a pass code every time you need to access your phone. This fingerprint data isn’t even stored on Apple’s iCloud nor does it ever leave the phone. There is a special memory chip inside the phone just for containing the encrypted data. Apple included enough memory for multiple unique signatures in case the phone is shared.
However, biometrics data has a dark side to it, even beyond the sinister function found in science-fiction. For one, the technology is nowhere as secure as promised. In fact, Apple’s fingerprint scanner has already been defeated by fake prints over the same weekend it debuted. These techniques exist in the realm of the mundane; not the technically savant. Some brigands may not even bother with being delicate. Most people would rather lose just their phone, not their phone and a finger. Also, if your biometric data gets compromised, there’s no reasonable way to re-issue or change it.
Whether or not biometrics data is utilized in securing private information is a personal choice. Most people will not have to worry about it. There does remain an appreciable amount of irony in using a fingerprint scan to secure a device that gets covered in fingerprints. Passwords that are sufficiently long enough remain the most secure choice. If you can guarantee that you’ll never lose your phone, security doesn’t matter. To those using the new fingerprint scanner, use a pinky or ring finger instead of a thumb or index. These are much less likely to leave usable prints that could later be lifted.
Nations are increasing collection of biometric data. Most countries now require biometric identification to participate in national programs. India’s Universal ID program to biometrically identify every citizen is the most ambitious example of this to date. Nations active in collecting biometric data of their civilians engage in sharing that biometric data with other countries. Schools are even beginning to collect this data on students. Market adaptation of Apple’s security measures will certainly affect decisions by other companies. But where the future goes, there is no clear road for this fledgling technology.
It is certainly not going away, so being aware of the risks and reasons is the best solution. Undue faith should not be given despite the assurances of the technology companies eager to profit from biometric technology. No security solution is infallible. Caution remains the strongest solution.
Published on September 26, 2013