Biometrics are already a part of our lives. Maybe not to the level of spy movies, but not that far behind. We use our fingertips to start our cars, flashes of our faces unlock our phones, even our handprints allow us to enter the gym. There’s no doubt that what seemed so Sci-Fi not long ago is now a reasonable, affordable, accessible reality.
Biometrics are looked at as the replacement for the password, the next way we’ll log into the world. While passwords are notorious for human error, are biometrics really a viable substitute? This post looks to where biometrics are headed and to explore whether that is the direction of safety, security and privacy.
What are biometrics?
According to Mobile Payments Today, “Biometrics is the process of authenticating users by measuring their physiological or behavioral traits such as fingerprint, facial appearance, iris, voice, palm print or signature.” Open sesame. You can now log in with the touch of your fingertip, a blink of your eye or the sound of your voice.
But beyond a way to verify identity, it’s a business, with the biometrics hardware and software market predicted to grow from $2 billion this year to almost $15 billion by 2024. That could be why ten years ago there were only 46 biometric patents filed in the U.S., while, last year alone, there were well over 500 filed, including by giants Apple, Google, Microsoft, Samsung and Intel.
Where are biometrics headed?
With the increased use of more complex mobile devices and wearables, biometrics are anywhere you go. Finance and banking have a strong interest in protecting their clients’ privacy, but government, police forces and the defense industry have their own reasons to get their hands on the data of identity.
In Europe, the software behind Samsung’s Galaxy S6 just had an update to the device’s fingerprint biometric systems. It’s expected to be used when Samsung releases mPayment later this year that takes it a step beyond near-field communication (NFC) technology by offering the alternative of payments via fingerprints.
Biometrics is often explored in the voting world. While the fingerprint technology was still in its faulty when lines grew ridiculously long outside the Brazilian polls a few months ago, the U.S. is now looking at finger printing and iris scanning at the polls as a good opportunity to overcome state-to-state identity card disparities as well as income, language and literacy barriers to voting.
And for $179 a year, American adults can breeze through Miami International Airport security checks with fingerprint or iris scans.
But, with each new biometric development, we start to ask, what are we giving up in order for a little convenience?
Are biometrics increasing or decreasing our privacy?
I know my 17 and 19-year-old nieces look forward to the fingerprint unlocking of their next iPhone upgrade, keeping them away from my nosey brother-in-law. But is it better or worse that Apple has a patent in for messages that can only be viewed by an iris scan of the recipient? Will we become more secretive by this greater access to privacy? Or with a greater sense of personal space are we really opening ourselves up to less privacy?
The more you use, for example, facial recognition software to streamline passport control or log into your phone, the more your image and movement is tracked.
Between 2009 and 2011, Mexico City DF used the combination of criminal analysis and facial recognition to scan the faces of more than 22 million people via 15,000 cameras. Due to this biometric technology, combined with a gunshot detector that moved the cameras in the direction of shots heard, the huge city boasted a 32.6 percent reduction in crime, 50 percent decrease in stolen cars, and police response time was cut down to a quarter of previous years all because of the world’s most ambitious security program.
Now the Australian government is looking to collect biometric data from performing mobile fingerprint checks at airports and seaports on both children and suspected terrorists at the borders. The seemingly bizarre correlation is found when they will be checking children against missing child databases, as well as to make sure that people who have been rejected for asylum don’t try again. However, the Biometrics Institute says that the technology isn’t very accurate on minors whose bodies aren’t fully developed yet.
Is biometrics a suitable replacement to the password?
“Kill the password dead as a primary security measure,” Michael Daniel, Obama’s cybersecurity coordinator, recently said. And as the number of systems and services we subscribe to grows, so does the more we have to remember. So we tend to use the same passwords for work and play, each easier-to-remember, faster-to-type-in, and easier-to-crack than the last. And with our lives lived out for the whole world to see on social media, our banks’ added security question of the name of your dog, favorite book, or your mom’s maiden name has become a moot point.
Now it looks like our fingerprints, irises, voices and faces will increasingly replace our silly passwords, but are biometrics any better?
Forget Field of Dreams, the new adage should be, “If you build it, they will come and find a way to hack into it.” Hackers have already found a way to crack the iPhone 6 digit scanner with just photos of people’s fingerprints.
The next concern is if we are just trading off one privacy issue for another. Both a password and a biometric can be stolen, but only the password can be changed. Once in your fingerprint is stolen, it’s stolen forever, and you’re stuck.
What should you do to protect your privacy and identity?
In the end, it seems like risking inconvenience is better than risking your irreplaceable identity. This means, for now, the best combination is that of a very long password and a bit of biometric ID-ing like facial recognition, an iris scan, or a touch of your finger. Best is to combine multiple ways to protect your devices, your banking, and your secrets.
Of course, when you combine what we’re posting online, our search history, our location and our biometric info, the result is a pretty volatile amount of data. If we use, say, our faces to unlock things, why couldn’t governments or corporations use that to surveil and even predict our movement? The next question of biometrics is whether all that new big data will be used for good or evil. But that’s another story for another day…
Have your own thoughts on the wonder or worry of biometrics? Share your opinion below and also go ahead and reply to the Biometrics Institute’s annual survey before its June 5 closing.