The rise of biometrics is not as clear cut as may seem

Are biometrics really the future of security and surveillance?

Advancements in technology and software have introduced new possibilities in the security and surveillance world over the past few years. Biometric innovation has, in particular, had a significant impact on cyber security practices right across the world.

Biometric authentication methods are far from new, but they’ve become more accessible and affordable in recent times. There are now devices that can recognise fingerprints, palm veins, faces, DNA, hand geometry, retinas and even odours for identification and access control purposes.

Tech giants such as Apple and Samsung have long integrated this technology into their devices, while biometrics are making big waves in contexts like security, surveillance, border control personal finance and healthcare. Often, they speed up previously complex and timely security processes, which is why they’ve become so popular.

But while many have called biometrics ground breaking in the security space, others have been less positive. Some people have questioned if they’re safe at all, while others have suggested that they won’t last. So the question is, are biometrics really the future of security and surveillance?


Making waves in finance

Security is of paramount importance in the banking and financial industry. In the past, customer identification processes have proved tiresome and confusing, but biometrics are changing things. MasterCard has begun letting consumers verify their identities through selfies, and banks such as Barclays and HSBC are planning to offer voice recognition services.

Chris Hill, commercial technology partner at law firm Kemp Little, says biometrics are gaining significant traction in the financial services sector. Biometrics save time for consumers, and they’re also handy for companies. By deploying them, firms can reduce the time spent having to respond to telephone queries.

“The fingerprint scanner on the iPhone and the fact that a number of mobile banking apps now make use of this handset feature, is a mark of acceptance of biometrics tech in financial services. MasterCard allows users to verify their identities using a selfies,” he says.

“And both Barclays and HSBC plan to increase their use of voice recognition so as to speed up the security clearing process for telephone banking. As well as being more convenient for customers, this also reduces the time taken to deal with telephone queries, and therefore reduces call centre costs for the bank.”

Despite the benefits, Hill says technology professionals and businesses should take biometrics with caution. Criminals have proven they’re able to steal biometric identities to get hold of customer and business information.

“There are several ways that such ‘static’ biometrics can be spoofed. An imprint of the fingerprint could be stolen, and presented at the point of authentication in place of the real thing. Alternatively, if a hacker can change the base document, then the authentication system could be made to think that another person’s fingerprint is that of the authorised user,” he warns.


Enhancing healthcare

Biometrics aren’t just introducing new possibilities in the world of finance, though. They’re also gaining traction in healthcare. Hospitals and other health institutions are using them to streamline patient ID, boost financial performance and improve security. 

The biggest benefit of biometrics being used in healthcare contexts is their impact on patient record keeping. Health organisations have been able to reduce duplicates, increase patient safety and enhance identity theft protection. Palm vein scanners have proved to be the most popular form of biometrics in health contexts.

Mollie Drake, former corporate director of access management at non-profit integrated health system Scripps Health, says biometrics are helping create more effective health systems across the world. She also believes that they can improve trust between caregivers and patients.

“Biometrics improve patient safety, protect against medical identity theft, enhance patient satisfaction, and improve the hospital’s financial performance. Beyond these benefits, biometrics can revolutionise healthcare by enabling interoperability,” she says.

“If healthcare is ever to achieve the goal of a single medical record for every person, biometrics are the key to establishing patient trust and allowing the exchange of patient data across disparate systems.”


Convenient security

Passwords have been the preferred security option for decades, but they have many issues. Not only can they be hacked easily, but it’s also possible to forget them. There’s a common assumption that biometrics are a safer and more convenient option. It’s far quicker and easier to unlock a device or system through a biometric scanner.

Richard Lack, managing director of customer identity platform Gigya, says passwords and secret answers frustrate the everyday consumer. Biometrics don’t have these issues. “Currently biometric identification is seen as the higher standard for verifying identity. Not only is it not prone to forgetfulness like the password; it is also more secure,” he says.

“Security risk is now a top factor driving consumers’ identity authentication preferences, with a survey by Gigya finding that 26 per cent of consumers have had an online account compromised in the past 12 months.

“It has been found that traditional passwords can invite trouble, as evidenced by the many reported instances of online ID theft. To make matters worse, 56 per cent of people tell us they use passwords that they know are not secure, such as those that include their names or birthdates.

“You only need to look at the numerous sellers of password log-books on Amazon to understand the inevitable paradox: the more secure a password becomes, the greater the likelihood that it will be written down.”


Biometrics could be a fad

There’s also been a lot of interest in biometrics from governments. Australia recently outlined a $100 million plan to allow passengers to get through border controls without the need of human intervention. Biometric systems will be implemented to identify travellers.

Many people have hailed this as a world first, but others have been less complimentary. Adrian Sanabria, a senior analyst working on the information security team at 451 Research, is sceptical about their capability, identifying risk factors. He also questions their viability overall, citing concerns around safety and longevity.

“I can't see an automated system replacing humans at a border control. The argument for having humans in place goes far beyond simply verifying identification. Trained and experienced border agents can recognise suspicious behaviour and other indicators of threats that an automated identification system couldn't hope to replicate,” he tells IDG Connect.

“Biometrics come with a number of challenges that make them unsuitable for any sort of fully automated system, in my opinion. An allergic reaction or burns can​ make fingerprints unreadable. Natural changes over time can result in unreadable irises. Many people's voices change as they recover from a bad cold, or the flu. Heck, simply returning from a sporting event could result in a voice change after a night of shouting.

“If compromised, our biometrics can't be reset or replaced like passwords. We can't get new irises and fingerprints, and most biometrics don't work for some percentage of the population. I've heard iris scanning is more reliable, but is less quick and convenient than fingerprint scanning, which fails to work for a higher percentage of the population.”

The argument around biometric technology is balanced, it seems. There are many companies and organisations implementing biometric systems to make security processes more efficient and easier for consumers, but they also have complex flaws. Companies will no doubt have to find solutions before these systems can really evolve.


Also read:
How biometrics is changing Latin American banking
Is India more comfortable with state biometrics than other countries?
Viewpoint: Why we need voice biometrics
FacePhi: ‘Selfie’ verification spreads across banks in Latin America