Biometrics: Ready or Not?

If you have a current tablet or smartphone, you probably use your fingerprint or facial recognition to log into your device, buy apps or music, or even make financial transactions. These instances of biometric authentication are more convenient and more secure than passwords. But how would you feel about being tracked throughout your day by facial recognition or having a chip implanted in your hand for identification? The use of biometrics is evolving quickly, and it raises some serious questions about rights and privacy.​

Biometrics is the use of computers plus sensing technology to measure unique physical characteristics in order to confirm identity. Fingerprints are the most common type of biometric identification used today, but some mobile devices and apps also do facial recognition. Iris scanning is becoming more common in places like airports, while retinal scanning is more involved and is mainly used in high-security applications. Artificial intelligence is also being applied to analyze and measure other physical traits such as people’s voice, speech, typing patterns, gait, heartbeat, and even scent. Biometric identification works by storing physical information about people, then comparing that against incoming measurements to confirm identity.​

Biometrics have become more common for two reasons: data breaches and social engineering attacks have made passwords less secure for online applications, and biometrics can be used in physical situations to identify potential threats. For example, Atlanta’s Hartfield-Jackson International airport recently opened the first fully biometric terminal, where passenger’s facial scans are compared against a Customs and Border Patrol database on check-in, and facial recognition speeds travelers through TSA lines. The Secret Service plans to start testing a facial recognition system in and around the White House, to identify people who may pose a threat. According to Rolling Stone, the security contractor at a 2018 Taylor Swift concert used a facial recognition system hidden in a video kiosk to identify known stalkers. A few organizations are even going beyond built-in biometrics, implanting RFID chips to identify employees. (These are similar to the chips veterinarians implant to help identify lost pets.)​

Biometrics have plenty of benefits: keeping our accounts and personal information safer from identity theft, the convenience of not having to remember passwords, the relief of faster airport check-in. Retinal scans are even showing promise in the treatment of Alzheimer’s disease and diabetes. But biometrics also create new risks. Like any piece of stored information, they can be stolen. They are not 100% accurate, and there is great potential for misuse.​

Many experts are asking whether biometrics are being adopted too quickly, without the groundwork to make sure they are fully secure and without needed laws in place to protect individual rights and privacy. In a series of upcoming blogs, we’ll explore the potential risks of biometrics and what you can do to help ensure that these cutting-edge technologies don’t end up diminishing your safety, privacy, or human rights. ​