Privacy Issues Surrounding Biometric Security
Humans are social creatures, and as social creatures we create systems that separate us by our differences. IT professionals are known as such because they are experts at understanding and working with computers and information systems, just as Olympic gymnasts are regarded for their ability to compete in gymnastic events. Our differences are our identifiers. In fact, humans put labels on things to better identify them using even the most miniscule differences.
In a society where getting over on other people is the quickest way to the top, people are constantly looking to take advantage of others. We create security systems for this purpose. Since every person’s identity is unique it is often used for authentication into these secure systems. Nowadays, with the advancement of biometric technology, many organizations are pushing the envelope and using unique physical identifiers as authorization methods, and it is causing problems with the security/privacy equilibrium most people favor.
Biometrics Trending Up
Biometrics are being used everywhere from the digital security of mobile devices all the way to border security and identification. Biometrics include:
- Fingerprint identification
- Iris and retina scans
- Facial recognition
- Gait measurement
- Handwriting recognition
- Voice recognition
These technologies are used to effectively identify and authenticate people simply by pairing the information with existing database information. With this technology being more accessible due to falling prices, it is now being rolled out all over the world for a multitude of purposes. Across the world you can find biometrics being integrated into systems. The US FBI has a massive fingerprint database they use to help identify people. China’s Social Credit system is run on facial recognition. Businesses, like your bank, may be using your voice to authenticate who you are over the phone. With so much data being captured, and with the seemingly endless ways this technology can be used to secure almost anything, it turns out that it really isn’t securing much of anything.
The Illusion of Security
The immense scale of biometric data systems makes securing this extremely personal information nearly impossible. The question has to be asked: can a system be a human identification system and also work as an authentication system? It turns out that with all the challenges people use biometric security systems for, the only thing that it is truly good for is identifying who a person is. That’s not to say that systems can’t work in small doses, but a main problem with these systems is that the information captured--the data that is being used for the security of these physical and virtual systems--has to be saved somewhere. Moreover, with organizations mining data left and right, this very private and extremely sensitive data ends up as just another piece of data captured by corporate entities looking to turn it into a quick buck.
If that doesn’t scare you, consider that organizations and governments possessing this data and losing it to hackers, who much like these massive corporate entities, will be using it to gain a monetary advantage. Losing your identity to a hacker is a traumatic experience, but with these biometric systems, it takes on a whole new meaning. Even scarier yet is that artificial intelligence has been proven to compromise biometric indicators, leaving biometrically-protected systems accessible without physical authentication.
A Complete Lack of Privacy
We touched on this a little above, but the lack of privacy that a biometric reliant system would provide the individual would be frightening. You see, the biometric security system isn’t designed to allow for invasions of privacy, but because this technology is just in its infancy, and organizations are using it in ways that it may not be designed for, the minute a person puts his/her information into a biometric system, privacy is out. The production of the data, the way it is stored, the way it is compared to database data raise big concerns for the individual and his/her privacy.
Additionally, with changes to physiology, these biometric systems have to have some deviation built in. This poses a lot of questions about what is secure and what isn’t. These systems are definitely state-of-the-art, but if you compare the effectiveness of the security to the systems that we’ve been using (Passwords, PIN, Two-factor authentication), it’s hard to say that these advanced biometric systems are any better at keeping data or infrastructure secure.
Biometrics are definitely here to stay, but before you implement a biometric security system into your business, call the professionals at Dresner Group to discuss the benefits and detriments of doing so; and, the strategies where biometrics will excel. Call us at 410-531-6727 today.