3 things needed before biometrics can go mainstream
This is a guest post by Kayla Matthews, a biometrics and technology writer.
Biometrics have started to gain more ground and visibility in the world market. Expected to be worth $34 billion USD by 2022, the global biometrics market is an exciting industry to be apart of, indeed.
Yet, though the potential advantages of using biometrics are many, a few things need to happen before we can really start implementing this technology in its full capacity.
1. Better Data Breach Security
As technology advances, cybercriminals continuously find new ways to take advantage of security weaknesses with potentially damaging results. Because of this threat, cybersecurity evolves along with technology and hackers’ skills.
Biometrics poses new risks that could make the consequences of data breaches more serious.
If an employee’s password or pin code is compromised, the process to reset it is fairly simple. If someone gains access to an employee’s fingerprints though, that person can’t exactly get new ones.
Hackers can gain access to biometrics through hacks, much like the way they gain access to databases or email accounts. Once someone has access to a biometric like a fingerprint, though, they can replicate it thousands of times.
Until security companies come up with more reliable ways to protect biometric companies and their customers, using them may be too high-risk for some consumers. Improving cybersecurity and data breach prevention strategies in general may make biometrics a more viable solution for the future of authentication.
2. Standardized Compliance Systems
Because biometrics are relatively new, biometric records and collected data have fewer standard compliance requirements than we see with other kinds of digital information. Before fully adopting biometrics, we need to have the standardized record compliance systems in place to properly store biometric data for our clients.
At this point in time, its difficult to know just how we should be standardizing the storage of such information. Even at the government level, just three U.S. states — Illinois, Texas and Washington — have passed laws regulating biometrics for commercial use.
The legislation for all three states says companies can’t use someone’s biometric identifiers without notifying them first and giving them a way to opt out. The laws also include various security requirements. Five additional states are reported to be considering similar laws.
Although the passing of these laws represents the beginning of setting up compliance systems for what, how and for how long biometric information can be stored, we still have a long way to go. A standardized set of compliance rules would ensure biometric companies have some kind of protection by detailing what are acceptable and unacceptable means of storing such data.
3. Improved Accuracy
Depending on the exact biometric modality you’re working on, your developers may notice that it sometimes takes a few tries for a product to accept your identifier. Although most biometric companies assert their products’ accuracy is quite good, mistakes are inevitable.
You likely know that such mistakes can come in two forms: false accept rates and false reject rates, which measure how often the wrong person’s identifier gets accepted and the right person’s becomes rejected, respectively.
For fingerprints, although the false accept rate varies by system, the average is approximately 1 in 100,000. The false accept rate for iris recognition is approximately 1 in 1.2 million. (Biometric Comparison Guide – PDF)
Although these rates may seem good enough to put your product on the market, a chance remains that a false acceptance or rejection could have serious consequences, especially in high-risk situations such as for consumers who would use this solution at an airport or bank.
Biometrics are hailed as the identification method of the future, and that very well may turn out as the case. However, we need to see that this industry, as well as its related technology and laws, receive the appropriate upgrades before that can happen.
DISCLAIMER: BiometricUpdate.com blogs are submitted content. The views expressed in this blog are that of the author, and don’t necessarily reflect the views of BiometricUpdate.com