Your identity is one of your most precious possessions. From opening a bank account to travelling abroad, obtaining medical treatment to shopping online, proving your identity (ID) is absolutely essential.
In the age of the internet, traditional ID verification and protection systems can be quite easily broken. Identity theft is extremely profitable, so criminals spend a lot of time and effort trying to steal information that can be used to impersonate their victims.
Improving security with biometrics
Passwords remain one of the weakest aspects of every security system. Easily guessed, hacked or leaked, passwords mean that hackers are just one short word away from accessing your data and identity.
The search for a more secure ID verification technique has led many businesses to develop biometric alternatives. Fingerprint and face scanners are already commonplace on smartphones for instance because it is quite difficult to ‘steal’ a faceprint for instance.
There are other biometric systems under development too. Advanced computer algorithms are able to analyze the unique way you walk (gait analysis), while facial recognition in public settings is also increasingly common. Even the way you type is unique and can be used to verify your identity.
Although more secure than passwords, there is some questions about biometrics that need to be addressed by industry regulators.
How is biometric data used?
Biometric data can be used for a wide range of tasks – not just securing access to your online accounts. Marketers have been experimenting with facial recognition to track shoppers between stores in malls for instance.
Although useful, there is very little difference between this and cookie tracking – tactic that breaches GDPR and other privacy laws. For many people, applying biometrics in this way is invasive and unwelcome – and government law makers are looking at whether rules around the use of biometric data need to be strengthened.
How is biometric data protected?
Stealing passwords and credit card numbers can cause serious problems for victims. But if unique biometric data is stolen, the implications are even more serious. Your bank can change a password or issue a new credit card in the event of a data breach, but they cannot change your fingerprints.
If hackers are able to steal biometric data, or the algorithms used to process it, the consequences could be devastating. The victims of such an attack may find themselves unable to participate in some common activities like buying and selling – or engaging with government agencies.
Time for regulators to act
As the use of biometric systems becomes more common, regulators and trade bodies will need to formulate guidelines that define what is (and is not) acceptable use of peoples’ unique data. Businesses must then adopt these best practice principles to avoid legal and ethical problems that damage confidence – and the wellbeing of the individual.