Biometrics and Privacy in 2015: Maintaining a Delicate Balance

Spread the love
biometric-and-privacy-2015
As biometric technology is becoming mainstream, will it attract more privacy concerns?

With the rapid adoption of biometric identification technology by Apple and other giant mobile phone manufacturers, biometric technology has become a mainstream technology in 2015 by opening availability to more people for daily use. Does this mean that our privacy is even more at risk from snoopers, hackers, and identity thieves?

The answer is — not really. Today we are going to discuss how biometric technology is maintaining a delicate balance with privacy concerns as its use proliferates across many different markets.

The most common privacy fears and concerns that we have today are actually the same types of questions we had in mind when asked to put our credit card numbers on an online shopping site: “Who has access to my information?”

If we decide to give our biometric credentials in a departmental store to pay the bills for example, we want to be sure that it cannot be accessed by a hacker or government agencies – two core privacy concerns.

There’s been a lot of confusion and misinformation already about biometrics and privacy concerns, so today we are going to clarify the technology behind biometrics, how it works, how it’s stored, and how hard it is to abuse and misuse biometric data.

Biometrics, while having its limitations, offers substantial security benefits to the average consumer — including greater protection from identity theft, data theft, and possibly even financial fraud. It’s substantially more secure for privacy protection than using a basic password or four digit personal identification number (PIN).

A Variety of Fingerprint Scanners and Fingerprint Sensor Technologies for Varying Industry Conditions

How does biometric technology protect your privacy?

Biometric technology has evolved over the last few years and always maintained a delicate balance with end user privacy concerns. Let’s take a look at how biometric is maintaining this balance:

M2-FuseID™ Advanced Fingerprint ReaderFirst, it’s important to realize that most fingerprint scanners available today in the market do not store a raw image of a fingerprint. Instead, they interpret a digital representation of certain characteristics of your fingerprint, which is called a template. To put it in an easier way, it saves the fingerprint as binary digits, not as a raw image. Every biometric scanner manufacturer has their own algorithm for creating these templates and most of them are not compatible with each other. Therefore, it’s nearly impossible to steal and use someone’s biometric template to access their accounts across all platforms.

Just for the sake of argument, even if a hacker does get access to the digital template of your fingerprint, it is nearly impossible to reverse engineer and use that to recreate the actual fingerprint — or any other modality of biometrics being used, as every system uses different algorithms for interpreting this data.

What if someone try to spoof or steal biometric data?

Just like any other technology, biometrics has its limitations too. It is possible to “steal” or “spoof” a person’s biometrics — as we have seen with the iPhone 5S fingerprint scanner hack. But that is not very easy to do. In fact, it can be much harder than guessing or brute forcing a password or PIN code. In order to steal a fingerprint:

  • The attacker must have direct contact with the person
  • Lift the print without ruining it or being seen
  • Save it as a very high-resolution image
  • Print it out in a high-res format
  • And then manage to trick the fingerprint scanner into thinking the artificial print is real

1 Integration, 1 Platform, Any Form of Biometrics. The Only Identity Platform You’ll Ever Need!Obviously it can be done, but this number of steps rules out many of the usual suspects. In order to stop these kind of spoofing attacks there are biometric scanners available in the market with strong anti-spoofing capabilities. For example, M2-FuseID™  is a fingerprint scanner which can avert spoof attacks with sophisticated liveness detection capabilities. This next generation fingerprint scanner captures both the fingerprint and the unique finger vein pattern inside your finger. If a hacker can spoof fingerprints, how will they be able to fool the vein detection system when it requires the presence of live blood flow for identification?

Conclusion

Biometric technology maintains the balance of privacy in our society in a way that is not entirely new to us. Therefore end users need to be well informed/educated of the privacy implications related to biometric technology. There might not be a single solution to minimize the potential privacy loss through the use of biometrics – but if you look around there will always be different protections for different scenarios.

Want consultation on a privacy friendly biometric solution deployment? Feel free to reach us at M2SYS Technology.

M2SYS Technology simplifies the development and deployment of biometric projects


Shaon Shahnewaz leads the digital marketing team at M2SYS Technology and an occasional blogger. He is passionate about writing various government and enterprise biometric identity management technology adoption related topics and the changes it brings on the general people’s lives.

Shaon Shahnewaz

Marketing Team Lead at CircleCare - Corporate Wellness App
Team Lead - Digital Marketing at M2SYS Technology
Bangladesh
View Profile
Shaon Shahnewaz