Biometrics Redefined

January 1, 2011

At many buildings and installations, biometric technology is a key component of the security system. Whether using fingerprints, iris recognition or another physical identifier, biometrics provide the most reliable means available of ensuring that a person is who he claims to be.

The U.S. government especially has embraced biometrics as a way to secure facilities. The 2008 “Biometrics in Government Post-9/11” report from the National Science and Technology Council reviewed biometric initiatives undertaken by the federal government and concluded that “federal agencies have advanced the scientific basis of the technology and its mutual co-existence with fundamental privacy principles… Continued attention over the ensuing years will reap even greater operational capability while continuing to ensure privacy protection.”

Just two years after one of the government’s scientific entities produced this positive assessment of the efficacy of biometrics, however, another one reported that biometric technology is “inherently fallible” and that “the scientific basis of biometrics … needs strengthening.”

The National Research Council (NRC) wrote “Biometric Recognition: Challenges and Opportunities” in September 2010. It cast significant doubt on the ability of biometrics to do what it is intended to do: verify an individual’s identity with a very high degree of accuracy.

There is already a certain amount of wariness about biometrics due to the perception that it threatens privacy. Security Industry Association (SIA) advocated against state legislative proposals that would prohibit the use of biometrics, and did so in a way that highlights how security professionals can ensure privacy. SIA also released a Privacy Framework that includes a set of best practices to be used when deploying security technology. When an arm of the federal government takes such a negative position regarding biometrics, it will likely encourage opposition to the technology. This could lead to the use of less effective and less reliable security options, which, ironically, would threaten the privacy that biometrics opponents claim to be trying to protect.

In November 2010, SIA released a brief response to the NRC report, noting that while the report provides useful recommendations for further research, many of its findings are outdated. According to the response, “There have been many significant advances in biometrics technology, testing and standards since the bulk of the NRC’s research for the report concluded in 2006.”

So important is biometric technology, SIA argued, that it could rival the social impact of penicillin, the assembly line and the airplane.

Correcting misperceptions about security technology – biometrics included – is one of SIA’s most important tasks because it can make the difference between security and vulnerability.

Ronald Hawkins is the communications manager for the Security Industry Association (www.siaonline.org). For more information about SIA or to sign up to receive the Security News Digest, contact him at rhawkins@siaonline.org.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.