Biometric security provides added protection as well as convenience—but what are the downsides?
Biometric security is now everywhere, locking down everything from smartphones to wearables to personal computers. It provides an extra layer of protection (you can’t easily fake a fingerprint) and it’s far more convenient for users than remembering a password to login to every app or device.
However, as with any new technology, there are also new risks and considerations to take into account with biometrics. Here’s what you need to know about the pros and cons.
What are biometrics?
Biometrics are pieces of information that are used to authenticate a user who is trying to access a system, application, or even a building. But instead of using a password, a personal device, or another mechanism to confirm an identity, biometrics assess physical characteristics that are unique to an individual—their biological data. Examples include:
- Voice recognition
- Retina or iris scans
- Facial mapping
One of the most common forms of biometrics being used in security today is the fingerprint. For example, when you open a banking app on a smartphone, or are trying to unlock the phone itself, you just press your fingerprint to the “home” button and you’re authenticated.
Using biometrics brings many benefits to the table. But there are also new security risks and other important warnings to keep in mind.
The pros of biometric security
Biometric security has many advantages. First of all, users aren’t required to remember and enter a password to gain access to an application or system. Users are more satisfied because they can prove they’re who they say they are in one, second-long step.
“A snapshot poll taken by identity management firm Centrify” documents how users become extremely frustrated when having to remember multiple passwords for all their accounts (known as “password rage”), with 25 percent of respondents saying they forget a password at least once a day. A fingerprint is not something that can be lost or forgotten, and other biometrics offer the same reliability and convenience.
Add this to the security benefits and you’ll see why biometric security is one of the most fool-proof methods out there. Scanning techniques will not allow a user access unless they meet the specific biometric requirement. Passwords, on the other hand, could be discovered and used by other people trying to get into systems.
Even employee identification cards or badges can be replicated and faked, so biometrics can take the place of many different types of authentication methods.
Another big benefit of biometric security is the multi-factor authentication aspect. Passwords can be combined with the biological characteristic, giving authentication at least two layers and thus much more protection.
Potential downsides of biometric security
It may feel strange to give personal data like a fingerprint to a system. In many cases, users don’t have a way of knowing what’s being done with this information, which causes privacy concerns. This fact alone may deter individuals from using the biometric security approach when it’s offered to them.
If something were to happen to the database that holds all of this information, biometric info could be obtained. And the resulting security risk is pretty substantial. When biometric elements are compromised, they can’t simply be changed to ward off hackers. This data could be used again by a hacker after a breach, in a wide range of applications.
Additionally, let’s say a user engages voice recognition for authentication. If they are sick and become hoarse, or sometimes even if they’re in a loud area and can’t be heard very well, the recognition may not work. While having a password as another authentication step may resolve this situation, users may become frustrated when the technology doesn’t provide the desired result.
Another possible downside of voice authentication specifically was shown in an experiment conducted by a BBC reporter. The reporter’s twin brother was able to use his voice to successfully log into the reporter’s bank account after a few tries.
Because biometric security is still a fairly recent development in the big picture of technology, it may be best used as part of a multi-factor authentication process. However, there’s no doubt that these issues will continue to be addressed—and the use of the technology will expand to make systems and applications more secure.