Will we ever be able to trust biometric scanning? Part 1

Published date:

Modified date:

man using biometric scannerEvery time you unlock a smartphone with a fingerprint, you’re using biometric technology. The benefits are clear: it’s quick, reliable, and ensures no one can impersonate you to gain access to your phone.

We might be comfortable with this everyday use of biometric technology, but other applications can be controversial. For example, should shops be able to use facial scanning technology to identify banned customers?

The potential of biometrics can only be realized if people are confident that they can trust the underlying systems that curb intrusion on privacy and personal freedoms. What can you do to ensure the public is confident with the way biometrics are used?

What is biometric technology?

Biometric technology uses an aspect of human biology to identify individuals or interpret something about them. This might be a fingerprint, face, walking style, voice tone or many other different individual characteristics. Scanners gather raw biometric data, which is then processed and interpreted. For example, by matching facial scans against biometric information in a passport chip.

Some biometric data is enough to identify an individual (like a fingerprint), while other data such as eye colour or height might help to categorize a person without pinpointing their identity. Data such as gait or voice may change over time and are less unique.

The challenge of trust in biometric technology

There are limitations of biometric technology that must be addressed if it is to gain trust and be used more widely. For example, some facial recognition technology has been found to be less accurate in identifying people with darker skin, especially women, because the datasets used to train the technology had fewer faces with dark skin. Unless these issues are rectified, injustices will cause suffering and further damage public confidence and trust in the technology.

Biometric technology has been introduced in some settings to help assess personality traits, for example of job applicants. Monitoring the facial features or voices of applicants can help to identify those who are not truthful or identify other attributes such as confidence. However, as systems tend to be trained on a dominant demographic group and could miss important differences in how different individuals or communities express themselves, results are often skewed.

Barriers to trust

The scope for misuse of biometric technology is also an important concern, and a barrier to trust. For example, there are reports of biometric data being used in China to monitor and oppress the Uighur minority group through facial scanning and biometric checkpoints, limiting individuals’ personal freedom. Biometrics could also be used by unscrupulous companies or individuals for malign reasons. To build trust, it is important that clear and transparent guidelines and best practices approaches are developed and followed by organisations looking to use biometric technology legitimately.

Why standards will be a vital part of biometric technology regulation

Standards can play a vital role in fast-changing areas such as biometric technology. Innovation can be supported by setting out guidance and best practice, while also addressing issues such as interoperability and enabling a level playing field for new entrants to the market. Where an area is regulated, standards can help organizations to achieve compliance and navigate regulations more easily.

Standards that currently exist in relation to biometrics include:

We are sure to see further standards developing in this area in future. In part two of this piece, we explore the different types of biometric technology, and look at what else can be used to build trust in the technology.

Finally, if you do have any questions about existing standards, please remember that BSI members can call on the expertise of the Knowledge Centre’s information experts – just one of the advantages of BSI Membership.

 

Click here to provide feedback