It wasn't that long ago that fingerprint scanners and face recognition technology were exclusive to spy movies and fictional spaceships. Now, this kind of technology is in most of our pockets. There is an aesthetic appeal to biometric security measures, but are they anything but superficial?
When companies tie our accounts and devices to our physical bodies, does this pose a security risk? Does that mean they won't replace traditional passwords? Exploring the science behind biometric technology helps us understand how it works and whether or not we should trust it.
What Is Biometric Technology?
As the name suggests, biometric technology refers to tech that identifies you through biology in some way. It almost sounds like some mad science experiment, but it’s much simpler than you think.
It means that instead of using a passcode, you use something tied to your physical existence. There is nothing new about some parties using our biology as a tool to identify us.
When someone commits a crime or wants a certain career (especially in the military or with children), biometric identification is a huge part of the process. Medical records of teeth imprints help identify Jane and John Does, hair follicles at the scene of a robbery help catch criminals, and fingerprint records are routine for government employees.
Newer technology brings these once-exclusive identification techniques to everyday devices.
You probably already use biometric technology regularly. One of the classic examples is fingerprint recognition, the first successful kind rolled out to a mass audience.
In recent years, our capabilities expanded to encompass much more than this in modern devices. While fingerprint readers were standard in many smart devices for some time, Face ID and voice recognition technology made their way to mainstream technology.
This trendy way of identifying people may also run deeper than these basic recognitions. Technically, biometrics also include things like DNA, blood, saliva, and eyes (the iris and retina), although face recognition technology and fingerprints scans are the most common.
We are probably a long way away from using finger pricks and eye scans just to use our everyday devices, though.
Will Biometric Technology Replace Traditional Security Measures?
Biometric technology is everywhere and has been for some time. It's an effective technology that has a chic appearance people desire. Most new electronics integrate it in some manner.
It certainly streamlines processes and adds an extra feature of convenience to any device use.
It’s a lot faster to scan your face or give a voice command rather than having to type a password in. These biometric features also help people who tend to forget any of their saved passwords. Instead of relying on memory, it just uses your body (and it’s hard to leave your fingertips or face behind!).
While they became rather “standard” features, biometric technology will likely not completely replace all security measures anytime soon. It’s a great tool to use in combination with other existing features; however, biometric tech has some limitations that don’t make it a total substitute for passcodes.
Are There Security Risks to Biometric Technology?
Depending on the type of biometric technology used, these systems do have security risks.
There is a big joke that anyone who uses those photo editing apps or genetic tests gives their information over to the government (sometimes even paying to do so). Unfortunately, this is a real risk. If you use something like facial recognition scans, this could be a reality—depending on the device.
Why? Because this data has to be stored somewhere, whether it be locally, i.e. on said device (as is the case on Apple devices using Face ID), or in a cloud system. Fortunately, information is generally encrypted and otherwise secured. These systems are difficult to hack, but it can (and has) happened.
There are governments allegedly using biometrics for surveillance. The more we use and perfect the technology, the closer we get to living in an episode of Black Mirror.
It’s also not impossible for someone to hack into these systems and use your biometric data with malicious intent.
What Is Biometric Spoofing?
Presentation attacks refer to attempts to trick biometric systems. They refer to every instance from people trying to unlock accounts that aren’t theirs to individuals growing out facial hair, mutilating their fingerprints, or wearing obstructive prosthetics to escape successful facial recognition.
Spoofing is a particular type of presentation attack where someone interferes with biometric systems to try to unlock them through impersonation. By “impersonation,” we don’t mean trying to dress up like you, although someone who looks a lot like you to begin with, like a sibling, might be able to crack it this way.
More often, spoofing involves using other measures to get past security systems. An easy way someone may do this is to use an image or video of you when trying to unlock your device.
Theoretically, it is easy to print out a picture of someone from the internet instead of learning their passwords. In practice, this is difficult as many algorithms combat this by taking deep 3D scans.
Another more involved technique someone may use involves making a cast out of someone’s finger and using this prosthetic in fingerprint scans. People can cast fingerprints into clay and successfully do this.
Is Biometric Tech More Secure Than Traditional Passwords?
While there is the risk someone can trick a system with spoofing, it is still pretty difficult. Biometric technology isn’t 100 percent foolproof; however, it is much more effective than traditional password logins.
Deciphering someone’s password or pin code is possible for a trained, dedicated hacker. Even if you take measures to ensure that you come up with a secure passcode, there are programs and machines that scammers use to obtain the information anyway.
It is certainly a great additional layer to add to your already existing security measures, but it's important to point out that biometric measures are not flawless. If you have to wear a mask in a supermarket or end up with a cast over your hand, you need a backup so your phone does not lock you out. It’s also a nice backup in case the scanners or cameras break.
Should I Trust Biometric Technology?
Biometric security measures are very effective and offer an additional level of safety for all of your devices. While they probably won’t completely replace passcodes and logins, they are a great feature that streamlines device usage.
Combining traditional measures with modern biometric technology is the best way to prevent others from using your smart devices without permission.