What are the biggest misconceptions about biometrics?

For access control, a big misconception around Facial Recognition is that it must be an invasion of privacy. In truth, a correctly implemented system stores opt-in face data securely on the company’s infrastructure. It is not shared. The face data is a mathematical representation, not a photo, which makes it meaningless to any system not tied to the internal company database. Another misconception is that facial recognition can be easily fooled by a picture or video. A system like SAFR can analyse texture and context, based entirely on the RGB visual spectrum field to determine liveness. Our access control device includes a second layer of liveness using 3D data from a structured light projector. Although some facial algorithms have been shown to exhibit bias based on skin tone, not all of them do. It’s important that people seek out facial recognition systems with the lowest possible bias scores from reputable organisations like NIST.

One of the biggest misconceptions surrounding biometrics is that biometrics is too difficult to implement because of consumer privacy concerns. The impact is that companies are apprehensively deploying the technology to solve their business use case and forego the immediate benefits that biometrics brings to verifying a person’s true identity. The same privacy frameworks that apply to any IT system that collects personal data also apply to biometrics. Solutions use privacy impact assessments to classify the sensitivity of biometric data, ensure they obtain consent to use the biometric data, determine if it should be stored, for how long, who has access to it, and how it is removed. Additionally, companies ensure they are ethically sourcing training data for AI and machine learning algorithms used to advance the accuracy and PAD detection of their biometrics. Transparency by companies in disclosing how they use biometrics and protect data is an important factor in alleviating privacy concerns.

Biometrics have made great strides in the last few years as a more advanced and safer authentication method than the use of PINs, passwords and cards. However, when required to provide biometric information, users often worry that their information is being stored as an actual image that could be easily hacked and used to impersonate their information. Because biometric data is stored as a template in binary code rather than an image, it makes hacking considerably more challenging. People also worry that physical changes such as aging, facial hair, etc. will lead to false reads. Significant changes to a person’s biometric markers occur over long periods of time, and as most users are authenticating regularly, small changes in their features will be noted and updated by the algorithms. Biometric technology has huge potential, so it’s important to dispel misconceptions about privacy breaches, accuracy levels and security risks.

Low trust, privacy invasion, and long-term practicality are some of the biggest misconceptions for biometrics authentication. However, Gartner predicts greater adoption of biometrics, especially in supporting access via mobile technology. Biometrics can be an incredibly safe method of authentication as users can quickly and securely log on to different workstations and devices simply by touching their finger to a scanner, rather than managing passwords, logging on multiple times throughout the day, and waiting to gain access to applications and data. Biometrics solutions also give users an unprecedented ability to move between points of work – an increasing demand as more jobs become remote. In regulated industries, like healthcare or banking, biometric solutions can enable companies to comply with HIPAA and FINRA password policy regulations, minimising calls to the help desk, and realising substantial cost reductions.

Over the last few years, biometrics has taken great strides in the security industry. Fingerprint and facial recognition have replaced PINs and passwords as a popular verification form. Over the last couple of years dealing with the pandemic, anything that is completely hands-free has gained some traction. We have also seen a shift in organisations using biometrics in tandem with access control solutions. One common misconception about biometrics is how they are stored and used. While many think the actual image is stored (for example, the fingerprint or iris), it's the encrypted biometric template that is stored, making the chance of risk much lower. Another misconception is that biometrics are unreliable because of people's changing features throughout time. This is also not the case. Biometrics create a safe, streamlined, and scalable way to deliver access and verification, and we will continue to see its use throughout the security industry for years to come.