The (brief) skinny on biometrics

Why go to the trouble of remembering a PIN when you can just swipe your finger, open your eyes wide, or even submit your DNA? Unfortunately, like a set of keys or a mislaid password, biometric security has plenty of loopholes, not to mention serious privacy concerns.

In general, any system that uses unique physical characteristics to check your identity qualifies as a biometric, including fingerprint scanners, facial recognition, hand geometry, voice recognition, and iris readers (remember in "Minority Report," when everyone's eyes were scanned practically everywhere they went?), and retinal scanners. 

Proving you're you, no PIN required

That's not all: other emerging biometric systems could measure your gait, track your mouse and/or keystroke gestures, check your DNA (ouch), zoom in on the veins in your hand, and even sniff your odor—all in an effort to verify that you are, in fact, you.

Biometric security systems are already widely used—for example, plenty of laptops come with built-in fingerprint readers that you swipe while logging in. (And when you think about it, Columbo employed biometrics every time he dusted for prints.) Meanwhile, other uses are still on the drawing board, such as fingerprint readers at checkout counters for verifying credit-card purchases, face recognition at ATMs, iris scanners at airport security checkpoints, and voice recognition for calling your bank. Gone could be the days of being locked out of your account because you forgot your secret code.

Swiping your finger at an ATM or to open your front door may be easier than, say, memorizing a PIN or remembering to bring your keys, but biometrics is by no means foolproof. Faulty scanners could misread your thumbprint, or a raspy throat could keep a voice recognition system from properly IDing you.

Easy target for identity thieves?

Another big concern, of course, is security. Consider, for example, that we leave our fingerprints everywhere—on tables, doorknobs, drink glasses, you name it. A clever identity thief probably wouldn't have too tough a time snagging your fingerprint—and unlike a PIN, which can be changed in the event of a security breach, you're stuck with the fingerprints you were issued at birth.

That's the theoretical bad news about biometrics; the good news is that bleeding-edge biometric sensors are so precise, identify thieves would have a hard time getting a usable sample though casual contact. Let's take fingerprint readers again: the latest scanners actually detect the pores of your skin as well as your fingerprint, meaning that prints lifted off a coffee table or a glass would have a tough time passing muster.

That said, if we know anything about identity thieves, it's that they tend to find a way, and that leads to another serious worry about biometrics: privacy. Sure, it's great that, say, thumbprint readers are so good at scanning every nook and cranny of our fingertips, but where will our scanned thumbprints (or iris readings, or voice scans) be stored? Will the samples be secure? And what are they being used for?

Is Big Brother watching you?

Take, for instance, the FBI's planned, $1-billion database that's slated to store a potpourri of biometric data: everything from fingerprints and DNA samples to three-dimensional facial scans and even tattoos. Yes, the new database will make it much easier to track down criminals; however, privacy advocates worry that such a massive biometric storehouse could also be used to track our every move.

Another growing issue is the use of biometrics for border security. U.S. border agents have been scanning the fingerprints of foreign visitors since 2004, and the EU just announced a plan to begin scanning the fingerprints of all non-residents (the plan could be fully implemented by 2015, according to Time). The idea is to keep tabs on foreign visitors and, hopefully, thwart potential terrorist attacks.

But many wonder if compiling a massive database of fingerprints will really do anything to bolster security. "Fingerprints are a very good means to identify people, but the question is who will have access and for what purpose," said one EU police official quoted in the Time story.

Spooky stuff, indeed, but biometrics has plenty of promise, as well—just imagine making a purchase with the swipe of a thumb, or cruising through security at the airport without having to kick off your shoes. The trick, of course, is ensuring that privacy concerns and basic civil liberties keep the same, rapid pace as biometric technology.

Related:
Biometrics: Who's Watching You? [Electronic Frontier Foundation]
Biometrics touted as key to stress-free flights [ZDNet]
Biometrics entry [Wikipedia]