The Future of Biometrics: Reality Versus Hype

Dana Shalev of NICE discusses the future of biometrics systems and contact centre security.

The use of biometrics has found its way into many aspects of our daily lives and is slowly spreading to places we hardly considered before.

The intent of biometrics is to identify a person in a way that is 100% accurate and cannot be stolen or compromised. Some biometrics, such as fingerprint recognition, have been in use for years.

Newer biometrics, such as retinal scan and capillary mapping, were only possible once technology advances made these authentication applications feasible.

Clearly, biometrics provide a superior way to accurately identify the individual. However, one of the most important questions to ask about biometrics is not how the technology works, but rather, what happens in cases when it doesn’t work?

Most biometrics are not absolute measures but involve a statistical process to determine a 100% match. Consider a voiceprint that was recorded in a quiet room on a day you were healthy.

Will your voice still match the print if suddenly you are hoarse or have a cold? Do you risk not being able to access your bank account until your voice returns to normal?

Can a person who mimics voices (and some people are very good at this) fool the system? Similar questions can be asked of other biometrics.

The question then becomes: what is the future of biometrics? Can businesses, governments, and social organizations rely wholly on biometrics for personal identification and authentication or do we need some old-fashioned fallback measures as well?

First let’s take a quick look at the biometrics currently in use.

The Future of Biometrics: What Measures Are Currently Available?

Here are some of the biometric technologies that are taking over identification and authentication processes in many industries because they provide both security and convenience.

Fingerprint recognition: digitized fingerprints are easy to capture and use. This very popular biometrics method has established a track record for fast and accurate authentication.

Vein recognition: identifies the unique pattern of veins in a person’s finger or palm. Requires big equipment and in-person enrolment.

Finger/palm geometry recognition: uses 3D geometric features of the fingers or hand, which are unique to each person. Requires big equipment and in-person enrolment.

Face recognition: Employs computer algorithms and 3D sensors to recognize a face by measuring the relative position, shape and size of eyes, nose, cheeks, jaw, etc.

Iris recognition: Scans the complex colour and line patterns in the iris. Iris scanners are now available on mobile phones and require “live” scanning so it cannot be spoofed.

Retinal scanning: maps the unique pattern of blood vessels in the retina. Requires special lighting and scanners to see the retina and is quite expensive to implement.

Voice recognition: creates a voiceprint of the unique audio characteristics of each person’s voice. Widely used in call centres. No special equipment is needed to enrol, and location doesn’t matter. From a consumer perspective, it strikes a very good balance between convenience and security.

Behavioural biometrics: employs big data and machine learning technologies to analyse a rich mix of personal behaviour and device characteristics to create a unique “user” profile.

This innovative approach recognizes user patterns such as how keystrokes are made on a phone or tablet, how a mouse is used, the way a signature is written, and even a person’s gait.

Will the Future of Biometrics Bring Us a Better Future?

Like any emerging technology, biometrics offers numerous benefits and also raises legitimate concerns. On the plus side, biometrics frees consumers and businesses as well as citizens and governments from the burden of constantly having to prove that you are who you say you are.

Biometrics opens the door to a password-free, key-free, and PIN-free world where all you need to do is speak, look, or touch in order to be identified and verified.

Since biological characteristics are unique to each individual, they cannot be easily forged or stolen. And to protect against possible spoofing (voice mimic, face photo), many biometric systems require the authentication scan, imprint, conversation to be “live.”

In short, biometrics is a better and, in the long run, a more efficient way to verify a person’s identity and assure access security.

For example: Business offices, factories, and educational institutes are using biometric attendance systems to track employee clock-in/out time. With biometrics, buddy punching (when a co-worker clocks in/out on your behalf) and timesheet manipulation are no longer possible.

Casinos are employing face recognition to monitor people as they enter and leave the property. Known trouble-makers or banned gamblers are identified the second they step across the threshold, so security wastes no time in escorting them off the premises.

Banks and financial institutions are one of the biggest beneficiaries of biometric technologies – or should we say, their customers are. Biometrics makes identity theft impossible while eliminating the need to remember passwords, PINs, and security keys to authenticate customers and process their transactions, whether online or on site.

Hoteliers are dramatically improving the customer experience by offering keyless and card-less access to hotel rooms. Guests biometrics are enrolled at check-in (fingerprints, handprints), eliminating the frustration of lost keys/cards and the need to store extras.

These are just a few example of the benefits and efficiencies that biometrics brings to our lives.

Legitimate Concerns About the Future of Biometrics

While biometrics are being used by many industries for a variety of customer security and authentication purposes, is biometrics technology truly foolproof and ready for widespread or even global implementation?

For example, if airports in the USA adopt biometrics to process travellers, will that ultimately require all airports to implement a standard solution? Today, there is no standardization in biometrics.

So we return to the question we asked at the beginning. Can businesses and governments rely on biometrics alone, or will biometrics be only part of an identification/authentication process that also uses fallback technologies and manual methods to handle false negatives and false positives?

The complexity and social impact of using biometrics technology to identify and authenticate people should not be underestimated.

Likewise, it is imperative to assure that biometric data is secure and protected from abuse and misuse at all points – collection, processing, storage and access. Are today’s data security tools and IT technologies up to the task?

Can we assure that biometrics data will be used for personal security and will not be applied to personal surveillance?

We must bear in mind that evolving technologies are vulnerable to errors, and biometrics in particular can be tricked and manipulated by artificial intelligence. These are legitimate concerns that deserve widespread discussion and resolution.

Despite the potential drawbacks, it appears that the future of biometrics is full steam ahead. With that in mind, in behooves us all to move ahead strategically and comprehensively to ensure that the biometrics technologies we deploy truly deliver better security for individuals and businesses.