Science Fiction

January 16, 2023

Despite biometric technology existing since the early 90s, its overall use in the public domain has been limited, making it more science fiction than fact

For the most part, biometric technology has been used in security measures adding to the misconceptions surrounding its wider application. Over recent years, biometrics has crept more into the public domain through personal mobile security and now can be used as an analytical tool providing qualitative data to retail, digital marketing and User Experience (UX) development.

Many marketing traditionalists may underestimate the value that biometric user testing can bring. In reality, by utilising biometrics, marketers can add a whole new level to their UX insights – highlighting not just the what but also the why of a user’s journey.

Biometrics seems to be one area of technology which is set to grow and continue to see more innovations and breakthroughs in the security industry. Far from being a passing trend, it’s predicted that the biometric market will grow to just under US$60 billion by 2025. A number of biometric techniques are already being used to great success including eye-tracking, facial expression recognition and galvanic skin response, where changes in a user’s emotional arousal are monitored. This is just the beginning of a number of possibilities, with wearable tech for UX testing already in the early stages of development.

Let’s take a look at three common myths of biometrics.

1: Biometrics is expensive and is a new technology

It has been argued that biometrics can be costly. However, when deployed correctly, the benefits can be significant and can increase a multilayered security solution in most environments.

The first myth that needs to be dispelled is that biometrics is a modern-day idea. Despite its high-tech glitzy image, the principles behind the technology can actually be traced right back to Egyptian times, when workers building the great pyramids were not only identified by their name, but also their physical size, face shape, complexion and other noticeable features, such as scars.

It may have taken the next four-and-a-half thousand years to really get going, but the technology is now experiencing a “hockey stick” adoption curve with governments, hospitals, schools, airports, retail outlets and modern offices all successfully using this remarkably straightforward empowering technology.

The problem with such a rapidly emerging industry is that many people are elevated to the position of “expert”, almost overnight. This can be a particularly dangerous situation – especially when the expert used to be the company salesman or marketing executive.

This scenario has led to some of the industry’s best technological fallacies, which can either be put down to pure ignorance, or worse, the stirring up of malicious rumours in order to gain competitive advantage.

2: Reducing cybersecurity fears

As security breaches continue to hit headlines, the public has become ever more aware of the need for data security – particularly around their biometric data. Storing biometric data in a centralised database can be a challenge and a risk. In an IBM global Cost of Data Breach Report, 83% of organisations said they have had more than one data breach, putting sensitive information at risk. A common misconception is that biometric data for fingerprint payment cards is stored on a central database, which has the potential to be hacked, but this is not the case.

Instead, upon registration with a smartcard, the owner’s fingerprint image is immediately transformed into an abstract biometric certificate via encryption technology. This is then stored in the secure element of the card’s EMV chip and the owner’s data never leaves the card – making it extremely secure and reassuring.

Along with security concerns, centralising biometric data is inconvenient – requiring the user to visit a secure site to register the fingerprint to be matched to the card. Instead, with user data encrypted and stored on the payment card, the user can register their fingerprint at home through a remote enrolment process that also eliminates the risk of online hacking. The user remains fully in control of their data – a critical aspect for many consumers.

3: Fingerprints can be replicated to ‘trick’ devices

The internet is full of articles and videos that claim it is possible to use materials from sellotape to gummy bears to craft fingerprint spoofs and access biometric systems.

Although there might have been a time when gummy bear spoofing was the go-to party trick, today’s consumer biometric authentication solutions have too many technological defences, such as improved image quality and matching algorithms, to simply ‘trick’ devices.

To add to this, the criminal needs to have access to the person’s device where this fingerprint is enrolled, for example, a smartphone or payment card, before they notice and block it. This is not scalable or common in comparison with gaining access to someone’s PIN code or skimming a contactless card.

To read the full exclusive and other news stories and exclusives, see our latest issue here.