The very word ‘biometric’ still sounds quite cutting edge, even though businesses and governments have been trying to develop the technology into a workable – allegedly fool proof – means of identity verification for over two decades. The overwhelming majority of businesses and organisations still rely upon an ID card having a recent photograph and signature that can be compared to the person standing directly before the security official, or scanned and logged by machine. Despite huge technological advances biometric ID cards are still in their comparative infancy, given a number of inherent problems within both the theory and application of the technology in the real world.
In theory biometric ID cards are more secure and convenient than traditional ID because each card will incorporate a data chip upon which is stored one or more physical attributes unique to the user. Quite which physical trait is recorded varies depending on the needs of the operator, but most commonly they tend to be full hand or finger scans, retina and iris imaging, and some even go as far as to use DNA or voice waves. The idea is that this form of identity verification is far harder to break or emulate than traditional ID cards because they contain information that is extremely difficult, if not impossible, to copy or defraud.
For the element of additional security that they offer, plus in some cases the speed at which they can process and scan large numbers of people at a time, there have been a number of cases where biometrics are now being incorporated as standard into ID cards. Good examples of governments adopting the technology would be the Dutch and Spanish who use biometrics to support their border control and social security respectively. However the use of biometrics by businesses is at present largely the preserve of large corporations in the USA who are keen to ensure that their products and strategies are protected from any potential industrial espionage.
Outside of the States biometric ID is used by businesses but it’s currently rare to find such features rolled out across all of the cards held by an entire workforce; typically only those with privileged access to sensitive data or the areas where it is held have biometrics implanted upon their ID.
Biometric technology clearly has its uses for organisations requiring that extra level of security, but it is in terms of mass use of such systems where the practicality becomes slightly more questionable. Many banks have trialled using iris scanning with their ATMs to speed along the service, and others have tried finger print scanning as another layer of defence against fraud. Generally these have had positive outcomes – but the technology tends to only be almost perfect – there are still examples where people have been unable to use the service because they may have developed a cataract, or have a cut on their finger tip. Until such issues are accounted for, it is unlikely that organisations such as banks will comprehensively and exclusively roll out biometric features on their standard products.
Herein lays the key flaw with biometric ID cards. The technology has to be adaptable for the many ways in which the identifiable characteristic that determines the verification process can be altered or changed. Connected to this is the conundrum of what happens should the biometric security be broken?
This is the great paradox of biometric ID cards – unlike passwords, photographs or signatures a person has only one shot at creating a biometric profile, they cannot change fingerprints, irises or voice. If the system is hacked and the information held centrally about the individual stolen, or altered, then there’s no practical way that the person can re-register securely upon the system using the same credentials. There’s a number of ways that biometrics could potentially be compromised – the use of masks, false fingers and voice recordings may sound like something out of a bad sci-fi thriller but all have been shown as capable of fooling unmanned biometric devices.
More likely the risk would stem from the information used to verify matches being held or communicated online, and for businesses this is a particular worry for few have the defensive capacity of governments or larger corporations to stave off a determined hacker. The theft of such information could have huge repercussions not just for the security of the business, but also the personal data of the individual. Having a record of someone’s DNA, fingerprints, hand scan, vocal tone etc. could offer huge potential for personal fraud.
It’s almost inevitable that biometrics will eventually become the norm, but not until the security is smarter than those who would seek to exploit its limitations. For now businesses would be well advised to continue using high quality ‘traditional’ ID cards incorporating a full range of security features so they can monitor access and movements where necessary. Businesses looking to source the very best materials should take a look at exceptional quality and large range of ID Card Printer Ribbons from Digitalid.co.uk.