Part 1 of this series was an introduction to the social impacts of biometrics.
The overall perception of biometrics
One of the biggest factors that affect the social acceptance of biometrics is the overall perception which is held as to how a specific modality looks like and appears at first sight. This topic actually fits into a scientific realm of study known specifically as “human factors.” This can be loosely defined as “…the scientific discipline concerned with the understanding of the interactions amongst humans and the other elements of a system…” (Source 1).
In the biometrics industry, especially here in the United States, there is enormous pressure on the vendors to create the fastest and the most robust mathematical algorithms possible. Usually, much more emphasis is placed on speed, rather than placing equal, if not more emphasis as to how the end user will initially perceive a biometric system and how they will interact with it.
In other words, the biometric vendors are much more concerned about the theoretical aspects of a particular modality which they are designing, such as the metrics and Key Performance Indicators (KPIs) against which it will be evaluated against.
Much less emphasis is placed on determining how easy it will be for the end user to complete both the enrolment and verification processes with this modality. Also, very little thought is usually given as to how the external factors from the outside environment will affect the end user perception of the device.
Thus, it is very important for the biometrics industry to keep in mind that while achieving faster enrolment and verification times is critical, it is just as important to consider the human factor variables as well when developing and creating a new biometric modality.
There is now a recent movement to adopt this two-pronged approach, and it is defined as the “total biometric system performance.” It is defined as the “…integration of biometrics into broader processes and should be borne in mind when considering the development of such applications”. (Source 2).
As it has been stated before, the primary objective of biometric technology is to provide a means in which to confirm the identity of an individual based on their unique physiological or behavioural traits. There is a lot of information and data which goes into the process of meeting this specific objective, and this type of metadata are stored in the databases in either the modality itself or a server.
But there is also that chance that all of this could be used for other tangential security reasons, either intentionally or unintentionally.
This scenario of actually occurring has caused a great fear amongst the American public because it will never be known to them if their respective biometric templates will be used for other covert reasons. This phenomenon is known specifically as the “function creep.”
This is also known as a spill over effect, and it can be specifically defined as “…the expansion of a process or a system, where data is collected for one specific purpose is subsequently used for another unintended or unauthorised purpose” (Source 3).
For example, if a fingerprint recognition system was being used in a physical access entry application at the main point of entry, the same biometric templates could also be used for same individuals at another point of entry.
Although the management team may view this as being advantageous, regarding a being a cost savings move, the repercussions that exist from this covert usage can be detrimental, if the end user population discovered this.
The function creep phenomenon can arise from three different sources:
- An absence of policy
A formal lack of a security policy that details how biometric templates and their corresponding metadata can be used is probably one of the biggest reasons why function creep exists in the first place. After all, without a system of accountability in place, the urge to misuse the biometric templates and use them covertly for other applications can be very strong.
- An unsatisfied demand for a particular business function
Using the example of the fingerprint recognition system, there are times when this modality will simply not perform up to its expected performance standards and respective KPIs. As a result, the management team of the corporation or business will want to replace this modality with a newer one. But rather, than deleting the old biometric templates from the earlier modality, and having the employees re-enrol again with the new modality, there will be a strong tendency to just literally “recycle” the old biometric templates into the newer system. This example of covert usage is also known as “unsatisfied demand” because the older modality did simply do not operate to what promised by biometrics vendor.
- The slippery slope effect
This kind of trend can occur in one two ways. First, the function creep can transpire very slowly, over an extremely long period of time. This could happen as a result of minor changes or “tweaks” being made to the specific modality at a gradual pace. Second, the function creep can happen just all of a sudden. This type of specific instance is rare and only occurs when the stakeholders involved in the original procurement and deployment of the biometric system have an ulterior motive or hidden agenda in place.
In summary, this article has reviewed some of the major social implications of biometric technology. There appears to be more of a negative perception of it in the developed countries (such as the United States) when compared to the developing nations, for reasons previously cited.
There have been efforts to close this widening gap, by developing and implementing a system of standards and protocols which can be used worldwide.
But in the end, it all comes down to how the end user perceives a biometric modality. If from the outset there is resistance to it, there is very little that can be done to change the mindset of the end user population. All that can be done is to provide an extensive training programme in which to enhance the acceptance of it.
Even though the growth rate of biometric technology is expected to increase overall in the coming future because of the threat of cyberattacks, the social implications which are associated with it will never change. The public will always keep questioning the merits of biometrics, which to a certain extent is good.
But if carried too far, it can greatly impede its overall acceptance rate and even have a deteriorating effect on the benefits it brings.
1. Licht, D.M., Polzella, D.J., and Boff K. Human Factors, Ergonomics, and Human Factors Engineering: An Analysis of Definitions, 1989.
2. Maghiros, I., et al. Biometrics at the Frontiers: Assessing the Impact on Society, 2005.
3. Stewart, T. Biometrics and the End User Experience, System Concepts, 2015.
Ravi Das is a Cybersecurity Consultant and Business Development Specialist. He also does Cybersecurity Consulting through his private practice, RaviDas Tech, Inc. He also possesses the Certified in Cybersecurity (CC) cert from the ISC2.