The following editorial was published in the latest Economist:
The ability to recognise people automatically by analysing bodily characteristics such as fingerprints, faces and eyeballs – collectively known as biometrics – has long been a goal of technologists and governments alike.
Plans for large-scale projects to incorporate biometric scans into passports, ID cards and visas are now under way in several countries. From January 5th, America will begin scanning foreigners from particular countries as they arrive at its airports. Both America and Europe plan to start issuing biometric passports as soon as next year. Biometric ID cards are being adopted in Hong Kong and Oman, and Britain plans to follow suit. Politicians seem to be transfixed by the technology.
Typical was the recent declaration by David Blunkett, Britain’s home secretary, that biometrics “will make identity theft and multiple identity impossible – not nearly impossible, impossible”. This claim is absurd. Current biometric technology is not the answer to the world’s security fears.
Biometric technology has been around for quite a while, but has not been widely adopted, for good reason: while it can improve security in some situation, its costs more frequently far outweigh its benefits. Even the most advanced systems falsely reject a small proportion of legitimate users, and falsely accept illegitimate ones.
At best, the introduction of biometric identity documents will produce a marginal increase in security, at enormous costs.
But, at worst, biometrics could, in fact, reduce security in several way. Even a system that is 99.99% accurate will wrongly finger one traveller in 10,000 as a failed match; such individuals will then be taken aside for “security screening”. Given the volume of air traffic, the incidence of false alarms will vastly outnumber the rare occasions when someone tries to subvert the system. The false alarms will either have to be ignored, rendering the system useless, or a time-consuming and expensive secondary-screening system will be needed. Anyone who want to cross a border illegally, meanwhile, will avoid airports altogether, and instead take advantage of far more porous land and sea borders. Biometrics could also undermine security by diverting funds from other, more sensible security measurers, and by providing a false sense of security. Many technologists and security experts have pointed out these drawbacks, but governments seem determined to press ahead even so. Biometrics seem to be attractive to politicians because the technology, long familiar from science-fiction and spy films, gives the impression that something dramatic is being done to improve security. Who would want to risk a repeat of the terrorist attacks of September 11th? The irony, of course, is that biometrics would have done little or nothing to prevent them. Most of the hijackers travelled under their own names, rather then on false documents.
For years, lobby groups have campaigned against biometrics on the ground that they will undermine privacy and lead to the setting up of Big-Brotherish monitoring systems by governments. In fact, there is not much danger of this happening with today’s flaky biometric technology. If and when it improves, such privacy issues will need to be addressed. But at the moment the great danger is that governments are investing too much faith and too much money, with too little public debate, in an immature technology that is unlikely to improve the security of their citizens, and could very well reduce it.
This (“The emerging use of biometrics”) from the Economist Intelligence Unit tells the story in greater detail. Here is the “Key points” summary at the top.
– “Biometrics still do not work well enough for many applications in which they are being deployed”
– biometrics have not yet spread beyond such niche markets, for two main reasons. The first is the unease they can inspire among users. Many people would prefer not to have to submit their eyes for scanning in order to withdraw money from a cash dispenser. The second reason is cost
– Governments either do not believe that the costs of biometrics still outweigh any potential benefits or, more likely, fearing more terrorism they simply do not care
– The oldest biometric is the one we use most frequently – a person’s face. But while recognising faces is something that people can do easily, computers find it very difficult
– It is only logical to expect biometric passports and visas to take a multibiometric approach
The Government Communications-Electronics Security Group, i.e. the experts at GCHQ in Cheltenham who protect the UK Government’s electronic systems are quite lukewarm as to the security and usability of current Biometric technology.
http://www.computing.co.uk/Analysis/1151175
http://www.cesg.gov.uk/site/ast/index.cfm?menuSelected=4&subMenu=4&displayPage=400
http://www.cesg.gov.uk/site/ast/biometrics/media/BiometricSecurityConcerns.pdf
They are not willing to risk their professional reputations by granting any of the Biometric technologies so called Memorandum 28 status i.e. they know that all the current technologies would fail the Memorandum 28 criteria for suitability for Government computer system use.
Today, I lost my job because I would not allow them to scan my hand. It was only a “temp” position which a temp agency had sent me to. If not a permanent employee, why the scan? One day, they line us up and take photo id’s, then the next day, they want to scan our hands. That was too much for me. Photo id, ok, scan, not!