It’s time to dispel the myths and misconceptions surrounding biometrics, says Lina Andolf-Orup
Gangsters cutting off enemies’ fingers to access secret locations and spies lifting fingerprints from Martini glasses – Hollywood’s imagination has run wild since biometrics entered the scene.
Many consumers still believe that biometric solutions have the same limitations as 15 years ago. The result is an apprehensive and uncertain public.
But the industry has made great strides – particularly with smartphones. Fingerprint authentication has replaced PINs and passwords on mobile phones, with 70 per cent of shipped smartphones now featuring biometrics.
Many adjacent markets are eager to benefit from the secure and convenient authentication solutions that biometrics offer. Take the payments industry, for example, where biometrics payment cards are now gathering momentum.
Yet consumers remain sceptical. The Paysafe Group conducted a study last year showing that 56 per cent of US and EU consumers are concerned about the switch to biometrics as it is not enough understood to be trusted.
Although attitudes are shifting, there is still work to do to disprove common myths and showcase just how smart today’s solutions really are.
To help bring an end to the myths, let’s expose some of the most common misconceptions around biometrics.
Myth: Biometric data is stored as images in easy-to-hack databases
A top myth about biometrics is that when a fingerprint is registered to a device, it is stored as an image of the actual fingerprint. This image can then be stolen and used across applications. In reality, the biometric data is stored as a template in binary code – put simply, encrypted 0s and 1s.
Storing a mathematical representation rather than an image makes hacking considerably more challenging. In most consumer applications this template is also not stored in a cloud-based location – it is securely hosted in hardware on the device itself, for example, in the smartphone, in the payment card. Thus, it stays privately with its owner.
Myth: Fingerprints can be replicated to ‘trick’ devices
The internet is full of articles and videos that claim it is possible to use materials from Sellotape to gummy bears to craft fingerprint spoofs and access biometric systems.
Although there might have been a time when gummy bear spoofing was the go-to party trick, today’s consumer biometric authentication solutions have too many technological defences, such as improved image quality and matching algorithms, to simply ‘trick’ devices.
To add to this, the criminal needs to have access to the person’s device where this fingerprint is enrolled, for example, a smartphone or payment card, before they notice and block it. This is not scalable or common in comparison with gaining access to someone’s PIN code or skimming a contactless card.
Myth: Physical change will prohibit access to my device
Although our irises don’t change as we age, our fingerprints can and our faces do. Does that mean we have to update our biometric devices every few months to capture these changes? Not quite. Unless there are drastic and sudden changes, the ‘self-learning’ algorithms in modern biometric systems are able to keep up with our developing looks.
These are just some of the common biometric myths and misunderstandings perpetuating in consumer mindsets. Fortunately, however, while we are working hard to rid the world of the myths, belief in the value of biometrics is only expected to grow.
Lina Andolf-Orup is head of marketing at Fingerprints