Sidebar
4-3: Biometrics: Ready for Prime Time?
Biometric authentication is a strong
technology, certainly far superior to the password approach that is by far the
most common form of authentication. The technology is mature, products exist,
standards define products' interfaces, reliability rates are acceptable, and
costs are reasonable. Why then is use of biometrics so small?
The reason seems to be user acceptance.
Few rigorous scientific studies have been done of users' reactions to
biometrics, but there is plenty of anecdotal evidence.
In perhaps the biggest commercial use of
biometrics, Piggly-Wiggly supermarkets tried to encourage its customers to use
a fingerprint technology to pay for groceries. The primary advantage for
Piggly-Wiggly was cost: By speeding its customers through the checkout process,
it could serve more customers in a fixed amount of time with no additional
staff, thereby reducing cost. Bonuses were strong authentication reducing the
likelihood of credit card or check-writing fraud (saving more money) and being
able to track customers' buying habits. The stores did not anticipate the
negative customer reaction they got [SCH06a]. Even though the reactions
were to psychological perceptions and not technological deficiencies, they help
explain why biometric authentication has not caught on in voluntary settings.
Some
customers did not like the idea of registering and using their fingerprints
because of the association of fingerprints with law enforcement and criminals.
Others feared that criminals would harm them to obtain their authenticators
(for example, cutting off a finger). And still others cited Biblical concerns
about the "mark of the devil" being imprinted on the hand as a
precondition to purchasing.
In other settings, people question the
hygiene of pressing a finger onto a plate others have used. And others resist
having their biometric data entered into a database, for example, by having a
picture taken, citing fears of losing privacy, either to the government or to
commercial data banks.
Prabhakar et al. [PRA03] list
three categories of privacy concerns:
Unintended functional scope. The authentication does more than
authenticate, for example, finding a tumor in the eye from a scan or detecting
arthritis from a hand reading
Unintended application scope. The authentication routine identifies
the subject, for example if a subject enrolls under a false name but is
identified by a match with an existing biometric record in another database
Covert identification. The subject is identified without seeking
identification or authentication, for example, if the subject is identified as
a face in a crowd
All these concerns arise from a subject's
having lost control of private biometric information through an authentication
application. People may misunderstand or overestimate the capability of
biometric technology, but there is no denying the depth of feeling. Even when
Piggly-Wiggly offered free turkeys to people who enrolled in their biometric
program, the turnout was meager.
Thus, for a wide range of reasons, people
prefer not to use biometrics. Unless and until human perception is changed,
biometrics will achieve wide acceptance only in situations in which its use is
mandatory.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.