Column: Why fingerprints, other biometrics don’t work (USA Today)
The Apple announcement has pushed interest in biometrics to new heights and we couldn’t be happier. It has also given renewed attention to those who are sceptical, or even hostile to the technology. I won’t go so far as to point fingers (rubber, gummi, or otherwise) at the sources for the articles out there because they usually bring up valid points and treat the subjects in which they are interested in a holistic manner. That sometimes gets lost in journalistic translation.
Other times the breakdown happens between reporters and headline writers (see: iPhone 5S: Thieves may mutilate owners in bid to gain access to fingerprint-reading handsets, expert warns).
Concerns about biometric revocability, secrecy, and how accuracy changes with database size are valid. Unsurprisingly people interested in biometrics have been dealing with these issues for as long as biometric technologies have existed. The existence of those challenges, however, does not justify the assertion that “biometrics don’t work.” Subjected to the same standards, no security measure works. ID cards don’t work. Passwords don’t work. House keys don’t work. Police departments don’t work. Security guards don’t work.
ID and security isn’t about perfect. It’s about return on investment, or cost-benefit analysis if you prefer. We’ve covered the subject from various angles over the last few years. The piece linked below is as good a place to start as any for interested readers.
Biometrics & ID infrastructure: Perfect is the enemy of good