Can biometrics really protect us? And what are the benefits of new technology?
Tune in to the discussion between Luc Jones, partner at Antal, Russia’s leading recruitment company and Max Snijder, Managing Director of European Biometrics Group.
Rapid internet growth and our online activity make us vulnerable and unprotected at times. Identity theft and data hacking are the issues of grave concern for many companies and individuals worldwide. Can a biometrics system, based on unique characteristics of an individual, prevent such crimes from happening?
Can biometrics technology give us the security we need?
Max Snijder: It depends on what kind of security you need, but in general you can say that biometrics can provide a strong authentication in addition to a pin-code or a token, or can be used for establishing or verifying identity through an identification process. So, in general, the answer is – yes.
Luc Jones: I think it is great, on the whole. Unfortunately, you probably are never going to have a perfect system and somebody is always going to look for a breach somewhere to compromise it. Part of the problem is not just the technology, but the people using the technology.
The people who are for it will say – well, if you are a low-abiding person, you have nothing to hide, then you have nothing to worry about. The opponents will say that when you give people access to authoritative power, they will always abuse it and regardless of how good the technology is, you can never be 100% sure that somebody within one of the law enforcement agencies doesn’t use this for personal gain or outside of their professional day-to-day work. And this is usually where the problems come.
Aren’t we getting a Pandora's Box here?
Max Snijder: To be honest, I think yes. The problem with biometric data is that you cannot make it a secret, because you are walking on the street with your face in the open. Biometrics can be captured on a distance without knowing: the way you walk, your face, your eyes, even fingerprints can be captured by cameras on 3 meters. That is nice for the convenience, but for the people walking around – they don’t know if their biometrics are captured or not anymore.
The fact that biometrics cannot be considered as a secret gives a legal problem: can you call it a sensitive data that needs the protection accordingly? That’s the problem – biometrics becomes sensitive if you use it in a sensitive way. So, it indeed comes back to the way it is being used and the way there will be transparency on this use, and the way there is accountability when it is misused.
Then, why do we need to switch to biometrics?
Luc Jones: One of the reasons why these things are being invented, it is partly security and it is partly convenience. As usual, there is a balance between convenience and security. And in the end, you’ve got to decide what is for you.
We age, our facial expressions change over the years. Do you think the system will still be able to recognize you as you?
Max Snijder: Yes, but there will always be a potential chance that there is a failure. It is called false rejects rate and false accepts rate, you will always have this with biometrics. But the point is that for certain things there are no alternatives. For example, if you use biometrics for establishing an identity, you have nothing else but a fingerprint. We have to make a very big difference between using biometrics for establishing identity and verifying it.
Most of the commercial applications you see are to verify an identity. So, you use it with a token and that is a completely different story, there the risk profile is much lower. But using only biometrics on a large scale is a difficult thing.
Are we going to be less vulnerable with the biometrics technology?
Max Snijder: It depends on how you use it. Just like the nuclear technology – you can use it to make bombs and make war or to make energy. Technology is neutral, you just have to use it properly. We, people are so happy to get all kinds of apps and stuff for free, that we don’t look at privacy statements. We don’t look at what we are giving away when we are downloading a stupid app for a smartphone. You are not interested that you give away your phonebook, you agenda, your incoming calls or IDs, your location, everything is being given away and nobody cares.
Luc Jones: Exactly! I've heard of people’s homes being burgled where they’ve put a statement on Facebook – I'm going off abroad on vacation for two weeks. And it is pretty simple. You don’t need to be an Internet genius to work out where that person lives. The joke used to be, you know, if you went on a guys’ weekend to Vegas, it was – what happens in Vegas, stays in Vegas. Nowadays it is – what happens in Vegas stays on YouTube. And I have some buddies back home who will not use Facebook or anything like this, but if somebody else does, then you can still be on there without even knowing it.
Apart from special services, who is interested in this information?
Luc Jones: When you put it altogether, it is all about targeted marketing. The companies now have segmented the market very clearly and they want to make sure they are targeting the right people with the right products. And they are prepared to pay a lot of money for this information.