This article by Larry Alton discusses the benefits and potential weaknesses of biometrics to secure digital devices. I have been using biometrics on my smartphone, laptop, and tablet for a number of years now. I use a thumbprint on my laptop and tablet. I prefer the higher security offered by biometrics, but the thumbprint can be a bit of nuisance at times, as I often have to swipe my thumb more than once. If there is any moisture on your skin (e.g., hand lotion, water, etc.), the scan doesn’t work; similarly, if you swipe too slowly or quickly, the scan won’t work. I’ve recently switched to iris recognition on my smartphone and much prefer this method, as it is very quick; much faster than a thumb swipe, and it took two seconds for the smartphone to register the irises. Registering a thumbprint takes much longer, as the scanning area on the smartphone is very small. Unlocking via iris scan is faster than entering a password. Alton’s list of benefits and weaknesses follow below:
The uniqueness of the signature. Instead of memorizing an exhaustive list of passwords or carrying around specific paperwork to prove your identity, you simply provide a smile, an eye, an ear, or a fingerprint, which you have with you at all times.
Accuracy. The latest comprehensive study of fingerprint technology found that single-finger tests were correct 98.6 percent of the time, with two-finger tests getting 99.6 percent accuracy and 99.9 percent accuracy for four-finger (or more) tests.
Cost. Though the cost of setting up a biometric system may be expensive, the long-term costs of management are much lower than those of conventional systems.
Device limitations. Right now, the most convenient and portable device we have with biometric capabilities is the smartphone, but the smartphone has limitations. It has a small fingerprint scanning area, so it only takes a partial fingerprint. (NB. See my note above about why I’ve switched to iris recognition).
Modifications. Biometrics rely on the permanence of your features, but what if those features change? What if someone obtains a copy of your features? It may be hard to replicate your iris, or the shape of your ears, but if someone does, it’s virtually impossible to modify what you already have as a measure of security.
Resets. If you want to verify your identity after a thief has stolen your biometric information, you’ll need to do it in person, and by that time, the damage may be done.
System limitations. Biometrics still rely on databases, and databases are vulnerable. If and when someone finds a way into the system, whether it’s through a brute-force hacking attempt or an employee’s weakly created password, they’ll have access to data that could be used to manipulate millions of accounts.