Biometrics? Convenience, and the Acceptance of Risk
Will Have to Overcome the "Insecurity Factor"
if Widespread Implementation is to Succeed

By: Biff Matthews, President, Cardware International

Biometrics debuted as a payment method in 2000, with systems focusing on
fingerprint scanners that linked individuals to their checking accounts.  A person
enrolling in the system provided ID to a teller, who then entered the information
into a proprietary database, took the person’s picture and scanned his finger into
the system. The customer entered a 10-digit code that enabled the system to locate
the scan for verification.  After enrollment, the customer could cash checks and
otherwise access their funds by scanning his finger and having the merchant
scan his check.

Iterations of this system, some involving retinal scans, voice recognition, more
detailed finger scans, and signatures, have proliferated since this early example,
always with the promise that transactions, personal data, and biometric identifiers
will be protected.  But concerns over security, specifically the security of biometric
data– have stalled implementation in many markets.

Biometrics has great initial appeal – it’s easy, sophisticated, sexy – and potentially
powerful.  In some markets, customers can register multiple credit cards, checking
accounts, savings accounts - even lines of credit -  as sources for payment via
biometric ID.  Yet, truly secure biometric authentication – the one thing that
would facilitate widespread acceptance -  is illusive.

A decade ago, I had a conversation with a researcher at Battelle labs.  He was
engaged with the four credit card associations, the feds and other interested
parties in the study of signature dynamics – that is, the stroke, pressure, speed
and curvature involved in creating it.   They were considering various biometric
attributes, as well as applications across a broad spectrum, from facilities access
to the launching of rockets. 

The study also encompassed thumb and fingerprint, voice and retinal.  But it
became apparent that retinal,  fingerprint and voice could all be readily duplicated. 
The one entity that could not be adequately duplicated is the way a signature is
produced – the signature dynamic.   

That was ten years ago- before ubiquitous Internet use, and before the elevation
of hacking to an advanced science.  Hacking then was a physical intrusion –
generally a disgruntled employee or thief.  And the stakes were more modest:
systems were generally closed loops, with no wide Internet access.  And even if
there were Internet access, the quantity of data resident on those systems
was much less.  

Today, open architecture and wide access are the new norm.  What hasn’t changed
is that the signature dynamic algorithm remains the most secure form of personal
identification.  But because that data has to be stored, and dispersal of that information
is potentially global, significant vulnerabilities are, at least at this juncture, inevitable.

The problem is not interception of data at the point of transmission – encryption is
generally effective in preventing this breach.  The vulnerability is at the point where
signature dynamic meets authentication.

The Battelle study concluded that, although it was the securest method, signature
dynamics was, at the time, too costly to implement due to data storage requirements
and the size of the algorithm required for authentication. 

Since then, storage capacity, and computing capacity, have grown exponentially to
bring signature dynamics back into the realm of feasibility.  The size of the algorithm,
and the size of the signature dynamic are still huge, but the computing capacity to
manage them has expanded, and miniaturized.  

Still, the point at which person biometric data is stored remains a serious security
challenge, given the universal access that’s necessary for payment systems to function.  
Every security process has a flaw, and this one is huge.   All of the technology involved
with these systems, as well as myriads of schemes to defeat them – is available at
public libraries and online.  

An episode of the popular show “Alias” showed the extraction of a fingerprint image
from a sheet of paper, transfer to a mold, and the creation of a duplicate to gain access
to sensitive computer data.  It succeeded on the show, and it works in real life as well.   

Stored biometric data, and the tools for accessing itmust be linked through some
communications methodology in order to provide the authentication required for a
transaction.  At present, there is no failsafe means to prevent the theft of stored data
from those with criminal intent – particularly if they are well financed.  A quick scan
(pun intended) of the headlines of the past year supports this conclusion definitively.  

For this reason, except in extraordinary “no-choice” circumstances, (employment,
government agencies, etc.) biometrics will continue to encounter substantial
consumer resistance. 

It is a similar story with RFID and contactless card technology –both concepts
promise great convenience, but at their core, they’re just one more single- function
card.  I, frankly, don’t need another single function card in my wallet with utility
indistinct from the others. 

Which may, after all, be the key.  If there are multiple, valued uses on a single
identifier – something quickly and positively identifying me – that might be enough
of an added value to tip the balance in favor of widespread biometric ID acceptance.
If one instrument could provide access to the office, the car, personal funds, medical
information, and insurance, that might be sufficient to overcome, at least in the minds
of consumers, the risks inherent in data storage.   Everything in life, after all, is a
trade-off.  If this occurred, the biometric instrument would effectively replace the
social security number.  Whether that would be a positive development is the
subject of another essay. 

Absent this extraordinary “multi-purpose” convenience, the consuming public will
have to become far more accepting of risk for the balance to tip in favor of biometrics. 
And if this does occur, the public will have to accept responsibility for the close monitoring
of financial and personal data, Tools to correct problems will also have to be far more
readily available than they are at present.   

In the pre-biometric era, merchants, banks and customers all knew each other. 
Today, most transactions are not between familiar parties, and payment methods
must accommodate this reality. There is great convenience in biometric payment
technology, but for implementation to be widespread in the way, say that ATMs enjoy,
one of two things must occur.  It must either provide a unique and exceptional level of
convenience, or there must be definitive security that trumps the perception of high risk.
Neither is on the horizon.

Biff Matthews is President of Thirteen Inc, the parent company of
CardWare International.  He is one of 12 founding members of the ETA,
serving on its board, advisory board and committees.  (740) 522-2150

> BACK TO MAIN LIBRARY