Biometrics have been mandated in recent years for use in ports, border crossings, and some high-security agency facilities as a way to enhance access controls by strengthening identification. One program, the Department of Defense-run Common Access Card, which includes a smart card containing a user’s biometric, has issued several million new identifications.
Private industry applications have been limited, especially in the United States. But some end users have seen value in the technology. Japan, for instance, has tens of thousands of automatic teller machines that use vascular, or vein, recognition.
The technology continues to develop in areas such as accuracy and usability. Among the developments are biometrics with three-dimensional imaging, which can significantly improve accuracy and enrollment rates, and fingerprint scanners that provide contactless access, boosting accuracy and hygiene.
A wider assortment of organizations is eyeing biometrics as these technologies become more affordable and user-friendly and as concerns about fraud spotlight the need for stronger security. Growing adoption by companies such as retail stores, fitness centers, and fast food chains may in fact be one of the biggest current biometric trends, says Bill Nagel, a Forrester Research analyst.
Companies in these sectors are also finding biometric technology viable for HR purposes, such as time and attendance, Nagel says. A growing number of them are recognizing how biometrics can curtail policy abuses, such as “buddy punching,” in which two customers or employees share access cards.
Another impetus for adoption is that fingerprint scanners that can be plugged into a computer or terminal have come down in price. Vascular solutions, though slightly more costly, are also winning wider appeal for characteristics including accuracy, high enrollment rates, and their more hygienic, contactless nature.
Biometrics could also be making some modest headway against another challenge: privacy concerns, Nagel says. When smart cards are employed with biometrics, privacy concerns are reduced as users carry the biometric with them, but biometric/smart card solutions tend to be relatively expensive.
Some users become less concerned about other kinds of implementations when they learn that most databases only store an algorithm, or mathematical hash, of physical characteristics. It might contain 20 to 50 data points, Nagel says. “There is no way to reverse engineer [an identity] from so little data.”
Moreover, as employers and consumers have a chance to use biometric applications, they tend to appreciate the technology’s simplicity, he says. In more instances, “the convenience factor is starting to outweigh the cultural [resistance] factor.”
To illustrate how biometrics can be implemented, Security Management looks at two cases, at a fitness club and a fast food restaurant, where biometric adoption appears to be generating security as well as other benefits.