BiometricsAll too often, science fiction or action movies feature a scene where a character runs into trouble trying to break into a room because the doors won’t unlock without a specific person’s fingerprint or eye scan. While these types of security systems might still be rooted in fantasy for many of us, the truth is that they are a thing of reality — and they might already be part of the devices you use every day. The technology behind using your fingerprints as a security measure is called biometrics, and it’s a growing trend as companies and consumers try to stay ahead of the countless hackers, scammers and other criminals lurking around every corner in the virtual and “real” world. Although biometric data is presented as a solution to security issues, it can also present some problems, especially when it comes to people’s privacy. Are biometrics something you should entrust to your security?

What exactly is biometric data?

When it comes to information technology, biometrics is defined as any technology that records, measures and analyzes a person’s biological characteristics for authentication purposes. Biometric data can include voice, DNA, fingerprints, eye retinas, eye irises and facial patterns. It’s essentially physical information about you that is completely unique from another person — thus making it valuable as a security measure. The idea is that while social security numbers and names can easily be stolen and used fraudulently, it’s much harder to steal someone’s voice or fingerprints.

Where are you most likely to run into biometrics?

One of the most highly publicized uses of biometrics as a security measure has been with mobile phones — such as Apple’s Touch ID, which can be used to unlock a user’s phone as well as activate Apple Pay features at the checkout. Other companies, such as Android, are working on implementing this technology as well. This past April, Qualcomm announced it was developing new and improved 3-D fingerprint sensor technology for use with smartphones and other technology.

Biometric data can be useful as an authorization measure outside electronics as well. Whether in the security line at the airport or attempting to enter a secured building, fingerprint and retina eye scanning helps ensure the right person is gaining access to sensitive areas. It’s also possible that schools and healthcare facilities will begin to use biometrics to identify students, staff and patients — something that can be a great boon to security and help prevent costly (and often dangerous) mix-ups with medications or treatments.

Facial and voice recognition is also something that is being used more and more — think about Siri and other personal assistant technology, like the new Windows 10 Cortana, learning the sound of your voice so it can take your commands. Facebook has been criticized more than once in recent years for its use of facial recognition technology to evaluate users’ pictures and provide predictions for photo tagging, but it’s not the only company (or government) adapting this type of technology to suit its needs.

Essentially, biometric technology is everywhere, and its use is only going to grow more prevalent.

What are the dangers of this technology?

The risks to both security and privacy are among the chief concerns when it comes to the use of biometric data for security or other purposes — and for good reason. As noted above, social security numbers can be changed if compromised (although that’s a difficult process in itself). But a person’s fingerprints are born and die with them, and any time this data is recorded, it’s at risk for being compromised. Just look at the recent Office of Personnel Management hack within the U.S. government, which compromised the fingerprint data of 5.6 million people who had undergone background checks. Those people now have to worry about who has their fingerprints, and what they might do with them.

At this time, not a lot can be done to misuse fingerprints — but that will likely change as more and more companies and services rely on biometric data for authentication. Beyond the issues of security and how safe recorded data may or may not be, consumers and employees should be concerned about the privacy risks presented by the collection and use of biometric data. For example, this article in The Guardian discusses the risk to employees’ sense of security and trust in the workplace that wearable devices like Fitbits and Apple Watches — which can measure everything from heart rate to every step you take and where your steps take you — create. If your employer was capable of monitoring your every move and keeping an eye on both your health and your productivity, would you feel comfortable at work? Probably not, and that’s a legitimate concern when it comes to the monitoring of employees’ biometric data.

Should you use this technology?

Right now, it’s possible to avoid using biometrics without a whole lot of effort — you can choose not to own an iPhone and hold off on uploading and tagging photos of yourself on Facebook. But eventually, it’s probable that this type of authentication will become ingrained into our society, especially as technology catches up and it is more accessible to the masses. Only time will tell how biometric technology integrates itself into people’s daily lives; it will be up to the people in charge of making things secure to ensure that there aren’t large databases of biometric data sitting around unprotected. Right now, you can do your part by thinking critically about using products or services that employ this technology and making sure you read the privacy policy of any company you give your biometric data to.

You can learn more about privacy matters by following our identity theft blog.