Biometrics Comes of Age: Reliable, Secure Access Control and More
Apple Inc. sold more than two hundred million phones equipped with biometric systems in 2016, and it did the same the year before. Nearly 90 percent of the company's customers make use of those features on a regular basis. Impressive as those figures might be, they are only a few recent twists in a much longer-running story.
For decades, analysts and insiders have been predicting that the technology of biometrics would finally be coming into its own. Advancing technology, combined with a renewed focus on reliability and delivering real value, now allows biometric readers to live up to that promise in many applications. From mass-market devices fitted to smartphones to readers ready to meet the most demanding corporate and regulatory requirements, biometrics is now here for good.
A Market Primed for GrowthA 2015 report from research firm MarketsAndMarkets pegged the global biometrics trade to nearly triple in size by 2022. With financial institutions, healthcare industry initiatives, and border control efforts expected to contribute much of the growth, the analysts figure the industry will generate almost $32 billion in annual revenues within six years.
A study conducted by IHS Markit found that biometric systems already account for nearly a third of all access control sales in the Americas. Although that figure has been inflated somewhat by the technology's adoption into tens of thousands of Brazilian ATMs, it nonetheless stands as more evidence of the inroads biometrics is making into everyday life.
Regulators worldwide are helping, too. With a mandate covering the United States, Canada, and part of Mexico, the North American Electric Reliability Corporation encourages the use of biometric access control among its members. Its CIP-600-5 cyber-security regulations require the use of "strong two-factor" authentication on computers that interface with the electrical grid that provides service to hundreds of millions of customers. Modern biometric readers regularly win out over the alternatives in terms of reliability, value, and compliance.
The National Institute of Standards and Technology is another prominent biometrics booster. Laying down requirements that apply to hundreds of thousands of federal government contracts and the Department of Homeland Security, its Special Publication 800-171 makes biometric access control a clear-cut road to compliance.
From government contractors and electrical service providers to banks, hospitals, and other kinds of businesses, biometrics therefore increasingly seems like the right solution to an ever-present problem. On the other side of the scene, the issues that have historically held biometric systems back have been resolved, as well.
The Strong Modern Value PropositionIBM launched a biometric-equipped version of its corporate-oriented ThinkPad laptop in 2004, attracting plenty of attention. While many customers found the fingerprint reader useful, complaints were also common.
In particular, reliability was an issue from the start, with lockouts and other troubles costing businesses money. The systems also frequently seemed finicky and overly sensitive, leading some to wonder if this new form of security would ever be an asset. One industry veteran recently confided to a reporter, for example, that biometric readers accounted for "five percent of sales and ninety-five percent of service calls" over the course of his career.
For years, biometrics vendors focused so intently on cost that they often failed their customers in other ways. Since then, a much more mature and balanced take on the matter has improved the situation greatly. By tackling the challenges that biometric technology has had to overcome, industry leaders have advanced the state of the art to a point where it now makes excellent sense for many applications:
- Reliability: A false positive, where an unauthorized user gains access to a controlled system or location, can render a biometric reader useless. At the same time, the false negatives that once stymied so many legitimate users are inevitably costly, as well. Both issues have been addressed effectively.
- Suitability: Proposing a biometric response to a regulatory challenge only makes sense where the solution actually satisfies the associated requirements. To be worth adopting, biometric access control systems must also integrate naturally and productively with whatever environment they will be deployed into.
- Cost: Biometric systems are almost inherently more costly than the alternatives in upfront terms, with IHS Markit putting the premium at a factor of two compared to smart cards and four times the cost of proximity readers. At the same time, they do away with operating expenditures associated with ordering, providing, managing, and replacing cards, as well as time lost to forgetfulness and other human failures.
The Advance of Technology is Never to Be NeglectedA more responsible take on addressing these issues and related ones has helped make today's top biometric systems far more attractive, as a result. Plenty of technological advances have contributed, as well, often by contributing to even more comprehensive responses to these challenges.
Fingerprint readers, for example, have long labored under the burden of needing to reliably recognize surfaces prone to contamination and even scratches and cuts. Multi-spectral readers produced by pioneers like SekureID are capable of mapping out uniquely identifying features that lie beneath the skin. Adding these to the fingerprints with which all are so familiar, they allow for a significantly more reliable way of using biometrics to pin down identity.
Organizations and individuals with privacy concerns are now being accommodated, as well. Instead of keeping fully developed biometric images stored where they could be accessed by hackers, many modern systems capture only specific points which are far less useful on their own. With each system having its own take on how such data is to be interpreted, privacy is much less of an issue than many suppose.
All the Pieces Are Now in PlaceAs a result, biometrics has become a much more widely applicable solution than in the past. With relatively simple systems like those found on iPhones ubiquitous in the consumer electronics sphere, the technology is now also highly suitable for locations ranging from homes and small businesses to large corporate campuses and locked-down industrial facilities.
What matters the most, in every case, is deploying the biometric system that best suits a given set of requirements. With plenty of well-designed, potentially useful options now being available, the shortcuts and partial measures of the past no longer need to be the final word on biometrics at all.
References and Further Reading
- Unit sales of the Apple iPhone worldwide from 2007 to 2016: https://www.statista.com/statistics/276306/global-apple-iphone-sales-since-fiscal-year-2007/
- Biometric System Market worth 32.73 Billion USD by 2022: http://www.marketsandmarkets.com/PressReleases/biometric-technologies.asp
- NERC CIP-006-5 — Cyber Security — Physical Security of BES Cyber Systems (PDF): http://www.nerc.com/files/CIP-006-5.pdf
- NIST Special Publication 800-171: Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations (PDF): http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171.pdf
- Department of Homeland Security: Biometrics: https://www.dhs.gov/biometrics
- IBM Unveils First Biometric ThinkPad, Offering Security at Your Fingertips: https://www-03.ibm.com/press/us/en/pressrelease/7315.wss
- SekureID - Smart Identity Management Solutions: http://sekureid.com/