Is the rise of the digital ID inevitable?

As biometrics gain sway, not everyone sees them as a force for good. Ellen Gibson looks at some very new technology

In baby steps and giant leaps, the world is moving further into digital identification and biometrics. The new technology raises concerns about privacy, of course, as well as opportunities for security companies.

The latest to join the migration: Switzerland. On 17 May, Swiss voters narrowly approved a government plan to switch over to electronic passports, tied to a national fingerprint registry. The new passport will contain a microchip that stores personal data, a digital photo, and two fingerprints. At borders or airports, travellers will have fingerprints scanned and photos taken to make sure they match their e-passports.

Switzerland is actually behind much of Europe, and all EU nations must institute fingerprint-enabled e-passports by next summer. Germany, France, and the Netherlands already issue them.

Some places are testing more advanced systems. At Manchester Airport, where facial-recognition devices have been installed in security gates, passengers with optional e-passports can bypass queues. Supporters say e-passports also enable a swift check on anyone entering the country against international watch lists.

The digitisation of personal information is a boon to firms in biometrics, or technology that can identify people based on unique physiological traits, such as fingerprints, DNA or even a person's gait or blood-vessel patterns. There are countless applications – from border control to medical records – and experts say it won't be long before such scans are part of everyday lives.

Lockheed Martin, the technology and aerospace giant, is one of several companies working with US government agencies to develop new applications. It is managing an effort by the Transportation Security Administration to give up to a million maritime and transportation workers access to secure areas of ports via biometric credentials, including finger and iris scans, which will be stored on biometric ID cards.

In the meantime, the FBI has formed an international agency with Australia, Britain, and Canada to set up a "Server in the Sky" – a network for sharing biometric data on criminals and terror suspects. The group, the International Information Consortium, says a global biometric clearing house would help nations combat terrorism and rapidly identify victims in major disasters.

Northrop Grumman, a Los Angeles firm specialising in security, is supplying the technology, although the initiative has met with resistance from privacy groups.

The private sector, though, has been experimenting with biometrics for years. Casinos use the technology, and some regional credit unions have tested programmes where members are identified by palm scans. Walt Disney World has long used finger scanners to identify visitors and prevent pass-sharing.

"Pre-9/11, the expectation was that [advances in biometrics] would percolate up from the commercial sector," says Lawrence Hornak, co-director of the US National Science Foundation's Center for Identification Technology Research. "But with the emphasis on security after 9/11, there are now major government initiatives."

Biometric proponents foresee a future in which body scanners replace passwords in computers and personal identification numbers at ATMs. "You always carry your physical characteristics with you," notes Hornak. "That provides a lot of convenience."

But a big hurdle is opposition from civil liberties groups. Many people are wary of a future in which cameras sample physical traits, compiling digital dossiers without their knowledge. And consumers fear hackers will steal information from centralised databases.

Most security analysts acknowledge that data breaches are inevitable – fingerprint scanners can be fooled with gummy sweets and a laser printer – but your biometrics are irreplaceable. "If my password security is breached, my bank and I can agree on another bit of secret information," says John Verdi of the Electronic Privacy Information Center. "If I give my bank an iris scan and somebody spoofs it, I can't do anything other than poke out my eyes."

Verdi is not opposed to biometrics research, but he has a hard time believing that the advantages of current applications outweigh the risks. "The question is: What is so important that I'm willing to put that information out there?"

This article was sourced from the latest edition of BusinessWeek

Comments