Topics:Identity Theft 101
Guest Post by Kayla Matthews
Now that biometric technology has found a place in many people’s lives through their phones and devices, could it help solve the issue of identity theft? If so, how would we get it done?
If it’s implemented well, biometric technology is superior to previous security standards. It may not be enough on its own, however, and it introduces several new headaches. Let’s look at some of the potential benefits and some of the problems that could arise out of our using this technology.
The U.S. Federal Trade Commission finds that identity theft victims pay a total of $5 billion out of their own pockets each year to resolve identity theft incidents. The FTC puts the cost for the business community at around $50 billion every year.
One of the reasons why this problem is so stubborn is because our technology hasn’t caught up yet. Pew Research polling finds that as many as 39 percent of adults in the United States use similar or identical passwords across accounts and 25 percent knowingly use less-secure passwords than they should.
Overall, our password hygiene is poor. Plus, two-factor authentication via email isn’t that safe because email itself isn’t that safe.
Biometrics leverage features that are unique to each of us. This includes fingerprints, scans of our retinas, irises or faces, recordings of our voices, prints of our hand geometry and even behavioral characteristics. Many of us are already accustomed to pressing our finger to our phones or holding still for a quick scan with the front-facing camera, but this is a broader category than that.
However, each type of biometrics technology generally relies on three components to work: a sensor to collect data, software to interpret the results, and a device to interact with and house the other components.
Biometrics are fundamentally safer than passwords and other types of security for several specific reasons. That’s not to say they’re without potential pitfalls, though.
Biometrics may soon become an even more common bulwark against identity theft and other types of digital fraud. They are already helping to phase out encryption keys, one-time codes, and traditional passwords in some places. Here are some of the reasons:
For those who’ve experienced identity theft, it is every bit as unpleasant as the name makes it sound. Somebody has compromised and leveraged your very identity to satisfy their own ends. To protect something so personal to you, it just makes good sense to use a type of security that’s equally personal. So far, nothing beats biometrics.
The points above cover three things that are vital to the successful rollout of any new security paradigm: it’s more secure than what came before, it’s more convenient, and it has the means to achieve quick adoption. But what is it about identity theft, specifically, that makes biometrics a good fit here?
Identity crimes most frequently take the form of social engineering (coercion or deception over the phone or online), mail theft, and credit or debit card theft. The addition of biometrics into the equation would seem to raise the security bar significantly:
Biometrics represent an important addition to the existing cyber-security and identity crime tapestry. At the end of the day, however, even face and fingerprint data is zeroes and ones. Storing our zeroes and ones anyplace still requires a certain leap of faith.
There may come a day when we use this tech to secure each of our internet accounts, pick up our train tickets and boarding passes, pay for morning coffees, and navigate every interaction with every public institution, from the local library to the IRS.
Nevertheless, there are already some stumbling blocks when it comes to using biometrics as the new de-facto security standard:
Like any other packet of data, the digital “key” that is your iris or face scan must be stored securely on a device or transmitted elsewhere for storage and/or processing. Whether in transit or at rest, this intimate data is only as secure as the companies entrusted with it.
It’s smart to stay aware of biometrics and other developments in digital security. But like everything that came before, it’s wise not to put all of our faith in any one protective measure, and to take every vendor, developer, and manufacturer’s security claims with a grain of salt.
Kayla Matthews, a tech and security journalist, has written articles for sites including WIRED, Information Age, Security Boulevard, and the National Cyber Security Alliance. To see more of her work, follow her on Twitter @KaylaEMatthews or check out her tech blog, Productivity Bytes.
May 7th, 2021
August 17th, 2022
October 1st, 2020
Sign up below to receive a monthly newsletter containing relevant news, resources and expert tips on Identity Theft and other products and services.