Being Thoughtful about Biometrics

As biometric technologies become increasingly important for access to digital services over the next decade, we must put the control of critical risks — privacy, accessibility, inclusion, and diversity — at the center of our attention. These risks are too often left as afterthoughts in the design and implementation of identity systems.

Biometrics help prevent fraud during issuance and verification of identity credentials. By binding aspects of our physical self to a credential for use in subsequent sessions, we help preserve the integrity of a credential and prevent abuse of a credential. Combined with powerful encryption to protect a credential, we can use biometrics to solve complex identity problems.

In the first article of this series, we hypothesized that “over the next decade they [biometric technologies] will provide liveness with increasing confidence” so that remote identity verification and authentication via biometrics will become even more commonplace. The biometrics journey, however, will not be easy: it will be a continual arms race of attacks and countermeasures to prevent spoofing and other credential fraud in remote sessions.

The most recent chapter of the biometrics journey (Stage 1) began a decade ago with vendors embedding biometric sensors and software in mobile devices. Technologies like TouchId by Apple helped usher in a era of passwordless convenience while preserving privacy: your biometrics remain on the mobile device typically protected by special encryption hardware associated with the biometric sensor. But such protection is at the cost of inclusion because not everyone has (or can afford) such a device. Accessibility also suffers because the fingerprint sensors do not work with worn or shallow fingerprints common to manual laborers. Other biometric technologies, like FaceID by Apple, were introduced as an alternative but the COVID-19 pandemic use of masks over the face led to yet another alternative that exacerbates the inclusion gap again.

Stages of the evolution of biometric technology over the next decade

In the next few years, the biometrics journey will try to solve the inclusion gap (Stage 2) by extending local biometrics to existing identity verification processes. The UN Sustainable Development Goal (SDG) Target 16.9 mandates legal identity for all, including birth registration by 2030 to promote peaceful and inclusive societies. Such legal identity credentials will likely be digital and must be widely available across devices, modalities and economic development levels. In late 2019, the FIDO Alliance Identity Verification & Binding Working Group (IDWG) and OpenID Foundation eKYC & Identity Assurance (IDA) Working Group were founded to establish possession-based identity verification (and binding) performance requirements. Such requirements include checks (e.g., for know-your-customer (KYC) and anti-money laundering (AML) laws) of existing biometrics credentials against centralized systems during enrollment and authentication sessions. As a result, privacy risks will increase as existing centralized identity systems are integrated with digital credentials on mobile devices.

The final part of the biometrics journey (Stage 3) will turn attention back to privacy via self-sovereign identity technologies with the appropriate legal and globally interoperable trust frameworks. Instead of relying on centralized systems in Stage 2 that can expose biometrics to compromise, self-sovereign identity systems reduce the risk of compromise via decentralization and selective disclosure. The trust frameworks needed to establish interoperable schema and governance agreements around credential issuance, expiration, recovery, and encryption lifecycle management are currently being developed but still in a nascent deployment phase.

At each stage of the biometrics journey, several technologies are need to enable more use cases and risk controls but their tradeoffs (especially with legacy systems) also act like a game of whack-a-mole: attempts to control one risk may increase other risks. Previous articles in this series focused on the benefits and risks associated with specific biometric modalities. We can now summarize these risks across popular modalities in a matrix:

Biometric Modality Risks

Many of our discussions will involve these risks and others yet-to-be-discovered in this matrix. We invite YOU to join us in discussion at the Thoughtful Biometrics Workshop (8, 10, and 12 March 2021).

This article is the seventh in an introductory series leading up to the Thoughtful Biometrics Workshop 8,10,12 March 2021. Additional articles can be found as follows:

• A gentle introduction to Thoughtful Biometrics — Part 1
• Thoughtful Biometrics for Facial Recognition — Part 2
• Thoughtful Biometrics for Fingerprints — Part 3
• Thoughtful Biometrics for Iris — Part 4
• Thoughtful Biometrics for Voice — Part 5
• Thoughtful Biometrics for DNA — Part 6
• Thoughtful Biometrics Overview — Part 7 (this article)
• What is Identity Management — Part 8