As the world becomes more automated, security concerns regarding financial and security data are becoming harder to protect. The financial data of the public is at risk, and it is left to banks and corporations to protect massive amounts of data. The Target data breach of 2013 released the credit card information of 40 million Target customers, and up to 60 million people had their personal information accessed (1). In 2015, the Office of Personnel Management announced that 21.8 million federal employees had their personal information stolen, including birth dates, home addresses, and Social Security numbers (2). Both the government and the private sector are looking for new ways to keep sensitive information safe. Biometrics is playing an increasingly significant role, as the tech industry is making strides in the quest to keep information safe.
For the private sector, identity theft is surging with the increase in online shopping and banking. It is often difficult to prove that identity theft occurred, and it is often a major distress for those affected. Hackers are becoming increasingly effective at gaining valuable data using minimal information. Nowadays, hackers can begin gaining sensitive personal financial details with just a phone number and address. Biometrics offers personalized security and is becoming increasingly accessible to the public (3); the iPhone 5s was the first major implementation of biometrics in the commercial sphere, allowing users to unlock their phone by fingerprint alone. Biometrics is no longer used only to protect highly sensitive state secrets; it is becoming increasingly available and affordable for the public. There is always a balance between security and privacy, especially in the private sector, as until recently, the public has been unaware of the vulnerability of their information. However, highly publicized cybersecurity breaches in recent years are making the public more aware of the sensitivity and value of their data, increasing their tolerance for tougher security measures.
With investment from large corporations, biometric firms have made great strides in recent years, allowing for quick implementation of the most recent technological advancements. For instance, OCBC Bank in Malaysia recently launched OneTouch banking, which allows customers mobile access of their bank accounts, using Apple’s Touch ID technology (4). In 2014, EyeVerify, which specializes in biometrics of the eye, received $6 million in equity funding from multiples sources, including companies like Wells Fargo and Samsung (5). New types of cardiac biometrics are becoming increasingly available; Nymi, a Canadian based company, developed a wristband that identifies an individual through their specific cardiological signature. This firm also engaged in equity funding and received $14 million in 2014 from firms such as MasterCard, Relay Ventures, Ignition Partners, and SalesForce Ventures (5). Cardiac verification is currently one of the most secure types of biometrics, and shows serious promise for biometrics in the future. This technology could be integrated into multiple products already on the market, such as the iWatch, Fitbit, and other types of smart bands. In addition, private companies with sensitive information may look to supply employees with this type of technology, in order to ensure security of valuable information.
The biometrics industry has attracted high net worth investors. Billionaire Gary Fegel of Glencore, a commodity trading company, invested $15 million in FST Biometrics, an Israeli based firm. FST focuses on facial and body language biometrics that can identify someone from long distance. A former Israeli general started the company about eight years ago, and today the company serves foreign governments and some major companies, such as Facebook and Visa. FST claims to complete one million identification tests a month, with a 99.97% accuracy rate (6). The attention of high net-worth investors has the potential to spark the interest of other investors and promote industry growth. The privatization of the space industry has resulted in billionaires Richard Branson and Elon Musk to start what has become a private sector space race, and large companies such as Boeing have already obtained government contracts in space exploration. The biometrics industry could have a similar growth scenario. Demand is growing from both the public and private sector for increased information protection. Apple’s Touch ID technology bolstered biometric demand and growth in showing that biometric technology is marketable beyond highly secure government sites.
Many banks are testing different types of biometrics on customers and moving towards full implementation. USAA implemented biometrics in the form of facial, voice, and fingerprint scans to its 1.7 million customers. JP Morgan Chase customers can access their accounts using their fingerprints, as can a third of Bank of America’s customers. As mentioned earlier, Wells Fargo invested in eye recognition, and is releasing the technology to a small group of customers. This technology was so fast in identifying individuals that developers increased the recognition time, in order to make customers feel that the technology was adequately obtaining their eye characteristics (7). The increased use by banks indicates how fast the implementation of biometrics is unfolding in the private sector. The amount of customers using the technology shows a public willingness to integrate biometrics into their normal lives, as biometrics identifiers are becoming more available. The biometrics industry looks very attractive to investors and consumers alike .
Federal biometric programs exist in the Departments of Commerce, Defense, Homeland Security, Justice, and State. Coordination of research and development of biometric technology for these departments is the responsibility of the National Science Foundation Industry/University Cooperative Research Center, specifically the Center for Identification Technology Research (CITeR). The goal of the Center is to promote efficient and effective technology transfer between private and government sectors through its research. However, the major potential for inefficiency seems to be in the transfer of technology between the massive government departments who, in uncoordinated efforts, individually have invested in government and privately developed biometric technologies and programs.
For example, the Department of Homeland Security (DHS) has developed the Transportation Worker Identification Credential System, used for personnel working in all transportation modes for physical or computer access in security areas of all transportations systems nationwide. The DHS also operates the Registered Traveler Program, which it contracted with private sector developers to offer for voluntary use for the benefit of business travelers, which works alongside a government developed NEXUS biometric program for travelers frequently going between the U.S. and Canada. The DHS’s main national identity program is the Office of Biometric Identity Management, created in 2013 to collect, analyze and store data on watch list persons who pose a threat to national security, replacing the outdated and bloated US Visitor and Immigration Status Indicator Technology program.
Notably, most government developed biometric programs are still in the research stage, for potential use or integration with existing programs. Within the Department of Justice, the operative biometric programs are the Integrated Automated Fingerprint Identification System (IAFIS) and the Next Generation Identification System (NGI), established to research and integrate advanced biometric technology into the IASFIS. The Justice Department’s National Institute of Justice also develops, collaborates, and integrates biometrics, mainly working with state and local governments. The FBI’s most important biometric identity management is the Biometric Center of Excellence (BCOE). The center’s function is to share FBI technology with all national security and law enforcement agencies, while providing guidance on complying with federal laws and procedure.
The US State Department is a newcomer in biometric development and implementation, advancing in response to the need for secure access to classified data, replacing passwords with positive biometric identification, and photo identification on passports with imbedded anti-fraud chip technology (11).
Biometrics is a continually growing space for law enforcement and intelligence agencies. No longer is biometrics limited to fingerprint scanning, the technology now includes recognition of facial details, palm prints and irises (8). With the development of these new technologies, the need to create technology that promotes security through the collection of biometric information and criminal records has been rapidly developing. To make better use of new technologies, the FBI’s Criminal Justice Information Services has implemented NGI. First introduced in 2011, this system has merged biometric data and criminal records. The NGI was developed by the FBI but provides accurate and efficient biometric services for all levels of law enforcement, from local to international jurisdictions. The NGI is constantly evolving with the implementation of new technologies (8).
In 1999, the FBI’s Criminal Justice Information Services implemented the IAFIS, which is considered the precursor to the NGI. The IAFIS was replaced because it was no longer able to keep up with the advances in biometrics, and the system would take up to two hours to run a set of prints (10). Lockheed Martin developed the NGI with the help of other technology companies (9). The deal between the FBI and Lockheed Martin was originated in 2009 and is estimated to be worth close to $1 billion. Lockheed Martin is heading the project and has brought many leading technology firms on to collaborate on the project.
In 2014, the FBI announced the implementation of facial recognition and the estimated database of 51 million photographs (10). This facial recognition program is under the NGI system and will be accessible to all law enforcement officers. The facial recognition program was developed for use in crime scene investigation, while its predecessor, fingerprinting, is meant for identifying suspects in real time. Morphotrust was the company behind the development of facial recognition software (10). This software provides a great opportunity for improvements in law enforcement, but it also raises concern over privacy matters. With over 30 million security cameras in the US and no public plan for how or when they will be incorporated into the software, the public is concerned over whether the government will be able to track anyone at anytime. The FBI has developed the software in a way that as other biometrics technologies become viable, they can be added into the database.
While biometric identifications systems have been developing rapidly, government agencies have been slow to adopt and integrate systems due to security concerns on integrating privately and publicly developed programs. Legal privacy issues arise with every new development and integration of government biometric programs and may justify the slow implementation of the technology.
(1) Dezenhall, Eric. "A Look Back at the Target Breach." The Huffington Post. TheHuffingtonPost.com, 6 Apr. 2015. Web. 26 June 2016. <http://www.huffingtonpost.com/eric-dezenhall/a-look-back-at-the-target_b_7000816.html>.
(2) "Cybersecurity Resource Center Cybersecurity Incidents." U.S. Office of Personnel Management. N.p., n.d. Web. 26 June 2016. <https://www.opm.gov/cybersecurity/cybersecurity-incidents/>.
(3) Penny, Wayne. "Biometrics: A Double Edged Sword - Security and Privacy." SANS Institute, n.d. Web. 26 June 2016. <https://www.sans.org/reading-room/whitepapers/authentication/biometrics-double-edged-sword-security-privacy-137>.
(4) "OCBC OneTouch™." OCBC OneTouch™. N.p., n.d. Web. 26 June 2016. <http://www.ocbc.com/personal-banking/online-banking/onetouch.html>.
(5) Relander, Brett. "Biometric Banking: Huge Prospects For Tech Profits | Investopedia." Investopedia. N.p., 20 Apr. 2015. Web. 26 June 2016. <http://www.investopedia.com/articles/investing/042015/biometric-banking-huge-prospects-tech-profits.asp>.
(6) Morrell, Alex. "Why Billionaire and Former Glencore Boss Gary Fegel Is Investing $15M In A Biometric Security Firm." Forbes. Forbes Magazine, 29 May 2015. Web. 26 June 2016. <http://www.forbes.com/sites/alexmorrell/2015/05/29/why-billionaire-and-former-glencore-boss-gary-fegel-is-investing-15m-in-a-biometric-security-firm/#42620c7a57b2>.
(7) Corkery, Michael. "Goodbye, Password. Banks Opt to Scan Fingers and Faces Instead." The New York Times. The New York Times, 21 June 2016. Web. 26 June 2016. <http://www.nytimes.com/2016/06/22/business/dealbook/goodbye-password-banks-opt-to-scan-fingers-and-faces-instead.html?_r=0>.
(8)"Next Generation Identification (NGI)." FBI. FBI, 17 Mar. 2010. Web. 26 June 2016. <https://www.fbi.gov/about-us/cjis/fingerprints_biometrics/ngi>.
(9)"Integrated Automated Fingerprint Identification System." Wikipedia. Wikimedia Foundation, n.d. Web. 26 June 2016. <https://en.wikipedia.org/wiki/Integrated_Automated_Fingerprint_Identification_System>.
(10) Pagliery, Jose. "FBI Launches a Powerful Facial Recognition System." CNNMoney. Cable News Network, 16 Sept. 2015. Web. 26 June 2016. <http://money.cnn.com/2014/09/16/technology/security/fbi-facial-recognition/>.
(11) "Federal Programs." Biometrics. N.p., n.d. Web. 26 June 2016. <http://www.biometrics.gov/referenceroom/federalprograms.aspx>.
Image: © Italianestro | Dreamstime.com - <a href="https://www.dreamstime.com/royalty-free-stock-photo-identification-system-interface-image16189645#res14972580">Identification system interface</a>