What starts as a seemingly harmless and easy way to wake up your cell phone could become a key identification method in the not-too-distant-future.
Along with the technology improvements, privacy concerns are becoming an increasing concern.
Washington state lawmakers just passed legislation that forbids companies from obtaining or selling biometric information without consent of the individual.
Here's some context about what to expect, going forward, as biometric IDs seeps deeper into our digital lives.
Traits and characteristics
It's now possible for a physical characteristic, or even a behavioral trait, to be parsed into data and stored in a database. That file can then be used to verify your identity, or to check against other entries in the database. Fingerprints, retinal scans, voiceprints, facial recognition, and even the distinctive way a person walks and moves can be converted into data for identification purposes. Heartbeats can even be used to authenticate service users.
Finding cheats and criminals
It's no longer unusual to encounter a biometric scanner at the entryway to a secure area, or even to access and use certain kinds of online services, says Robert Capps, vice president of business development at NuData, a Vancouver, British Columbia, supplier of fraud detection systems.
"These biometric data points are being used in places like casinos, looking for cheats and criminals walking into those facilities," Capps says. "Anywhere there's a place where you want to truly know who that human is, you're starting to see some biometric verifications."
The Enhanced Border Security and Visa Entry Reform Act of 2002 actually mandated the use of biometric identifiers in U.S. visas. U.S. embassies and consulates now issue machine-readable visas and travel documents based on biometric technology. And for visa applicants desiring to enter the U.S., the standard for biometric screening is ten fingerprint scans collected at U.S. overseas compounds.
Theft and fraud potential
While border security agents view biometrics as a useful tool, state lawmakers are starting to respond to their constituents' concern about the potential theft and subsequent fraudulent use of biometric data. Given rampant data breaches, who can blame them?
Washington's new law imposes strict criteria for the sale, lease or disclosure of biometric identifiers for commercial use. One important benchmark: the bill makes putting biometric identifiers into a database illegal without the person's consent -- meaning such information cannot be collected surreptitiously.
Other states are jumping on board. Alaska is considering a bill like Washington's that would prohibit the collection of biometric data without an individual's consent, among other restrictions. And a proposed bill in Connecticut would make facial recognition illegal for marketing purposes. In Illinois, lawmakers are pushing for changes that would require entities that collect biometric data to destroy the information after a certain period of time.
"Everybody has got a different approach to it," Capps says. "Some people are pushing to require biometrics online and other people are saying, 'Oh, we got to be careful here because physical biometrics can't be changed, so putting more detailed data out to those databases to be stolen is a really is questionable proposition.' "