Around the world, governments are succumbing to the allure of biometric identification systems. To some extent, this may be inevitable, given the demands and expectations placed on modern states. But no one should underestimate the risks these technologies pose.
Biometric identification systems use individuals’ unique intrinsic physical characteristics — fingerprints or handprints, facial patterns, voices, irises, vein maps or even brain waves — to verify their identity. Governments have applied the technology to verify passports and visas, identify and track security threats and, more recently, to ensure that public benefits are correctly distributed.
Private companies, too, have embraced biometric identification systems. Smartphones use fingerprints and facial recognition to determine when to “unlock.” Rather than entering different passwords for different services — including financial services — users simply place their finger on a button on their phone or gaze into its camera lens.
It is certainly convenient. And, at first glance, it might seem more secure: someone might be able to find out your password, but how could they replicate your essential biological features? But, as with so many other convenient technologies, we tend to underestimate the risks associated with biometric identification systems. India has learned about them the hard way, as it has expanded its scheme to issue residents a “unique identification number,” or Aadhaar, linked to their biometrics.
The Aadhaar programme’s primary goal was to manage government benefits and eliminate “ghost beneficiaries” of public subsidies. But it has now been expanded to many spheres: everything from opening a bank account and enrolling children in school to admission to a hospital now requires an Aadhaar. More than 90% of India’s population has enrolled in the programme. In India, the government wanted to enrol a lot of people quickly in the Aadhaar programme, so data collection was outsourced to small companies with mobile machines.
But serious vulnerabilities have emerged. Biometric verification may seem like the ultimate tech solution, but human error creates significant risks, especially when data-collection procedures are not adequately established or implemented. If a fingerprint or iris scan is even slightly tilted or otherwise wrongly positioned, it may not match future verification scans. Moreover, bodies can change over time — for example, daily manual labour may alter fingerprints — creating discrepancies with the recorded data. And that does not even cover the most basic of mistakes such as misspelling names and addresses.
Correcting such errors can be a complicated, drawn-out process. That is a serious problem when one’s ability to collect benefits or carry out financial transactions depends on it. India has had multiple cases of lost entitlements, such as food rations and wages for public-works programmes, as a result of biometric mismatches.
If honest mistakes can do that much harm, imagine the damage that can be caused by fraud. Police in Gujarat recently found more than 1 [Thin space] 100 casts of beneficiary fingerprints made on a silicone-like material, which were used for illicit withdrawals of food rations from the public distribution system. Because we leave fingerprints on everything we touch, we are all vulnerable to such replication.
Manual replication is the tip of the iceberg. Researchers have created synthetic master prints that enabled them to achieve a frighteningly high number of “imposter matches”.
Further risks arise during the transmission and storage of biometric data. Once collected, biometric data are usually moved to a central database for storage. They have to be encrypted while in transit, but the encryptions can be — and have been — hacked. Nor are they necessarily safe once they arrive in local, foreign, or cloud servers.
A French security researcher accused two Indian government websites of leaking thousands of IDs, including Aadhaar cards. That leak has now reportedly been plugged. But, given how many public and private agencies have access to the Aadhaar database, such episodes underscore how risky a supposedly secure system can be.
Of course, such vulnerabilities exist with all personal data. But exposure of someone’s biometric information is far more dangerous than exposure of, say, a password or credit card number, because it cannot be undone. We cannot, after all, get new irises.
The risk is compounded by efforts to use collected biometric data for monitoring and surveillance, as is occurring in China and elsewhere. In this sense, the large-scale collection and storage of people’s biometric data pose an unprecedented threat to privacy. And few countries have anything close to adequate laws to protect their residents.
In India, revelations of the Aadhaar programme’s weaknesses have largely been met with official denials, rather than efforts to protect users. Worse, other developing countries, such as Brazil, now risk replicating these mistakes as they rush to adopt biometric technology. Given the large-scale data breaches that have occurred in the developed world, these countries’ citizens are not safe, either.
Biometric identification systems are permeating every facet of our lives. Unless and until citizens and policymakers recognize and address the complex security risks they entail, no one should feel safe. — © Project Syndicate
Jayati Ghosh is professor of economics at Jawaharlal Nehru University in New Delhi, executive secretary of International Development Economics Associates and a member of the Independent Commission for the Reform of International Corporate Taxation