Speaking at the Biometrics 2003 conference in London on Friday, Marek Rejman-Greene -- senior consultant at BTexact's security technologies group -- identified these medical fears as one of 38 challenges that Europe's biometric industry must overcome over the next few years.
Rejman-Greene played a leading role in an EU-funded project called Biovision, which drew up a roadmap for the European biometric community to follow. This research included interviews with people who had taken part in biometric trials, some of whom were concerned about the medical implications of biometrics. In particular, there was concern that a person's eyes could be damaged by an iris scanner.
Although these health fears would appear to be unfounded based on current evidence, they could prove a significant handicap in the rollout of products that use techniques such as iris identification to authenticate users.
"Some of these beliefs are quite deeply held, and the industry needs to move people away from those beliefs," said Rejman-Greene.
Biometric identification is becoming an increasingly pressing issue, with US and EU politicians eager for biometric identification to be introduced into passports in an attempt to curb terrorist activity.
According to Rejman-Greene, while some triallists have been happy to accept the use of biometric identification, others have reservations about the technology. These concerns include the fear that medical conditions could be inferred through a biometric test -- something Rejman-Greene says could in fact happen.
"It is possible to recognise a person's emotional state through biometrics, in particular from their voice," Rejman-Greene explained, adding that some scientific literature suggests that it may be possible to detect whether someone is suffers from an illness in this way.
Some biometric triallists have been concerned that biometrics opens up the possibility of a person's "multiple identities" being matched together -- allowing one's work life to be linked to personal activities. Others worry that individual privacy will be eroded.
But many triallists have a more positive view of biometrics, Rejman-Greene said, and are attracted by the idea that systems based on biometric data will make it easier for them to enter a secure building or to access a PC without the need for a password.
Talkback
One cannot help but love the proponents of biometrics...
Its something about the way they confidently speak... as if to have discovered some final solution to a final solution hindered by naivety. Its almost as if they do not see their greatest vulnerability - that region of space in which the transition is made between man and machine, a place where deception of machine can run rife.
One can only believe that there will be a great trade in permanent/perpetual data once biometrics takes hold. Who knows, possibly a cracker would be able to capture images of the iris and fingerprints of the president of the US. Maybe with them he will be able to issue instructions that enable the launch of some ballistic system in some unknown direction.
It would also be possible to store such data for years without using it. It will be just as good at whatever point in time it is used, 10yrs, 20yrs....no limits. Better than credit card info, to any criminal, in our networked economy.
Of course, before biometrics really becomes popular it would appear to be the safest option. Yet it is at this point in time that information is most vulnerable.... The glass you pick up at a pub, the camera you look in to, etc... all of the are capture devices....
How complexity lives to breed even more complexity in the face of adversities... Great fun to come....
A lot of these biometric systems give al false sence of security and can easily be hacked. Especialy with home computers. You can plug an iris scanner into your computer get access to online services.
But a hacker can install a program that intercepts a scan and later fakes the iris scan and get access. If you were using a password then you can change that, but your iris cannot change, so if someone puts your iris profile on the internet you loose all security.
The same can be said for voice recognition, dna scanning, finger print...