The Flaws of Biometric Identification
When Biometrics Fail
From fingerprinting to iris scans, biometric identification technology is a multibillion dollar industry and an integral part of the security state. In When Biometrics Fail, Shoshana Amielle Magnet demonstrates that these technologies are flawed and discriminatory in the way they identify people.
Philosophers such as Kierkegaard, Hegel and Foucault have argued against the idea of a subject-centred, universal reason. In her book, Magnet argues that these models of reason are not only flawed but dangerous.
1. Biological identity
Biometrics aim to make hacking or gaining unauthorized access to a system much more difficult. The technology uses physical identifiers, such as the shape of one’s hand, voice, or face, to confirm a person’s identity and prevent them from being tampered with. Biometrics can be used consciously, featuring user participation, or passively (as in surveillance).
But despite the heightened level of security biometrics provide, they are not foolproof. Whether it’s the manipulation of fingerprint scanners using jelly-like substances, or keystroke tracking software imitating someone’s writing speed, typography, or grade-level of ability, there is always the possibility that the technology will be compromised. This is especially true if the technology relies on physical traits, like the way that your fingers move on a trackpad or how you type with your right or left hand. Biometrics rely on patterns that are unique to each individual, but these can be changed by illness, injury or simply by wearing makeup or glasses.
2. Social identity
Social identity theory suggests that individuals use social categories to compare themselves against others. This self-comparison results in negative emotions like envy and stress, and can have physical consequences for health. The long history of bloody wars fought over class status further suggests that social standing matters a lot to human beings.
Magnet examines how these differences create a range of psychological problems that biometric identification systems cannot solve, notably the stigma attached to low-status groups and how they are often systematically discriminated against in the manner and sites in which biometric technology is implemented (prisons, welfare and border control). He also considers the social implications for those who are not easily identifiable using biometrics, including the disproportionate number of prisoners, welfare recipients and migrants.
The book dispels some common misconceptions about biometrics, such as the idea that they are inherently secure because they are based on unique physical characteristics. In fact, this security does not depend on these traits being secretive and it is quite easy to impersonate a person using photographs or other information about them.
3. Technology
Biometric recognition systems—from digital fingerprint scanning to facial and iris recognition—are a multibillion dollar industry and an integral part of post-9/11 national security policy. But they are also prone to failures, which can pose serious security risks.
When these systems fail, the results can be categorized as false acceptance or false rejection. In the former, the system accepts a fake fingerprint or eyeball and allows access (a false acceptance). In the latter, the system rejects a legitimate biometric sample and denies access to the user (a false rejection).
In many cases, the systems fail because of sources of variability and uncertainty. As cybersecurity specialist Roger Grimes explains, even a simple system like a fingerprint scanner embedded in a computer has many sources of error. For example, the device turns the raw biometric data into a series of points noting where major “rivers and valleys” and sharp changes occur—not a clean star constellation, but an image that is far from perfect.
4. Security
Biometric recognition relies on a one-to-one match between a new biometric sample and data stored in a database. This is different from nonbiometric authentication factors such as passwords and PINs that can be easily replaced if compromised.
In contrast, fingerprints and irises, as well as facial images and voiceprints, cannot be replaced once stolen. This makes them more sensitive to hacking and easier to manipulate for malicious purposes.
Shoshana Amielle Magnet argues that rendering bodies in biometric code is falsely assuming that our physical characteristics are stable and unchanging. She also shows that these technologies work differently, and often fail to function, on women, people of color, and those with disabilities.
Like all identification methods, a fundamental privacy concern with biometrics is that the technology is recording private information about an identifiable individual. This means that it is subject to privacy laws such as the federal Privacy Act and Canada’s Personal Information Protection and Electronic Documents Act, overseen by the Office of the Privacy Commissioner.