Skip to main content

8.5 Biometrics

8.5.1 Defining Biometrics

Biometrics is a technique for identification of people that uses body characteristics or behavioural traits and is increasingly being used instead of or in conjunction with other forms of identification based on something you have (e.g. ID card) or something you know (e.g. password or PIN) (Liu and Silverman, 2001). The basic processes in a biometric system involve biometric data being collected from the data subject via a sensor module, a feature module extracts the biometric data and compared it to templates in a database to identify the data subject (Jain, 2004). The templates are encrypted using algorithmic transformation of biometric samples meaning that the original biometric data cannot be obtained from the biometric databases. The systems that operate in a biometric identification process are beyond the understanding of most individuals processed and they occur in places removed from the individual being processed. This lack of understanding means it is not possible to question the identification practices.

There are a variety of biometric characteristics that can be collected from humans including iris recognition, hand geometry, fingerprint recognition, facial recognition, and voice recognition (Rosenzweig, Kochems and Schwartz, 2004). Biometrics technology is continuously developing to improve accuracy, robustness and security which has seen the emergence of second generation biometrics that utilise multi forms of biometrics together, behavioural biometrics and soft biometrics (e.g. gender, age, ethnicity) (Emilio and Massari, 2008). Any biological or behavioural characteristics could be used to identify individuals if it meets the following requirements:

1. Collectability (the elements can be measured)

2. Universality (the element exists in all person)

3. Unicity (the element must be distinctive to each person)

4. Permanence (the property of the element remains constant over time).
(Emilio and Massari, 2008: 489)

Biometric systems operate in two basic modes: verification and identification (Jain, 2008). Verification mode is used to validate a person against whom they claim to be and use one to one matches by comparing biometric data taken from an individual to a biometric template stored in a database. Verification relies on individuals enrolling on the system and registering their identity prior to providing biometric samples which is a massive administrative task when applied to international border control. Identification mode uses a one to many match and searches all the templates in a database to identify an individual therefore the system does not need the compliance of the data subject. The accuracy of biometric technology depends on the accuracy and number of records within the databases (Rosenzweig et al, 2004).

Biometric systems are not perfect and systems compare data collected from the data subject to algorithms to determine identification and, where matches are sufficiently close, they will indicate a match. Biometrics systems rely on matching data to algorithms but they 'make two types of errors: 1) mistaking the biometric measurement from two different persons to be from the same person (called false match) and 2) mistaking two biometric measurements from two different persons to be from the same person (CALLED)' (Jain, 2004: 6). Biometrics systems view the natural patterns of the body as a 'source of order' and 'a source of unprecedented accuracy and precision' (Aas, 2006: 153). The body is a form of information and this can supersede and make redundant the 'talking individual, who owns the body' (Aas, 2006: 154), and they have been criticised for treating individuals as objects (Adey, 2004).