Biometrics are seen as a magic bullet to uniquely identify humans — but it is still new technology. Companies can experience growing pains and backlash due to incomplete thinking prior to implementation. Attackers do the hard work of finding every crack and vulnerability. Activists point out civil liberty and social biases. This shows how our current solutions are not always secure or equitable. In the end, each criminal, activist, and product misstep inspires innovation and new solutions.
- The benefit of biometrics is they are unique and can be trusted to be unique. It’s not impossible, but it is very hard for someone to spoof a biometric. Using a biometric raises the bar a bit, and makes that system less attractive to target — up to a point.
- Any data is only as secure as the system in which it is stored. Sometimes these systems can be easily penetrated due to poor identity and access management protocols. This has nothing to do with the security of biometrics — that has to do with the security of stored data.
- Apple FaceID is unbelievably convenient! Once I set up FaceID to unlock my phone, I can configure it to unlock other apps — like banking apps. Rather than typing in or selecting my password from a password manager — I just look at my phone! This makes it easy for me to access my sensitive data. From a user experience perspective, this is wonderful, but I have to trust Apple’s locked down tech stack.
- The first versions of new technologies will still have issues. All new technology is antifragile, and thus will have more bugs. As the technology is used, the bugs are discovered (thanks hackers!) and fixed, and the system becomes more secure over time. Attackers will move on to more vulnerable targets.
- Solve for every corner case and you’ll have a rigid yet secure system that probably doesn’t consider the human interface very well. Leave out a corner case and you might be leaving an open door for attack. Solving for the “right” situation is a balance. Which means, either extreme can be harmful to different audiences.
- Learn from others, share and collaborate on what you have learned. Everyone has to work together to move the industry forward.
Curious to learn more insights about the Future of Digital Identity? I’ll be joining three speakers on the Future of Digital Identity Verification panel.