Global Navigation Element.

Fall/Winter 2010 Vol. 10 Number 3

Table of Contents



Reality Check

Biometric Recognition Systems Not as Infallible as Many Believe

Popular movies and TV shows often portray advanced fingerprint, voice, or retina recognition systems as a foolproof means of identification. In fact, governments increasingly are looking to biometric technologies as a better way to track terrorists at borders. And some companies have started using biometrics to control access to buildings or information. What does the scientific evidence say about the effectiveness of these systems for security or surveillance?

A report by a committee of the National Research Council that reviewed the available data cautions that biometric systems designed to recognize individuals based on biological or behavioral traits are "inherently fallible," and confidence in results must be tempered by an understanding of this fallibility. Although the systems can be useful in many circumstances, more research is needed to gain a complete knowledge of their strengths and limitations.

No single biological or behavioral trait has been identified that is stable and distinctive across all people, the report notes, and many sources of uncertainty need to be considered as systems are developed and put into place. For example, biometric characteristics may vary over an individual's lifetime due to age, stress, disease, or other factors. Technical issues regarding calibration of sensors, degradation of data, and security breaches also contribute to variability in these systems.

The report says that careful consideration is required when using biometric recognition as a component of an overall security system. When the likelihood of an imposter is rare, even systems with very accurate sensors and matching capabilities can have a high false-alarm rate. This could become costly or even dangerous in systems designed to provide heightened security; for example, operators could become lax about dealing with potential threats.

Any biometric system selected for security purposes should undergo thorough threat assessments to determine its vulnerabilities to deliberate attacks, the report recommends. Unlike other security systems, biometric systems cannot rely on secrecy of data, since fingerprints, palm prints, and other traits can be easily accessed and are publicly known.

Effectiveness of these systems depends as much on factors such as the competence of human operators as it does on the underlying technology, engineering, and testing regimes, the report says. Secondary screening procedures that are used in the event of a system failure should be just as well-designed as primary systems.
--  Molly Galvin

Biometric Recognition: Challenges and Opportunities. Wither Biometrics Committee, Computer Science and Telecommunications Board, Division on Engineering and Physical Sciences (2010; 182 pp.; ISBN 0-309-14207-5; available from the National Academies Press; tel. 1-800-624-6242; $41.50 plus $5.00 shipping for single copies).

The committee was chaired by Joseph N. Pato, distinguished technologist at Hewlett-Packard's HP Laboratories, Palo Alto, Calif. The study was funded by the Defense Advanced Research Projects Agency, Central Intelligence Agency, and U.S. Department of Homeland Security, with assistance from the National Science Foundation.

Previous Table of Contents Next

Copyright 2010 by the National Academy of Sciences