trait. Further, biometric data are exposed not only when data leak from unencrypted or poorly protected databases—they can, at least in principle, be derived from publicly observable human traits. The submission of a password and the presentation of a biometric trait are not, however, analogous. As discussed in Chapter 1, the security value of a biometric verification system stems from measures surrounding the presentation and capture of the biometric trait. These measures cope with public disclosure of an individual’s biometric data by verifying that a presented trait is genuine and not an artifact employed by an attacker. However, when the sample capture is remote and unattended, as would be the case for most systems associated with computer access, there are few technical safeguards and minimal protection against the use of artifacts. In these circumstances, one would not expect a biometric recognition system to provide reliable protection against a premeditated attack.


Although biometric systems can be beneficial, the potentially lifelong association of biometric traits with an individual, their potential use for remote detection, and their connection with identity records may raise social, cultural, and legal concerns. Such issues can affect a system’s acceptance by users, its performance, or the decision on whether to use it in the first place. Biometric recognition also raises important legal issues of remediation, authority, and reliability, and, of course, privacy. Ultimately, social, cultural, and legal factors are critical and should be taken into account in the design, development, and deployment of biometric recognition systems.

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement