Information Technology and Ethics/Software Development of Biometrics

Ease of use has become the priority for many people launching a surge into the study and use of biometrics within everyday software. Biometrics are measurements of biological or physical characteristics used to uniquely identify individuals.[1] They have become an integral part of modern software, often used to unlock smartphones and access banking applications.

What are Software Biometrics

Software biometrics refers to the integration of biometric analysis into digital applications and platforms, often for authenticating user identity.[2] In other words, software biometrics allows for us to use different parts of our body as a form of identification. We can use our fingers, eyes, face and even voice patterns to login into our bank accounts, unlock our homes, make purchases, and control everything within our lives.

Instead of using a password that is tied to some discrete numbers, software biometrics are far more preferred because they are independently tied to each individual and are harder to duplicate and fake.[3] Additionally, they eliminate the need for users to remember or manually enter passwords. Software biometrics are also used within the cases of companies and governments since they allow for the user to be identified and kept on record. Police forces uses this software as a means of analyzing and comparing fingerprints and face shapes as a method of attempting to identify a culprit.

Historical Context and Development of Software Biometrics

The use of biometrics for identification dates back to 1900 BCE when ancient Babylonians used fingerprints on clay tablets.[4] However, the development of modern biometric technologies began in the late 20th century, initially driven by military and law enforcement applications for safeguarding sensitive information and identifying criminals.[5][6]

The first notable use of biometric software in the consumer market was Apple’s 2013 launch of Touch ID on the iPhone 5S.[7] Offering seamless, reliable authentication, Touch ID marked a new era in consumer technology. Since then, biometric software has been increasingly incorporated into enterprise systems and everyday consumer products such as Android devices and smart home systems.

Biometrics in Everyday Software

Today, biometric software is widespread in the Internet of Things (IoT) ecosystem and mobile devices. Smartphones now utilize fingerprint scanning, facial recognition for unlocking devices, and voice recognition for smart assistants like Siri and Alexa.[8] Banking apps use biometrics to authenticate user logins and authorize payments. Similarly, smart home devices incorporate fingerprint-scanning locks and voice-activated controls for enhanced security and convenience.[9]

Definition and Concept of Software Biometrics

Software biometrics is when biological patterns are needed to help identify and verify an individual's identity. It depends on unique physical traits, which can be categorized as fingerprints, facial features, iris patterns (eye), or the sound of the individual's voice, to verify a person through systems using software security techniques. [10]

Unlike traditional methods of authentication of identity, which depend on concepts a user is familiar with, such as a password or a PIN to unlock a phone, newly developed software biometrics are based on something the user has and can be identified by, an undeniable trait of proof of identity [11]. This software biometric approach makes it much more difficult for unauthorized individuals to gain access to something that is not theirs. It should be noted that biometric traits are unique and difficult to steal or replicate because they are unique to one individual.

At the core of software biometrics, there is a process that involves capturing a user’s biological data, then processing it through a digital algorithm. Once the data analysis is finished, the data is compared and stored under the user's identity to help perceive an individual. This process is usually swift, seamless, and integrated into our more modern devices that we use to date, such as smartphones, laptops, and systems that must ensure secure access[12].

The recent shift from passwords to biometrics marks a humongous change in security, especially in this newer digital age. Passwords can be very vulnerable to many risks as they can be guessed, forgotten, shared in things like data leaks, or stolen through hacking and phishing. Users often make weak passwords that are guessable or can be found in data leaks because they are so common. Not only this but users tend to reuse passwords across different platforms, increasing the likelihood of breaches.

In contrast, biometric authentication is predicted to be more secure and user-friendly. A fingerprint or facial scan is not easily forgotten, stolen, or replicated especially because this data is verified and stored under one person's identity and this stuff is hard to gain access to. The use of  authentication using body parts reduces the need to remember difficult or hard to remember credentials and  deeply increases the overall security experience [13]. This transition is becoming common due to advancements in software that revolve around introducing biometrics to identify people. Devices today are naturally equipped with  tools that are built in to make biometric authentication easy and accessible. As a result of this, organizations and users are increasingly utilizing biometrics for secure, convenient access to digital systems [14].

In summary, software biometrics uses biological patterns for identity verification and represents a move away from traditional password-based methods. This shift is reshaping how we secure digital access prioritizing who you are over what you know.

Applications of Software Biometrics

Business and Government

In the United States, the Internal Revenue Service (IRS) mandates that tax professionals use multifactor authentication (MFA), with biometrics as an accepted method, to protect client information.[15] The Transportation Security Agency is using facial recognition in conjunction with the U.S. Customs and Border Protection (CBP), who is congressionally mandated to deploy a biometric entry/exit system to record arrivals and departures to and from the United States, [16] to allow expedited airport check-in. [17]

Enterprise

Commercial applications of biometrics include facial recognition on social media platforms such as Facebook and Instagram, enhancing user interactivity by tagging and linking individuals to photos.

Law Enforcement

Law enforcement agencies use facial recognition for crime control and surveillance.[18] However, these applications raise privacy and human rights concerns, particularly regarding facial data sources and handling.

Personal Uses

On a personal level, individuals use biometrics for online banking, shopping, and home security. For instance, biometric locks secure home entry points, while smartphones authenticate banking transactions through biometric sensors. [19]

Commerce

Retail stores like "Amazon Go" utilize customer biometric data for store entry and automate purchases by linking identity to payment information.[20]

Different Types of Biometrics in Software

  • Facial Recognition Systems: Facial recognition software scans and maps key facial features to create an image matched against a database for identification [21][22] It can also enhance user experiences by applying facial filters.[23]
  • Speech/Voice Recognition: Speech recognition software converts spoken words into text, improving accuracy through user training.[24] Voice recognition, distinct from speech-to-text, identifies users based on vocal characteristics to enhance authentication.[25]
  • Fingerprint Scanners: Fingerprint scanners capture fingerprint images using cameras or capacitive sensors. Capacitive scanners, which detect electrical charges, generally offer greater accuracy than image-based systems.[26]
  • Retinal Scanners: Retinal scanners use infrared light to map blood vessels in the retina, creating highly accurate biometric profiles with an error rate of 1 in 10 million, second only to DNA testing.[27][28]
  • Iris Recognition: Iris recognition software analyzes camera images or videos of the iris to verify identity.[29][30] Unlike retinal scans, iris scans use visible-light images, providing high accuracy with low false-positive rates.[31]
  • Brain-Computer Interfaces (BCI): BCIs collect and decode brainwave data for analysis or device control. Deep learning AI improves BCI accuracy and is often used for medical diagnostics, such as monitoring epilepsy and controlling prosthetic limbs.[32]

Ethical Concerns in Biometric Software Usage

While biometric technologies offer convenience and security, they raise critical ethical concern around privacy, consent, and potential misuse.

Privacy Concerns in Biometric Data Collection
Biometric data is inherently personal and immutable, posing significant risks:

  • Mass Surveillance: Governments and corporations may exploit biometrics for widespread surveillance, threatening anonymity (Mordini & Petrini, 2007).
  • Data Breaches: Compromised biometric data cannot be reset like passwords, leading to permanent security risks (Jain et al., 2016).
  • Lack of Transparency: Organizations often fail to disclose how biometric data is processed, store, or shared (Cavoukian & Stoianov, 2007).

Consent and Autonomy in Biometric Usage
Concerns about informed consent include:

  • Coerced Consent: Employees pressured to submit biometrics data (Martin et al.,2009).
  • Ambiguous Policies: Vague terms of service obscure how biometric data is collected and used (Solove, 2013).
  • Vulnerable Populations: Groups like children and refugees may be subjected to biometric collection without proper safeguards (UNHCR, 2018).

Potential Misuse and Exploitation
Examples of exploited biometric data:

  • Identity Theft and Fraud: Occurs when stolen biometric data grants an attacker unauthorized access and allows the impersonation of victims' identities (Ratha et al., 2001).
  • Discriminatory Practices: Facial recognition systems can display racial and gender biases (Buolamwini & Gebru, 2018).
  • Corporate Exploitation: Companies may monetize biometric data without user knowledge (Zuboff, 2019).

Legal and Ethical Frameworks for Mitigation
To address these issues:

  • Strict Data Protection Laws: Frameworks like GDPR and Illinois' BIPA mandate explicit consent and secure data handling.
  • Ethical AI Development: Biometric algorithms should be independently audited for bias and accuracy (IEEE, 2019).
  • Public Awareness Campaigns: Educating users about biometric risks empowers the make informed choices (NIST,2020).

While biometric technologies offer undeniable advantages, safeguarding privacy, autonomy, ethical usage must remain a priority.

References

  1. Jain, A. K., Ross, A., & Prabhakar, S. (2004). An introduction to biometric recognition. IEEE Transactions on Circuits and Systems for Video Technology, 14(1), 4–20.
  2. Ratha, N. K., Connell, J. H., & Bolle, R. M. (2001). Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal, 40(3), 614–634.
  3. Sutrop, & Laas-Mikko, K. (2012). Ethical Implications of Second-Generation Biometrics.
  4. Ashbourn, J. (2000). Biometrics: Advanced identity verification. Springer.
  5. Maltoni, D., Maio, D., Jain, A. K., & Prabhakar, S. (2009). Handbook of fingerprint recognition (2nd ed.). Springer.
  6. Mordini, E., & Petrini, C. (2007). Ethical and social implications of biometric identification technology. Annali dell'Istituto Superiore di Sanità, 43(1), 5–11.
  7. Apple. (2013). Apple introduces Touch ID fingerprint sensor. Retrieved April 20, 2025, from https://www.apple.com/newsroom/2013/09/10Apple-Introduces-iPhone-5s/
  8. Apple. (n.d.). Face ID security. Retrieved April 20, 2025, from https://support.apple.com/en-us/HT208108
  9. Tax Pros. (n.d.). Identity verification for tax professionals. Retrieved April 20, 2025, from https://www.irs.gov/tax-professionals/identity-verification
  10. "Biometrics Software Selection Guide: Types, Features, Applications | GlobalSpec". www.globalspec.com. Retrieved 2025-04-29.
  11. "Biometrics (facts, use cases, biometric security)". www.thalesgroup.com. 2023-06-12. Retrieved 2025-04-29.
  12. Inc, Aware (2015-08-28). "Aware, Inc - Biometrics Software Solutions". Aware. Retrieved 2025-04-29. {{cite web}}: |last= has generic name (help)Category:CS1 errors: generic name
  13. Trevino, Aranza (2024-02-27). "Are Biometrics Safer Than Passwords?". Keeper Security Blog - Cybersecurity News & Product Updates. Retrieved 2025-04-29.
  14. "Biometrics and Privacy – Issues and Challenges – Office of the Victorian Information Commissioner". Retrieved 2025-04-29.
  15. "Tax pros: Multifactor authentication is key to protecting client data | Internal Revenue Service". www.irs.gov. Retrieved 2025-04-29.
  16. "DHS/CBP/PIA-056 Traveler Verification Service | U.S. Department of Homeland Security". www.dhs.gov. Retrieved 2025-05-10.
  17. "TSA PreCheck® Touchless ID | U.S. Department of Homeland Security". www.tsa.gov. Retrieved 2025-05-10.
  18. Purshouse, Joe; Campbell, Liz (2019). "Privacy, crime control and police use of automated facial recognition technology". Criminal Law Review. 2019 (3): 188–204. ISSN 0011-135X.
  19. Judd, Elizabeth (2023-02-01). "Biometric banking: Smarter every day". Independent Banker. 73 (2): 34–37 via EBSCOhost.
  20. Wankhede, Kirti; Wukkadada, Bharati; Nadar, Vidhya (2018-07-12). "Just Walk-Out Technology and its Challenges: A Case of Amazon Go". IEEE Xplore. IEEE: 254–257. doi:10.1109/ICIRCA.2018.8597403. ISBN 978-1-5386-2456-2.
  21. "Face Recognition based Smart Attendance System Using IoT" (PDF). International Research Journal of Engineering and Technology. 9 (3): 5. March 2022.
  22. Thorat, S. B.; Nayak, S. K.; Jyoti P Dandale (2010). "Facial Recognition Technology: An analysis with scope in India". arXiv:1005.4263 [cs.MA].
  23. Kumar Mandal, Jyotsna; Bhattacharya, Debika (2019). Emerging Technology in Modelling and Graphics: Proceedings of IEM Graph 2018. Springer. p. 672. ISBN 9789811374036.
  24. "Speaker Independent Connected Speech Recognition- Fifth Generation Computer Corporation". Fifthgen.com. Archived from the original on 11 November 2013. Retrieved 15 June 2013.
  25. "British English definition of voice recognition". Macmillan Publishers Limited. Archived from the original on 16 September 2011. Retrieved 21 February 2012.
  26. Rouse, M. (March 2021). "Experts Agree: Face ID Is Not The Answer, In-Display Fingerprint Sensors Are". Display. E3displays. Retrieved 8 March 2021.
  27. Cofta, Piotr; Furnell, Steven (2008). "Use of Biometric Data". Understanding Public Perceptions: Trust and Engagement in ICT-mediated Services. International Engineering Consortium.
  28. Retina and Iris Scans. Encyclopedia of Espionage, Intelligence, and Security. Copyright © 2004 by The Gale Group, Inc.
  29. "Understanding Biometric Entropy and Iris Capacity: Avoiding Identity Collisions on National Scales" (PDF). cam.ac.uk. Retrieved 12 August 2023.
  30. Choi, | Tyler (13 June 2022). "Iris recognition reaches the mainstream for identification, authentication | Biometric Update". www.biometricupdate.com. Retrieved 28 June 2023.
  31. Zetter, K. (25 July 2012). "Reverse-Engineered Irises Look So Real, They Fool Eye-Scanners". Wired Magazine. Retrieved 25 July 2012.
  32. Davidoff, E. J. (2020). Agency and Accountability: Ethical Considerations for Brain-Computer Interfaces. The Rutgers journal of bioethics, 11, 9–20. https://pmc.ncbi.nlm.nih.gov/articles/PMC7654969/

    Ethical Implications of Second-Generation Biometrics

    Category:CS1 errors: generic name Category:Pages using ISBN magic links