Security Implications of Biometrics: ITC595 Research Project Analysis

Verified

Added on 2021/05/30

AI Summary

This research project, conducted for ITC595 at Charles Sturt University, explores the evolving landscape of biometric technology and its implications for security and privacy. The project investigates the application of biometrics, including fingerprint, iris, and facial recognition, within the context of e-government and identity management systems. It examines the benefits of biometric authentication, such as enhanced security and efficiency, while also addressing potential vulnerabilities and privacy concerns associated with biometric data collection and usage. The study reviews literature on biometric cards, their implementation, cost, and societal impact, considering both the advantages in terms of reduced crime and the disadvantages related to privacy violations and human rights concerns. The research also explores the role of biometrics in securing systems and protecting sensitive information, highlighting the ongoing need for robust security measures in an increasingly interconnected digital world. The project concludes by emphasizing the importance of balancing security advancements with the protection of individual rights and privacy.

ITC595 Research Project (Biometrics)
A. Author
ITC595 MIT, School of Computing & Mathematics, Charles Sturt University
author@first-third.edu.au
ABSTRACT –Throughout the past decades the Biometric,
technology has become an important tool in terms of fingerprint
scanning, iris and face recognizer etc. for improving the security and
privacy. It has been found that the implications those include
biometric components in their identification process are extremely
prone to the security risks. It is projected that, technological
application those attempt for resolving the identified issues
associated to biometric components, this is important to emphasize
the main privacy aspects trough biometric implementations.
Biometric authentication represents the prospect of electronic level
security and privacy. Biometric authentication system can recognize
individuals considering their anatomical traits in terms of
fingerprint, palm print, iris, voice etc. All of these traits are linked
with the users that enable only authorized users access. Biometric
information is always unique in nature and extremely successful in
maintaining privacy and security. With the help of the appropriate
sensor initially the biometric system records the sample of the
biometric traits of the users. After that, all the salient features are
characterized from the sample. Biometric system gives adequate
identification opportunities and reduces the rate of risks through
connecting personnel and all other specific actions. Biometric
authentication gives efficiency, scalability, reliability and
profitability to the forensic departments for identifying individual
personnel. This kind of systems are convenient and its access are
granted with biometric password such as fingerprint, iris scan etc
but not with any kind of smart cards.
Keywords— Biometric, Biometric cards, Privacy, information
security.
INTRODUCTION
The introduction of the Biometric system has taken new
strides as we usher into the next decade. These cards are
personal identity cards that provide for a personal
identification tool, address proof and are linked to the
National Identity Register in countries like the United
Kingdom. Many Europeans countries have considered
adopting this system to have a much more synchronized
process of identification as well as the compilation of data
with regard to the citizens of the countries (Ahmed & Malik,
2013). The Identity Cards Act 2006 was enacted in the state of
England to bring out such procedure of enforcing unique
identity identification system, which shall have the details of
the people residing in the country with regard to their private
and public information. "As the move towards e-Government
gathers pace in Europe, the impact of the digitalization of
many citizen-state interactions is beginning to challenge
accepted wisdom on what digital citizenship consists of, what
its risks are, and how they might be managed in the new
digital era. In the evolving relationship between e-Government
and the digital citizen, of growing importance is the role-
played by new identity management systems (IDMS) and the
introduction of electronic ID cards? E-Government projects
often involve large-scale sharing of data, much of it personal
data about citizens, and increasingly these projects involve the
personal identification and authentication of individual citizens
as they use electronic public services.” (Bank, 2017)
A. Research Problem
In today’s IT driven society, technology is all pervasive. In
almost all aspects of life, the role of technology is all too
evident to ignore. As the threat of viruses increase in the
software world, the companies try to come out with the latest
anti-virus updates and the cycle seems to go on. Similar
situation exists in matters concerning security and privacy.
Many a times, efforts are made by scrupulous elements to
sneak in sanitized zones and cause discomfort to general
public or destroy the security setup. Instances involving the
theft of data from secure zones, theft of items from a retail
store, fitting a timer bomb inside the metro tube, hijacking a
passenger aircraft by smuggling in arms and ammunition
inside a passenger aircraft, etc are the kind of instances which
have forced the security agencies to go for an upgrade
regularly. Technology proves to be quite helpful in devising
gadgets and devices required for firming up the security
apparatus help in these applications.
B. Research Justification
This research study is being undertaken to analyse how
predominant the role of technology happens to be in handling
the security issue in general and how the biometric technology
has helped the security system in dealing with difficult
circumstances. Biometrics can help during elections,
authorised entry into an office, firming up security, preparing a
database of the citizens etc. In fact there are some offices
which make good use of biometric devices to ensure
punctuality and discipline amongst the workforce. An effort
would be made during the study how biometric system can
LITEERATURE REVIEW
Biometric cards
These biometric cards have a great amount of use and the
government introduced the same in order to cut down on the
wastage of resources and to ensure national security.
According to ministers, this card was introduced so that
people would not have to have various other cards as per their
identity proof and thus it would make identification for owning
certain products, traveling around the country and abroad etc.
better. Furthermore, it would help the government to easily
keep a tab on each citizen residing within the country and the
citizens would be able to use the social security services
without misusing the same (Awad, 2017).
After conducting various meetings and consultations
regarding the introduction of such a system for the purpose of
evaluation and tracking of every citizen within the country, the
government decided to go ahead with the same because the
main merit of working with this system in place would mean
that the government has the ability to clearly and properly
identify each and every person living in the country and thus

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

have his records, which would further lead to a large bout of
development as they would be able to understand the
situation of different people better. The government also tried
to keep a check on terrorist activities and thus provided that
having such a system in place would really help to curb the
same (BIOMET (Workshop), Cantoni, Dimov, & Tistarelli,
2014).
In the United Kingdom, efforts were made and the majority
passed the implementation of the bill for the introduction of
biometric cards in the Parliament. However, there was a great
amount of information leaked regarding the difficulty that the
Parliament was facing regarding the issuing of these cards in
terms of gathering all the information regarding the people,
keeping the costs in check as well as ensuring the reliability of
having such a system in place. The cost and the reliability
factors became the two most important factors in terms of
understanding this very system (Chin, 2011).
The cost of having this system in place has been estimated
to be around 12 to 18 billion pounds and the government has
also been challenged on the basis of the reliability of this very
scheme because, in order to undertake this successfully, it
would have to carry out research and find out information up
to date about the people at least every five years. A new
database linkage system would also have to be effectively
placed within the purview of the government in order to carry
out research work and save all the information regarding the
biometrics of the people within the country (Grother,
Salamon, & National Institute of Standards and Technology
(U.S.), 2012). For the purpose of the ID card, photographs,
proof of information as well as fingerprints would be required,
which would further require more costs and take up a great
amount of time. The government was skeptical about many
people not providing their correct information and getting
away with fake biometric passes for the purpose of unlawful
or illegal activities. Further, it was also to be decided whether
or not this card could be used in place of the passport that
people already had, in order to at least travel within the
country of Europe, because getting the same accepted by
other nations would be yet another task. During a time of such
high crisis with respect to crimes, no country would want to
allow anything less than a universally acceptable proof of
information regarding a person and thus these biometric cards
proved to be unreliable in terms of the same (Grother,
Salamon, Chandramouli, & National Institute of Standards and
Technology (U.S.), 2013).
The main effect that this card would have brought about
would be to reduce crime and terror and also give people ease
of access as they would not have to use multiple ID cards for
the purpose of registering for products or buying assets and
creating bank accounts. However, according to critics, these
cards have only helped to take further the process of crime
because people have been issuing fake biometric cards which
have led to a great amount of wastage of resources and
destruction with respect to maintaining law and order within
the country (Hidayat & Ihsan, 2011).
Views on use of Biometric Cards
There have been many human rights activists and groups
that have challenged the use of these cards in terms of
violating human privacy. According to Gordon Brown, these
cards used in the United Kingdom should have had the
capacity of being instantly notified to the police as they were
swiped. As soon as a person entered a building via an iris scan
door, these cards were to let the police know the whereabouts
of the person. They would also have been used in order to
share confidential information about a person to the police
and have all that information stored in their database against
the person’s will if such a situation was to arise (In Fennelly,
Fennelly, & Perry, 2014).
These cards would help to marginalize the weaker sections
of society as well which would not be a boon for them. It
would rusticate the gypsies, beggars and the other poorer
sections of the people from the well off and make the
government habituate them in a different part of the city or
country altogether. Even though the government argued that
these cards were required in order to remove identity theft,
such a situation cannot be completely erased by having this
system in place. It is important for any government, especially
a democratic one, in order to ensure that its people are
satisfied and happy. Every government can only do that by
knowing and understanding the status of the people, which
can further be done by collecting their information. However,
activists argue that using these cards simply takes this entire
exercise to a whole new level where each person’s
information is available to the police who have a track on the
whereabouts of every man roaming the country because of his
card swiping activities. This was not taken well by the people
because it hinders privacy issues and leads to petty problems
which the police would have to further look into and solve.
This would involve new rule making which would again be a
tedious process (In Kakadiaris, In Scheirer, In Hassebrook, &
SPIE (Society), 2013).
Privacy protection using Biometrics
For system administrators and internet users, security has
become a primary concern. Whether one needs to protect
private information and data in one’s file, to lock to
unauthorized users, a computer system, individuals need to
get a suitable level of security. This appropriate security is also
required to regulate access to an extranet or an intranet, or to
transact business through the internet. Determining effective
means of realizing this proper security is also important. The
fear of internet security has been one of the major barriers to
transacting businesses electronically through the internet as a
medium (In Ling, In Jin, & In Hu, 2015). With the contemporary
popularity as well as prospective profits of conducting
transactions electronically, many organization executives
experience a conflict situation. In other words, online
connections to expand their sales are likely to lead to threats
and risks of intrusion. Alternatively, staying disconnected from
this very internet will bind them to sacrifice their client contact
as well as services to their existing competitors (Jahankhani,
2010).
Use of Biometrics to secure Business systems
In order to transact most business dealings, and to convey
electronic mail, the internet makes use of mail transfer
protocol. These transmissions possess as much confidentiality
as a postcard. In other words, it travels over untrusted and
insecure lines. This implies that anybody who is at any point
along the path of transmission can access the message and
hence read its content using the word processing program or
text viewer. Also, since these transmission lines are not
secure, forging e-mail or using the name of another person is
easy (Kavati, Ilaiah, Prasad, Bhagvati, & Chakravarthy, 2017).
This has made theft of identity one of the leading fraud
incidences. An individual can claim that another person sent a

message, for instance, to terminate an order or evade paying
an invoice.
Both in the private and in the public sectors, organizations
are cognizant of the needs and importance of internet
security. Both sectors, therefore, have led to measures that
safeguard their internet data and business systems. However,
the most appropriate way to prevent an intruder from
accessing the network is by providing a security wall in
between the corporate network and the intruder. Since these
intruders accesses the system by the use of a software
program, like a virus, or through a direct connection, user
authentication, data encryption, and firewalls can somewhat
prevent these intruders who intend to hack such networks
(Kumar, Prabhakar, Ross, & SPIE (Society), 2010).
Why use Biometric instead of other security method?
The belief is that the smaller the number of people
authorized to get administrative and physical access to the
server systems or confidential files, the higher the level of
security. A number of applications rely on individual
identification numbers, passwords, and keys as their hidden
security to access confidential information and restricted files.
However, these identification numbers, passwords, keys, and
cards can be stolen, forgotten, lost, given away, or forged.
Additionally, these devices mainly serve to identify the
individual (Kung, Mak, M.-W, Lin, & S.-H, 2010). They are not
able to verify or confirm that the individual is who she or he
claims to be. The information and technology age is rapidly
revolutionizing the manner in which dealings are completed.
Daily actions are progressively being electronically handled,
rather than being handled face to face or with paper and
pencil. This progress and development in the electronic
transaction has led to a greater demand for accurate and fast
user proof of identity and authentication. A way of achieving
this rapid, user–friendly, and distinct identity and verification
is using biometric technology.
Growth in the use of Biometrics
The previous decade has experienced dramatic
advancements in business activities. As a result, there has
been a dramatic increase in the number of corporations that
store and also access sensitive and critical business data
electronically over the internet or on computer networks.
Therefore, the need for internet security has become a
fundamental aspect since there is an increase in the level of
threat of electronic crimes (Li & Jain, 2015). These have all
together, made the online community more susceptible to
frauds in the transfer of electronic information. For decades,
biometrics has been used in military and government
applications that require a high level of security. However,
currently, the biometrics technology is increasingly becoming
affordable and is, hence, being used as a method of network
authentication and overall safety feature. Biometrics can be
described as the authentication technique that depends on
physical or behavioral characteristics that can be verified by
users of computers, making it easier to track people (Meunier,
Xiao, Vo, & Canada, 2013).
Biometrics offers greater security to financial assets
and personal data, which are more essential. They can better
protect most vital data, which could bring the most significant
harm if reached by a wrong person. An example of the most
excellent possible applications is the use of biometrics to
access ATMs. It can also be used with debit or credit cards as
well as, as an overall use for fighting credit card deception.
Several types of monetary transactions are also possible
applications (Workshop International, In Dimov, & In Tistarelli,
2014).
In the United States, many states have managed to
save considerable amounts of money through the
implementation of biometric authentication procedures. In
the process, the numbers of profits claims have dramatically
dropped. This has, therefore, validated the system as one of
the most effective preventive agents against several claims.
Also, they can print counterfeit checks in another person’s
name, acquire bank loans in other people’s names, and
commit other creative tricks in the names of other people to
gain at their expense. Such scam can cause severe damage by
the time the person realizes what has happened. Identity theft
victims usually spend fortune amounts of dollars and several
years clearing their credit reports and names (Modi, 2011).
Ethics in use of Biometrics
Ethics is one of the virtues that every organization,
individual, and systems are expected to uphold at all cost. This
is because it protects human dignity, the right to privacy, and
confidentiality (Workshop International, In Dimov, & In
Tistarelli, 2014). Recently biometric is one of the embraced
fields that requires a lot of ethics concerning identification and
authentication. Occasionally, people feel untrustworthy,
embarrassed and dehumanized. Consequently, people feel
threatened by any fraud, and identity threat including having
data about themselves accessed, and misused by other
people. For instance, there is the use of false biometric data
like face image, fingerprints, and retinal scans that take the
input device (Muller, 2011). According to the theory of
consequentialism which states that a morally right conduct
should result in a real thing, some of the biometric devices
have achieved limited competence to identify a particular
person with technical accuracy, reliability, and foolproof
indeed. This means that the end does not justify the means.
Ethical egoism postulates that actions may be helpful,
detrimental, and or rather neutral to the wellbeing of others
(Traore, 2012). This implies that the actions people frequently
undertake have consequence. For instance, the point of
weakness in a biometric procedure occurs during the
enrollment course. A subject may have the opportunity to
form a new identity for the presentation of fake documents
during the registration processes. Once there is acceptance of
a new false identity, and an imposter can use the services
illegally (Rattani, Roli, & Granger, 2015). Furthermore, when
biometric databases fail to interconnect, it becomes easy for
one to steal a real identity through the presentation of
another person’s particulars during the enrollment course.
This implies that the biometric data becomes unethical since
hackers may use them for their benefit (Traore, 2012).
A biometric character is mostly connected to the person’s
intrinsic physical condition. For instance, a person with
deteriorated fingerprint possesses fingerprints with little
biometric character. This implies that the biometric data
carries fall information thereby losing morality and, standards.
Mature standards ascertain that users adhere to general
authentication protocols. Biometric technology may
experience challenges including loss of a biometric file as
opposed to a password that can be easily replaced ("SIA warns
Alaska on identification," 2010). The stolen biometric data
may be somehow invalidated. In addition, biometrics is
exclusively used for surveillance purposes. In this case, face
recognition surveillance can be used to enhance security and
also to monitor stubborn criminals Faces can be obtained from

social websites, malls, and sporting event and used for
unrelated security purposes without the individual's consent
shows disregard of the people’s right to privacy. The problem
comes in when there is mistaken identity. The victim will lose
human dignity. Thus, the real intention of biometrics data is
lost (Tistarelli & Champod, 2017).
CONCLUSION
In conclusion, Biometric cards have their merits and
demerits as discussed within the scope of this paper. Despite
being introduced in a number of European nations like
Northern Ireland, the UK, and Scotland, they have not proved
to be a viable option for the people because of the kind of
invasion and hindrance to a person’s privacy that they have
led to. Even though these cards promise to bring about social
security, national security as well as law and order, it is not
possible to carry out the same in a democratic nation by
keeping a tab on the people by gaining access to all their
information and personal lifestyle actions. In addition, it takes
a toll on the government to maintain the costs related to
placing this system in the first place. Activists have questioned
the reliability of having such a system and have ruled out the
possibility of finding it as a feasible option for the people.
Therefore having the system of biometric cards in a country is
not really an effective option in terms of curbing crime and
trying to maintain law and order and neither is this entire
system going to be cost effective or completely reliable for the
government. It is a clearly recognized fact that the customary
security measures like identification cards and passwords
cannot sufficiently satisfy all forms of security requirements.
As a result, Biometric is presently and continuously used for
identification and authentication purposes in information
systems. Several behavioral and physiological biometrics for
the identification of individuals have wider applications like
regulation of access to private files and personal computers.
As the technology of biometrics becomes more conventional,
the creation of applications leads to more phases of people’s
daily activities. This is because the rising interest in integrating
traditional technologies of internet security with biometrics
has a potential to increase internet security in the future.
However, the ethical consideration of biometric technology is
questionable particularly on security. Most of the problems
such as violation of individual rights, proper protection of
biometric database, personal liberty, and confidentiality have
tainted the good intention of biometrics. In order to overcome
biometric data identification ethical problems, stored
biometric databases should be protected. In addition, there
should be avoidance of unauthorized collection, utilization,
and retention of the biometric information. Also, the ethical
matters surrounding biometrics technologies have to be
weighed against potential benefits. The governments should,
therefore, enhance the usage of the biometric system to
mitigate the issues as mentioned above.
ACKNOWLEDGEMENT
This is a research paper that is solely compiled by me. I have
a place for technology that is taking the world to new levels.
My curiosity to know more about biometrics helped me do a
research in this area.
REFERENCES
[1] Ahmed, A., & Malik, H. (2013). Security of Biometrics Using Multimodal
Approach. 2013 International Symposium on Biometrics and Security
Technologies. doi:10.1109/isbast.2013.24
[2] Awad, A. (2017). Collective Framework for Fraud Detection Using
Behavioral Biometrics. Information Security Practices, 29-37.
doi:10.1007/978-3-319-48947-6_3
[3] Bank, W. (2017). ICT in Agriculture (Updated Edition): Connecting
Smallholders to Knowledge, Networks, and Institutions. Washington:
World Bank Publications.
[4] BIOMET (Workshop), Cantoni, V., Dimov, D., & Tistarelli, M. (2014).
Biometric authentication: First International Workshop, BIOMET 2014,
Sofia, Bulgaria, June 23-24, 2014 : revised selected papers.
[5] Chin, D. (2011). Portable Biometric System of High Sensitivity Absorption
Detection. Biometric Systems, Design and Applications.
doi:10.5772/21432
[6] Grother, P. J., Salamon, W., & National Institute of Standards and
Technology (U.S.). (2012). Biometric specifications for Personal Identity
Verification. Gaithersburg, MD: U.S. Dept. of Commerce, National
Institute of Standards and Technology.
[7] Grother, P. J., Salamon, W., Chandramouli, R., & National Institute of
Standards and Technology (U.S.). (2013). Biometric specifications for
Personal Identity Verification.
[8] Hidayat, R., & Ihsan, K. (2011). Robust Feature Extraction and Iris
Recognition for Biometric Personal Identification. Biometric Systems,
Design and Applications. doi:10.5772/18374
[9] In Fennelly, L. J., Fennelly, L. J., & Perry, M. A. (2014). The handbook for
school safety and security: Best practices and procedures.
[10] In Kakadiaris, I. A., In Scheirer, W. J., In Hassebrook, L. G., & SPIE
(Society). (2013). Biometric and surveillance technology for human and
activity identification X: 2 May 2013, Baltimore, Maryland, United States.
[11] In Ling, N. D., In Jin, T. A., & In Hu, J. (2015). Biometric security.
[12] Jahankhani, H. (2010). Handbook of electronic security and digital
forensics. New Jersey: World Scientific.
[13] Kavati, Ilaiah, Prasad, M. N., Bhagvati, & Chakravarthy. (2017). Efficient
Biometric Indexing and Retrieval Techniques for Large-scale Systems.
Springer-Verlag New York Inc.
[14] Kumar, B. V., Prabhakar, S., Ross, A. A., & SPIE (Society). (2010).
Biometric technology for human identification VII: 5-6 April 2010,
Orlando, Florida, United States. Bellingham, WA: SPIE.
[15] Kung, S. Y., Mak, M.-W, Lin, & S.-H. (2010). Biometric authentication: A
machine learning approach. Upper Saddle River: Prentice Hall.
[16] Li, S. Z., & Jain, A. K. (2015). Encyclopedia of Biometrics. Boston, MA:
Springer US.
[17] Meunier, P., Xiao, Q., Vo, T., & Canada. (2013). Biometrics for National
Security: The case for a whole government apporach. Ottawa: Defence
Research and Development Canada.
[18] Modi, S. K. (2011). Biometrics in Identity Management: Concepts to
Applications. Boston: Artech House.
[19] Muller, B. J. (2011). Security, risk and the biometric state: Governing
borders and bodies. London: Routledge.
[20] Rattani, A., Roli, F., & Granger, E. (2015). Adaptive Biometric Systems:
Recent Advances and Challenges.
[21] SIA warns Alaska on identification. (2010). Biometric Technology Today,
2010(8), 5. doi:10.1016/s0969-4765(10)70162-4
[22] Tistarelli, M., & Champod, C. (2017). Handbook of Biometrics for
Forensic Science.
[23] Traore, I. (2012). Continuous authentication using biometrics: Data,
models, and metrics. Hershey, PA: IGI Global.
[24] Workshop International, In Dimov, D., & In Tistarelli, M. (2014).
Biometric Authentication. Cham (Alemania: Springer.