Why Biometric Security Is Such a Divisive Technology

The best protection or just another liability

Key Takeaways

  • Biometric security has become more prominent in technology over the past few years, with smartphones now relying on facial ID and fingerprints to access sensitive data and accounts.
  • Despite some security benefits, privacy experts are divided on just how good biometric security is and how much protection it offers consumers.
  • Ultimately, it falls on the user to determine if they want to accept the risks to make the most of the added security biometrics can offer when utilized correctly.
Closeup of someone pressing a thumb to a security overlay, as if seen through a clear screen.

Teera Konakan / Getty Images

With more consumers turning to online payments and accounts, biometric security has seen a massive increase, though experts tend to have differing thoughts on just how secure it is.

Your digital identity and protecting it has become a top concern for many people in the past few years, especially as more contactless payment systems appear in phones and stores. It has become so important that entire companies have created encrypted systems to help protect your biometric data. But just how secure is using your fingerprint to pay for your coffee?

Some experts say it’s the most secure way to protect your online data, but others warn you could be opening yourself up to a massive security breach if you aren’t careful.

"In most cases, biometrics—fingerprints, face, iris, voice, heartbeat, etc.—are safer than passwords, as they’re a lot more challenging to crack than alphanumeric codes. However, they are not infallible," Daniel Markuson, a privacy expert at NordVPN, told Lifewire in an email.

"This is not to say that people should stop using biometric authentication altogether. However, as it gains popularity, the ramifications of biological data theft get more alarming."

Security or Convenience

For privacy experts like Markuson, biometrics should be seen as a convenience and paired with other security measures—like multi-factor authentication. The main reasoning for this? If your biometric data is somehow spoofed, it’s impossible to simply go in and change your fingerprint or your facial profile.

"If a password gets compromised, the user can simply change it. Biometrics, on the other hand, are inherent biological data that can’t be changed. And if hackers can crack biometric passwords from publicly available photos using commercially available tech, the implications of this are scary," Markuson explained.

As [biometrics] gains popularity, the ramifications of biological data theft get more alarming.

With the cost of cybercrime expected to grow to over $10.5 trillion annually by 2025, protecting your online data never has been more critical than it is right now. That’s why biometric security has become a preferred method for protecting your accounts.

On top of that, many companies and websites also push users to activate two-factor authentication, as it acts as one of the primary obstacles for hackers and cybercriminals trying to figure out your passwords.

While the concerns over biometric data being spoofed are real and worth keeping in mind when using facial ID or fingerprints to log into accounts, users can protect themselves by not entrusting this data to companies they don’t know and trust. If you’re worried about your biometric data being stolen, you always can treat biometrics like a convenience.

Finding Balance

Other experts see biometric data in a much different light, especially when talking about security for consumers working at companies that rely on security to protect sensitive data. Much of these principles also can be translated to the consumer end of biometric security, like the facial recognition system in Apple’s iPhone.

Someone using a biometric face scanner on a smartphone while sitting at a kitchen counter holding a cup of coffee.

filadendron / Getty Images

"Using biometrics paired with ID proofing to replace traditional usernames and passwords protects a company from cyber threats," Mike Engle, an expert in biometric security and the chief strategy officer of 1Kosmos, told Lifewire in an email. 

Engle also noted that every 39 seconds, a company falls victim to a cyber attack. The leading cause of this alarming number is usually poor password management, something that Engle says can be solved using biometric security. He also says it is essential to store biometric data in a decentralized location, which will make it harder for hackers or cybercriminals to get their hands on it, especially if it’s encrypted.

With so much of your online data being used to create your digital identity, weighing the risks with the security benefits is important when determining whether or not you want to trust companies with your biometric data. If you’re wary of letting those companies or apps capture your facial or fingerprint data, then it’s probably best to avoid using biometrics, and instead rely on a strong password and multi-factor authentication.

Was this page helpful?