We all know that identity thieves can get our usernames and passwords and easily pretend to be us, especially online and at ATMs, but often even in person. Increased security methods, such as requiring multiple passwords or three types of identifying information, have unfortunately not made us much safer.
With the threat of identity theft and data breaches so high (over 10 million Americans were victims last year), companies are turning to biometrics. Biometrics is, simply, the process of using physical features of the body to prove people are who they say they are. For example, biometrics can include:
*Retinal scans
*Fingerprinting
*Palm scanning
Since all of these features are unique to every individual, even identical twins, it seems reasonable that if a person checks out, so to speak, there is little to no risk for identity theft.
This is fairly true, for now. However, columnist and former CIO George Tillmann recently expressed his concerns on the issue. His view is that since after the computer takes a scan it translates the image into a numerical code, identity thieves will come up with a way to mimic this code, if they have not done so already. This means that the thief will not have to actually physically mimic the body part, which would be very difficult to do. Instead, he or she could hack into the computer system and simply tell the machine that it is reading an accurate scan when it is not.
Tillmann goes so far as to say, “ In the years to come, news reports about fingerprint, palm print and retinal eye scan thefts will be just as common as credit card number thefts are today.†He also worries what consumers will do if someone is impersonating them not with their Social Security number but with their fingerprint. While a person can get a new Social Security number if needed, it would be exceedingly difficult – not to mention painful – to try to get your fingerprint replaced.
He, in fact, seems to think that we will be in a worse position when biometrics become the rule and not the exception than we are right now. We may not have long to wait, either, since they are becoming very popular with large corporations, especially banking institutions.
The identity protection industry will have to evolve to help mitigate these new risks. It has already started to do so, with many identity theft protection companies including a service where they scan black market databases to see if thieves are dealing with their customers’ personal information. They could do the same thing with codes for fingerprints or other biometric scans if it came down to it.
Here’s hoping that the increased prevalence of biometric identification does not turn into the disaster that Tillmann predicts. It’s good to know, though, that if this does happen, advances in identity theft protection will surely rise to meet the threat head on.