What are biometrics, and how do they keep us safe?

Until a few years ago, we all relied heavily on a complex series of passwords, PIN codes and two-factor authentication to complete even mundane online tasks.

From device logons to payment authorisations, an ever-changing array of security information was required to confirm our identity, complete purchases and even start some devices.

Yet given the complexity of many modern passwords (minimum ten characters; uppercase and lowercase; at least one number; at least one symbol), a solution was clearly required.

Biometrics provided an obvious answer. They’ve been adopted by hardware manufacturers, financial services providers, app developers and many other client-facing services.

But what are biometrics? How do they work, and what are the benefits?

Bio hazard

There’s always a risk of a password being hacked, a PIN code being guessed or security details being spied over your shoulder.

Biometrics, on the other hand, can’t be shared or hacked. That’s because they literally are on your other hand.

Fingerprint recognition is the most popular form of biometric ID, used on most modern smartphones and many laptop/tablet devices.

Small touch-sensitive pads will scan a nominated finger, ensuring the fingerprint patten being pressed against it matches the one previously scanned and accredited to its registered owner.

Biometrics help you log on as a device boots up, confirm your identity at payment gateways, approve administrator-level software changes and more besides.

However, fingerprints aren’t always ideal as a method of identification. They preclude wearing gloves, can be thwarted by papercuts, and are easily smudged by natural skin oils or makeup.

That’s why hardware manufacturers are investing heavily in facial recognition software and eye scanning technology.

On many modern laptops, the webcam module will activate as you raise the lid, scanning your face for ID purposes before Windows boots up.

As with fingerprint readers, facial recognition systems aren’t flawlessly reliable. They may be confused by hats, beards, spectacles or poor lighting.

Even eye scanning technology can be thwarted by reflections on glasses, while our irises change with age and may become less recognisable as their appearance evolves.

Any form of biometric identification is likely to be augmented by a traditional PIN code or password, in case the device you’re using can’t authenticate you.

What are biometrics good for?

There are various advantages to using biometrics instead of security credentials or 2FA, not least speed and convenience.

Instead of having to wait for an SMS message or email to confirm your identity on a separate device (which may take time to arrive), biometrics allow you to self-identify within seconds.

They’re optimal on devices used by children, installing payment firewalls so that youngsters can’t spend money in apps or on websites without a parental fingerprint or facial scan.

Biometrics provide greater levels of security than a humble alphanumeric passcode ever could, and they reduce the burden of remembering numerous different passwords and PINs.

Are there any drawbacks?

Inevitably, biometrics aren’t beyond reproach.

Quite apart from the reliability issues cited above, biometrics occasionally return false positives.

This technology isn’t cheap. Your laptop might come with a fingerprint sensor built-in, but you’ll be paying more for the device as a result of its inclusion.

There are also privacy issues – we’re rarely informed where our biometric data is stored or who is allowed to access it – though these also extend to other forms of online ID.

Viewed as a whole, biometrics provide a robust bulwark against fraud and impersonation, combining speed and convenience with (in most instances) reliability.