Biometric systems need to be designed and evaluated relative to their specific intended purposes and the contexts in which they are being used, the report says. Systems-level considerations are critical to the successful deployment of biometric technologies. Effectiveness depends as much on factors such as the competence of human operators as it does on the underlying technology, engineering, and testing regimes. Well-articulated processes for managing and correcting problems should be in place.
The report notes that careful consideration is needed when using biometric recognition as a component of an overall security system. The merits and risks of biometric recognition relative to other identification and authentication technologies should be considered. Any biometric system selected for security purposes should undergo thorough threat assessments to determine its vulnerabilities to deliberate attacks. Trustworthiness of the biometric recognition process cannot rely on secrecy of data, since an individual's biometric traits can be publicly known or accessed. In addition, secondary screening procedures that are used in the event of a system failure should be just as well-designed as primary systems, the report says.
The report identifies several features that a biometric system should contain. Systems should be designed to anticipate and plan for errors, even if they are expected to be infrequent. Additional research is needed in all aspects of design and operation, from studying the distribution of biometric traits in given populations to understanding how people interact with the technologies. In addition, social, legal, and cultural factors can affect whether these systems are effective and accepted, the report says.
|Contact: Molly Galvin|
National Academy of Sciences