Ybarra 1

Eric Ybarra
CST 300 Writing Lab
4 February 2018
Ethical issue on Biometric Technologies
Since the creation of biometric technologies, society has broken into two sides. The ones

in favor of having this technology and the others that would rather have the traditional use of a

password or pin number to secure their information. The question that everyone is asking is

which one is more effective? This being the problem, many continue to say that biometrics is the

future while others say it’s not.

The use of biometrics has been utilized as a way for everyone to have a unique

identification. A number of biometric traits are used like the fingerprint, iris scan, facial

recognition, voice recognition, etc. The concept of biometrics has caused issues in society. The

main issue is the concern of personal privacy as this identification is primarily used in

applications such as passports, ID cards, and recently in phones. Recently companies such as

Mastercard want to start to implement this technology into their company to the extent that they

see society use mobile devices more often during online shopping. Instead of using a password to

identify the user they want people to use their biological features such as facial recognition or

fingerprints to identify the authorized user is the only one access to the account. The article

called “Mastercard makes European Biometrics Push for Online Payments” states, “Research

from Mastercard and Oxford University last year found that 93% of consumers prefer using their

fingerprints or faces over passwords for validating payments, while 92% of bankers also want to

adopt biometrics” (Finextra Research, 2018). This is just one way companies such as this one

will start to implement this technology to its customers. Like many cases there are two sides to

an argument. In this case the other side is that some people aren’t too keen on the

implementation of biometric identification into their everyday products and services. They claim
 Ybarra 2

that this technology is not reliable or effective to protect their valuable information. An article by

Jeremy Bergsman and Daria Kirilenko titled “Why biometrics are less secure than passwords”

states, “First, biometrics will be easier to hack than passwords. Not only are they subject to all of

the current attacks that work when hacking passwords, but biometric data were never designed to

be secret” (Bergsman, J., & Kirilenko, D., 2016). This statement by Bergsman and Kirilenko

illustrates how if users want their data to be private then they suggest everyone should wear

gloves in order to leave no fingerprints. This is one reason that some prefer using the traditional

security methods such as the alphabetic password because at least if hackers compromise the

system then a password can be reset and a biometric authentication such as fingerprint scan

cannot. Although this is true there is no question this is an issue that stakeholders from both sides

are aware of.

The use of biological features as a way to authenticate the person is the owner of the

service or product is a great advancement in this day and age. The use of a fingerprint is one of

the ways that many companies are implementing into their system such as mobile devices like

the iPhone. This is a step forward into this side of technology because security is important in

today’s society. That being said, biometrics like anything has its flaws as well because it’s

relatively new in the use of modern technology. Passwords or PIN’s have been used for years

which is why stakeholders in this department enjoy using them because of it being effective.

Simple accounts such as in social media use passwords to secure one’s information. Even

accounts of higher degree like bank accounts where users have priceless information such as

their social security number use traditional password authentication methods. An article by Tony

Anscombe, senior security evangelist at AVG Technologies, titled, “Biometrics or a Password?”

talks about a case that having a password was more useful than biometrics. The example that
 Ybarra 3

Anscombe talks about was the case involving the San Bernardino terrorist attack in 2015.

Anscombe states, “If the terrorist had used biometrics then the FBI would have been able to

access the iPhone…By securing the phone with a password/PIN the information was taken to the

grave and more complex solutions needed to be found” (Anscombe, 2016). This specific case

clearly showed if the attacker had used some form of biometric authentication such as a

fingerprint for the phone then it would have been much easier for the FBI to unlock the phone.

This is true that having a password in this case helped secure the information that the FBI was

seeking but passwords have been hacked as well. An article by Limor Kessem, Executive

Security Advisor at IBM, titled, “Consumers weigh in on Biometrics, Authentication and the

Future of Identity” states, “While 75 percent of millennials are comfortable using biometrics

today, less than half are using complex passwords and 41 percent reuse password to access

numerous accounts” (Kessem, 2018). This is a problem in today’s society to the extent that

people reuse passwords for many of their accounts which make it easier for hackers to infiltrate

the accounts. Having a different and more complex password for every account is much better

than reusing the same password for everything. Then again this is also an issue because the more

complex the password is the higher the chance of one forgetting it. If someone has multiple

accounts they would most likely forget the passwords if they’re complex. This is the reason that

Kessem stated how numerous people reuse passwords because they don’t want to make it

complicated. People don’t want to deal with the hassle of remembering numerous complex

passwords so they reuse them but run the risk if one account is hacked into then most likely more

will be compromised.

The stakeholders who approve the use of biometric technology argue that this is the

future of protection against hackers. This includes companies such as Apple, Samsung, and other
 Ybarra 4

technological companies. Also some governments and general consumers that enjoy new

technology that is being used. Ethically speaking, a utilitarian ethical framework would aim to

benefit what promotes the greatest happiness for the majority of the people. An example of this

is the case in India where biometrics has helped in the identification department. An article by

Tim De Chant titled, “The Boring and Exciting World of Biometrics” states, “Other countries are

rolling out biometric identification systems for their citizens. India is the largest to date...Unlike

many other biometric databases, which are aimed at finding criminals, India’s system will

eventually encompass everyone in the country” (De Chant, 2013). Since India is a developing

country many of its people lack official identification. Not only will this help the economy but

this form of national identification cannot be lost or forgotten. The claim of policy is applied to

this case because a principle of action was implemented in the country of India to solve the issue

they had. India having 1.3 billion people in its country had to execute a method that would work

and biometric technology was the answer. It has worked so far which means that other countries

will start to realize that biometrics is what they should be using for many ideas such as security

and identification.

The stakeholders who tend to be against the use of biometric technology claim that this is

not a reliable and effective way to protect its users. This includes some governments and people

who normally don’t have an interest in upcoming technology. Ethically speaking, a Kant’s

ethical framework would seek to make a judgment based on the belief of it being rational. An

article by Madhumita Murgia titled, “Biometrics will replace passwords but it’s a bad idea” talks

about a case where a company on cybersecurity in England called Darktrace did an experiment

where they installed a hacking program in a large Asian manufacturing business. This business

used a form of biometrics which was the fingerprint. Murgia states, “The system had been
 Ybarra 5

successfully attacked, resulting in the loss of the entire database of all employee fingerprints…In

this case, the biometric data gave the hacker even more access than employee passwords might

have done” (Murgia, 2016). The stakeholders such as general consumers who believe in Kant’s

ethics would use rationality and based on Murgia’s statement, they would conclude that

biometrics is unreliable. The claim of cause is applied in this case because of the effects it has

caused from this event. If a hacker would break into this database then more information would

be stolen to the extent that it uses one’s fingerprints not just a random password. This might lead

to more information being stolen because it’s one’s biological features that are unique to every

person. Once they’re stolen they cannot be replaced since its part of your body. The main reason

why stakeholders on this side tend to be skeptical about biometric technology is because they run

the risk of these types of scenarios happening to them.

The companies that use biometrics authentication are on the right path. This is

predominantly going to rise since more companies are implementing this into their products and

services such as what Apple is doing with the iPhone X. The belief that biometric authentication

is worse than passwords is false. Nor is one better than the other. Both are great methods of

protecting one’s private information from hackers. Every year, new technology ideas are being

developed. One that is being expanded is behavioral biometrics. This is relatively new but it

involves the physical behavior of a person. An article by Stephen Cox, chief security architect at

SecureAuth, illustrates how this new idea that analyzing the behavior of an individual to identify

they are the rightful owner is the future. Cox states, “It’s nearly impossible for attackers to mimic

a user’s behavior down to their keystroke dynamics and mouse movement. The technology

analyses these traits so precisely that the human eye would have no chance to observe them”

(Cox, 2017). It’s incredible how this type of technology is on the rise that even companies have
 Ybarra 6

begun to use these in their companies. This includes credit card bureaus such as Visa and even

the United States Army. Another article by Jake Stroup titled “Biometric Identification and

Identity Theft” states, “Despite what some experts say, a database is a database. A hacker can

still steal data from a computer or network; it doesn’t matter if that data is a credit card number

or a digital voice print” (Stroup, 2017). Hackers will always find ways to breach a database in

order to attain what they want which is information that is valuable to each and every one of us.

So based on what is currently available referring to security is that a combination of both a form

of biometric authentication and a password or PIN should be implemented in any product or

service that has valuable information.

Biometric technology is something that will continue to be controversial mainly because

of the risks one is taking on using this as a form of identification or authentication. This idea still

needs work as hackers are still able to bypass the security. An example of this is how some

biometric technologies such as the fingerprint scan can be fooled. In Anscombe’s article he

states, “In 2014 the chaos computer club replicated the fingerprint of German Defence Minister,

Ursula von der Leyen. Through high definition digital photography and specialized software they

recreated a digital print that potentially could be used to fool fingerprint-based biometric security

systems” (Anscombe, 2016). Although this is true, hackers will always find ways to make a

detour and infiltrate the system of any user. The security measures that are currently available are

mainly two-step verification which companies such as Facebook use. There is a problem with

this because these accounts are still being hacked. Which is why having layers of both a

password and some form of biometric technology such as a fingerprint scan is recommended to

strengthen the security. Having more layers of protection from biometrics and passwords should

be implemented so the risks of hackers infiltrating the database is minimized.

 Ybarra 7

References

Anscombe, T. (2016, June 22). Biometrics or a password? Retrieved January 28, 2018, from
https://www.scmagazineuk.com/biometrics-or-a-password/article/531571/
Bergsman, J., & Kirilenko, D. (2016, August 21). Why biometrics are less secure than
passwords. Retrieved February 5, 2018, from
https://www.itproportal.com/2016/08/21/why-biometrics-are-less-secure-than-passwords/
Cox, S. (2017, September 13). Biometrics: A Stepping-Stone to Eliminating the Password
Forever. Retrieved February 9, 2018, from
https://www.forbes.com/sites/forbestechcouncil/2017/09/13/biometrics-a-stepping-stone-
to-eliminating-the-password-forever/#372f200b21db
De Chant, T. (2013, June 18). The Boring and Exciting World of Biometrics. Retrieved January
27, 2018, from http://www.pbs.org/wgbh/nova/next/tech/biometrics-and-the-future-of-
identification/
Finextra Research. (2018, January 24). Mastercard makes European biometrics push for online
payments. Retrieved January 24, 2018, from
https://www.finextra.com/newsarticle/31562/mastercard-makes-european-biometrics-
push-for-online-payments
Kessem, L. (2018, January 29). IBM Study: Consumers Weigh in on Biometrics, Authentication
and the Future of Identity. Retrieved January 30, 2018, from
https://securityintelligence.com/new-ibm-study-consumers-weigh-in-on-biometrics-
authentication-and-the-future-of-identity/
Murgia, M. (2016, May 27). Biometrics will replace passwords, but it's a bad idea. Retrieved
January 25, 2018, from http://www.telegraph.co.uk/technology/2016/05/26/biometrics-
will-replace-passwords-but-its-a-bad-idea/
Stroup, J. (2017, October 5). Why Biometric Identification May Not Be All It's Cracked Up to
Be. Retrieved January 25, 2018, from https://www.thebalance.com/biometric-
identification-and-identity-theft-1947595