Biometrics trust is in crisis -- is there a path forward for the technology's adoption?

Biometrics’ promise of security and convenience has unfortunately given way to widespread distrust and legitimate security concerns. If you’re unfamiliar with biometrics, think of the last time a customer service call offered you voice authentication or when you used Face ID to unlock your phone -- these are examples of collecting and storing your biometric data.

The rise of AI has undoubtedly made an impact on consumer trust in consumer biometrics, as it’s able to piece together all your biometric data for more nefarious purposes such as identity theft. This should come as no surprise as social feeds are littered with convincing deep fake videos of politicians during this election season.

Mounting legislation and security concerns eroding the allure of biometric technology

Consumer sentiment data confirms that biometric trust is rapidly declining, yet the tech is still being used for convenience and security. In fact, GetApp’s 2024 Biometric Technologies Survey found that only 5 percent of consumers now highly trust tech companies with their biometric data, plummeting from an already meager 28 percent in 2022. Despite the scrutiny and associated risks, the technology maintains broad utility when deployed appropriately and with proper protections in place.

So, how did we get here? Public apprehension likely stems from a series of high-profile breaches and misuses of sensitive biometric data. Take Google’s notable $100 million settlement over allegations they violated the Illinois Biometric Information Privacy Act with their face grouping tool. Similarly, White Castle is potentially facing billions in fines due to claims the restaurant chain repeatedly scanned employees’ fingerprints without consent.

At the national level, the White House recently released an executive order aimed at protecting Americans’ sensitive personal data from exploitation abroad. This move, coupled with emerging legislative efforts across the country, underscores the need for a national conversation on safeguarding biometric data and privacy.

If your business is considering implementing biometric technologies, such as facial recognition or voice verification, it’s important to understand that trust in biometric technology is in decline. This means you need to take a cautious approach with its deployment or risk alienating customers and/or employees. This issue will only grow more complex as AI continues to advance, heightening consumer concerns.

Creating a framework for responsible biometric implementation is essential

If your company collects, or plans to collect, biometric data such as fingerprints or vocal patterns, it could be at risk of violating various laws and regulations along with exposure to significant financial liability. This is why companies should create a framework for responsible biometric implementation.

1. Prioritize transparency and consumer comfort

Businesses must initiate open dialogues with consumers to understand their comfort levels with various biometric data uses. For example, consumers surveyed by GetApp felt the most comfortable sharing fingerprints (50 percent) compared to a face (33 percent) or voice (20 percent) scan. Clear communication about the purpose and benefits of biometrics, alongside clearly outlined data protection measures, is necessary for gaining trust.

2. Stay vigilant to ensure regulatory compliance

In the United States, there is no comprehensive federal law governing biometric data. But several states have adopted legislation including the stringent guidelines set forth by the Illinois Biometric Information Privacy Act. Many more states have pending legislation and all are a bit different from one another. This means keeping up to date with the evolving compliance landscape of new and existing legislation is non-negotiable for businesses.

3. Select the right biometric-integrated software

Despite qualms, consumers increasingly expect biometric options for practical applications such as making payments or verifying their identity. For growing businesses, the selection of biometric solutions that align with operational needs and regulatory compliance is the goal. But it’s crucial to carefully select biometric options that are a clear improvement over traditional methods so that consumers can see the value of the technology, rather than merely its proliferation.

Image credit: SergeyNivens/depositphotos.com

Zach Capers is a senior security analyst and manager of ResearchLab at GetApp, covering IT security, data privacy, and emerging technology trends. A former internal investigator for a Fortune 50 company and researcher for the Association of Certified Fraud Examiners (ACFE), his work has been featured in top security and business publications.