Authentication and Authorization

This week's topic is authentication of users. The short discussion in the David Millman from the Encyclopedia of Library and Information Science about biometrics intrigued me. It seems that what was once the stuff of James Bond is now becoming reality. Many people have biometrics scanning on their computer, including to log in to the system. Yet others have fingerprint scanning technology to digitally sign documents and make purchases on a credit card. This kind of authentication system is highly advanced, however, the simplest and likely oldest version of biometrics put to use today is the use of fingerprinting. Today, even if you want to be an international student at a school like UW, you have to submit to fingerprinting.

At the risk of seeming reactionary or like a conspiracy theorist, the skeptic in me wonders: Can biometrics also be a possible breach of privacy? Should we allow employers and other corporations to map out parts of our bodies and store this information in order to ensure the safety of their information?

It seems that perhaps biometrics could be overkill when a simple ID, password, or encryption could do. Biometrics are being touted for use at border crossings and airports in order to ward off terrorists. Passports and visas have been used for years, but they are easily faked. Biometrics are being considered to be the up-and-coming technology for people traveling place to place. But it could also be possible for the person to present themselves as the new person with the faked passport and provide real biometrics as the other person. What good are biometrics from protecting people from terrorism in cases such as these? What if the database for the biometrics is corrupted, hacked, or otherwise incorrect? How does one access the information one needs if the system doesn't work correctly?

Biometrics, if allowed to be spread pervasively as identification systems throughout our society, could create a tracking mechanism for any person deemed to be an enemy or holding the wrong opinion. I think that legislation regarding what can be done with biometric information should be considered, in order curb the possible "Big Brother" aspect which is looming on the horizon.