Biometrics – How the UK Aced the Convenience vs. Privacy Balancing Act

12
privacy vs. convenience debate

Biometrics and identity management is not a new thing, but people still have diverse opinions across countries regarding its utility, safety, and reliability.

The dependency people have on biometrics technology is mounting with each passing day. And now, all devices are mostly leveraging biometrics for authentication. With top manufacturers, including Apple and Samsung, together with releasing over half a million devices with fingerprint scanners – the risk has increased. And as the world is leading increasingly digital lives through devices, vulnerabilities have mounted.

But proving the identity every time for each small thing in today’s extremely digital world can turn to be a pain. That’s the exact reason why banks now don’t need authentication PIN or password – the contactless card does all the work. But, its safety is still a question.

Leading players like Facebook, Google, and PayPal have now opened new doors – complicating the privacy vs. convenience debate. And deciding one of the two is difficult, but having both is no option.

If it’s privacy that is valued the most, then it is better to prepare for the secure but not-so-seamless operation. If it’s a convenience, then one may choose to abdicate control to someone else to remove all the existing friction.

Ultimately, it all boils down to a single word – identity.  But, defining identity is a complicated task. And that definition depends totally on the situation and the industry into consideration.

Read More: Identifying an obsolete security tech

In the UK, ‘Identity’ is a fluid, slippery thing, or so it would it seem. Almost uniquely in Europe, British citizens don’t carry ID cards and are under no legal mandate to produce any when challenged.

There is a deep-rooted instinct in the British character that identity is never a public business – it’s their private, personal, closely guarded property. The actual issue is not to prove it but to rely on it to identify oneself.

There’s a subtle but significant distinction. Perhaps it’s because British citizens are legally treated as citizens with rights instead of a subject with liberties.

It’s a strange system of centrally managed anarchy and instead of a central registry or database, the UK government is creating an ‘Open Standards Federation,’ mitigating the risk of having identities stolen or misused.

Read More: Creating effective cybersecurity playbook

And, in theory, as one has the right to choose the platform – Google or Facebook or PayPal-for identity verification, creating a sense of ownership. Hence, people are over-cautious in this case. This is exactly how Britain tries to balance between privacy and convenience.

Like Britain, other countries also need to strategize and balance out the privacy vs. convenience debate. Identity management is undeniably important, but not in every situation.

Unnecessary frictions will never help in creating security; it could, in fact, lead to frustrations, carelessness, or irritation in the longer run. And such emotions will lead to people questioning the entire relevance of identity management systems. Once such doubts seep in, securing data will be extremely challenging and risk-prone.