The Fundamental Problems of Minority Report-style Biometrics

Eye-scanning technology, voice-print security, palm prints: Biometric security has almost become one of the basic signifers of existing in the future, like clean white walls and rounded surfaces. In Minority Report the biometrics extended to the point that Tom Cruise's character, John Anderton, was easily identified by animated advertisements as he walked through a mall, and later on he had to actually replace his own eyeballs so he could avoid detection. Ickiness aside, biometrics have become less futuristic and more now-istic. The entire town of León, in central Mexico, contracted with Global Rainmakers, Inc., to install iris scanning technology throughout the town. Locals will be able to use iris scanning to get on the bus, use ATMs, and get hospital care. But the people of Leon might want to consider a report (free with registration) from the National Research Council before they go too far down that road, because there are some significant problems with going all biometric, all the time. In biometrics, computers aren't behaving like the human brain, which can match a picture of a thing with another picture as a unified whole. Instead, computers measure: for a face scan, it might be measuring nose length, the distance between the eyes, and so on. But these measurements change over time: Faces become jowly and wrinkled, fingers get fatter, even irises can change over time. Thus, biometrics become an exercise in probability. Whereas a PIN can be an exact match (1,2,3,4,5 always always equals an idiot's luggage code), the biometric scanner is hoping to get a good enough measurement so that it can say this face is probably the one in its database. But in a probablistic model, there's a chance of both false positives and false negatives, either of which could be awkward when a drunken Leonian wants to take the bus home, or the same Leonian, hungover the next day, needs to get a thousand pesos from the ATM. And there's all sorts of chances for error: If the initial scan is bad, the whole database will be bad; if there's poor lighting at the scanning point, or if equipment becomes old and worn. The report from the National Research Council goes into detail on all these problems. And that's just a part of the technological problem. There are of course significant social concerns of privacy invasion, since a unique eye scan becomes a central fixed point for all electronic interactions. And then there's the problem of hacking. Yes, yes, the point of biometrics is that it becomes a password that cannot be guessed or stolen. But as the NRC report notes, a hacker could find a way to submit the bit-code to the system and gain entry. If that happens once, the individual is screwed. Unlike a bank car, your eye cannot be canceled and replaced, nor your fingerprints, nor your palm. All that's left is a transplant. And that seemed pretty unpleasant for Mr. Anderton.