The Identity Theft Resource Center found that 39% of Americans believe biometric technology should be banned outright, despite 87% being asked to provide biometric identifiers online in the past year.
What happened
The Identity Theft Resource Center (ITRC) released its Biometric Consumer Attitude Report after polling 1,177 individuals about their attitudes toward biometric technology. The research revealed that 87% of Americans were asked to provide biometric identifiers to verify their identity online within the past year. Despite this widespread use, 63% expressed serious concerns about providing biometric information online.
The study found that 91% of respondents provided their biometric information when requested. Two-thirds of participants agreed that biometrics can reduce identity crimes, yet 39% still argued the technology should be banned completely. The demographic breakdown showed younger respondents (45%) and men (54%) dominated the group wanting biometric bans, while many female respondents answered "don't know" to survey questions.
Going deeper
The findings reveal a contradiction in consumer behavior regarding biometric technology. Most smartphone users utilize biometrics daily through facial recognition or fingerprint scans to access their devices and apps. However, deepfake technology increasingly threatens the effectiveness of biometric verification systems.
Recent research indicates deepfakes now comprise 24% of fraudulent attempts to bypass motion-based biometric checks used by banks and service providers for user authentication. Security researchers have also identified malware specifically designed to harvest biometric information from videos to create deepfakes that can circumvent biometric security measures.
What was said
Eva Velasquez, CEO of the ITRC, stated, "This research highlights a critical need for those of us working to prevent identity crimes to do a better job explaining both the benefits and risks of emerging identity technologies – especially biometrics."
She added, "Our hope is that this Biometric Report serves not only as a guide for future study but also as a roadmap to increase public understanding and acceptance. Change can be uncomfortable, but resisting it without understanding the facts can create unnecessary risk. We must do more to show why secure biometric identity verification is in everyone's best interest."
By the numbers
- 1,177 individuals participated in the ITRC survey
- 87% were asked to provide biometric identifiers online in the past year
- 63% had serious concerns about providing biometric information
- 91% provided biometric information despite concerns
- 39% believe biometric technology should be banned
- 45% of younger respondents want biometric bans
- 54% of male respondents support banning biometrics
- 24% of fraudulent attempts to pass motion-based biometric checks now involve deepfakes
In the know
Biometric identifiers include physical characteristics like fingerprints, facial features, iris patterns, and voice recognition that uniquely identify individuals. These technologies have become standard authentication methods for smartphones, banking apps, and various online services. Motion-based biometric checks require users to perform specific movements or gestures during verification, making them more difficult to spoof than static biometric scans. However, advancing deepfake technology can now replicate these movements convincingly enough to fool some biometric systems.
Why it matters
This research exposes tensions in healthcare and other industries increasingly relying on biometric authentication for HIPAA compliance and security. While biometrics offer stronger identity verification than traditional passwords, the public's growing distrust could impact the adoption of these security measures in healthcare settings where patient data protection is important.
The findings are relevant as healthcare organizations implement biometric access controls for electronic health records and patient portals. If nearly 40% of Americans want biometric technology banned, healthcare providers may face resistance when implementing biometric authentication systems, even though these systems could better protect sensitive medical information from unauthorized access.
The rise of deepfake attacks targeting biometric systems also creates new vulnerabilities that healthcare organizations must address, as compromised biometric data cannot be changed like passwords.
The bottom line
Healthcare organizations must balance the security benefits of biometric authentication with patient concerns about privacy and emerging deepfake threats. As biometric technology becomes essential for protecting health information, providers need clear communication strategies to address patient fears while implementing anti-spoofing measures to counter deepfake attacks.
FAQs
What are the main laws governing biometric data in the U.S.?
Laws like Illinois’ Biometric Information Privacy Act (BIPA) and California’s CCPA currently set the standard for biometric data protection.
Can biometric data be deleted or changed if compromised?
Unlike passwords, biometric data such as fingerprints or facial scans cannot be changed if stolen.
How do biometric bans impact tech innovation and development?
Bans could slow innovation in secure identity verification systems and user experience design.
Are there alternatives to biometric authentication that offer similar security?
Multi-factor authentication (MFA) using hardware tokens or behavioral analytics is an alternative to biometrics.
How do other countries regulate biometric technology compared to the U.S.?
The EU’s GDPR imposes stricter consent and processing requirements for biometric data than most U.S. laws.
