Chapter

Behavioural Biometrics: Emerging Trends and Ethical Risks

Authors:
To read the full-text of this research, you can request a copy directly from the author.

Abstract

Behavioural biometrics is increasingly considered both for security and non-security related applications. In contrast to traditional modalities such as fingerprint, face or iris, behavioural modalities tend to be much more privacy invasive. Profiling is inherent to the technology itself rather than only a potential secondary activity. Particular user profiles are always at risks to be linked with information from other sources, leading to a large variety of unwanted consequences and long term effects. The usual embedded and hidden collection of data makes it extremely difficult for the affected users to monitor or even control such information flows. Current concepts of data protection like Privacy Enhancing Technology (PET) or Transparency Enhancing Technology (TET) are still insufficient to deal with the arising risks. More comprehensive training about the basic functionality and the potential effects of behavioural biometrics is needed in the absence of convincing technological protection mechanisms.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the author.

... The latter has a greater focus on behaviors, as opposed to individual identifiers. Schumacher (2012) characterizes this shift as moving from "who you are" to "how you are." There has also been shifts in purpose and application, from security to safety (Norval and Prasopoulou 2017), specifically, civilian and private sector applications (Prabhakar et al. 2003). ...
... These activities specifically include (but are not limited to) border control, forensics, criminal identification, access control, computer logins, e-commerce, welfare disbursements, missing children identification, identification cards, passports, user authentication on mobile devices, and time and attendance monitoring systems (Bhattacharyya et al. 2009;Unar et al. 2014). With the shift to second-generation biometrics, the technology is extending beyond identity management to group analysis, in which generalizations about demographic categories can be made and behaviors can be analyzed (Schumacher 2012). It has afforded the rise of what McStay (2014McStay ( , 2018 refers to as emotional surveillance or "empathic media … technologies that track bodies and react to emotions and intentions" (McStay 2016, p. 1). ...
... This research shows that the use of biometrics has significantly broadened beyond its initial applications. With new affordances comes the potential for new or different ethical concerns (Schumacher 2012). The abovementioned studies are lab based. ...
Article
Full-text available
Biometric technology was once the purview of security, with face recognition and fingerprint scans used for identification and law enforcement. This is no longer the case; biometrics is increasingly used for commercial and civil applications. Due to the widespread diffusion of biometrics, it is important to address the ethical issues inherent to the development and deployment of the technology. This article explores the burgeoning research on biometrics for non-security purposes and the ethical implications for organizations. This will be achieved by reviewing the literature on biometrics and business ethics and drawing from disciplines such as computer ethics to inform a more robust discussion of key themes. Although there are many ethical concerns, privacy is the key issue, with associated themes. These include definitions of privacy, the privacy paradox, informed consent, regulatory frameworks and guidelines, and discrimination. Despite the proliferation of biometric technology, there is little empirical research on applied biometrics and business ethics. As such, there are several avenues for research to improve understanding of the ethical implications of using this technology.
... This includes the use of facial recognition technologies used to justify wrongful arrests by law enforcement (Constanza-Chock et al., 2022) and the continuous monitoring of factory worker performance (Sonnemaker, 2021). Biometric scholars contend that new evolutions of biometrics require updated theoretical frameworks to understand the ethical harms that such technologies may enact (North-Samardzic, 2020;Schumacher, 2012). ...
Article
Full-text available
Biometric technologies are at the forefront of organizational innovation, surveillance, and control. In many instances, the use of physiological and behavioral biometrics enhances individual and organizational performance. However, they also have the potential to hinder human wellbeing. In particular, recent generations of biometrics are capable of extracting deeper insights into human behavior, enabling organizational surveillance practices, but may also constrain individual rights and freedoms. While biometric technologies have been evidenced to infringe upon privacy and lead to discriminatory practices, little research has examined the impact of biometrics on dignity, an important ethical construct related to human wellbeing. In this conceptual paper, we draw from the theory of affordances to identify and delineate six affordances of biometric technologies, categorized into inhibiting and augmenting biometric affordances. We propose a framework in which inhibiting and augmenting biometric affordances may simultaneously support and humiliate dignity. This separation offers a theoretical base for future empirical research to explore the increasingly pervasive relationship between biometric adoption and human dignity. Moreover, we explain six paradoxical tensions across three forms of dignity—inherent, behavioral, and meritocratic—in the proposed framework. Finally, we discuss why firms should be responsible for addressing the tensions across dignity forms when they adopt biometric technologies to balance the trade-off between wealth creation and human wellbeing. This offers guidance for practitioners on how to integrate biometric technologies without hindering human dignity.
... To date, biometrics has shifted from the first to second generation of the technology development cycle. Biometrics was initially focused on individual identifiers (i.e., "who you are"), while the second generation moved toward extrapolating individual behaviors (i.e., "how you are") (Schumacher, 2012). This generational focus shift is not uniquely tied to biometric technology; social media platforms powered by advanced algorithms are also demonstrating similar capacities in which the sheer quantity of individual data allows for intricate observation and prediction of longitudinal behavior. ...
Article
As biometric technology relies on bodily, physical information, it is among the more intrusive technologies in the contemporary consumer market. Consumer products containing biometric technology are becoming more popular and normalized, yet little is known about public perceptions concerning its privacy implications, especially from the perspective of human agency. This study examines how people perceive biometric technologies in different societal contexts and via different agents in control. Our study revealed that, in large part, people’s perceptions of biometric technology are context-dependent, based on who retrieves and who benefits from the information and the situation where the data are collected. Participants were much more comfortable with more intrusive biometric technology in airport security than in a grocery store, and if it was employed to improve their health. We conclude by considering the implications of the survey for new threats to personal privacy that arise out of emerging technologies.
Article
Full-text available
Text of the presentation by Serge Gutwirth on 17 January 2009 As you see I'm standing here alone, but, as the program mentions, I speak for two : my presentation has been prepared with two heads and four hands : those of Mireille Hildebrandt and mine. Mireille and I have had the chance to be the editors of this book Profiling the European Citizen published last year with Springer -and which proposes a rich cross-disciplinary collection of contributions and replies on the issue of profiling, which we believe to be quintessential for privacy and data protection, today and in the near future. What follows is thus also indebted to the contributors of the book and to their common work within the European Network of Excellence on "the future of identity in the information" society (FIDIS) Indeed, it is not possible to do justice to the richness of the research done in 15 minutes, but Mireille Hildebrandt and I will try to present its most striking challenges, conclusions and outstanding issues. We will also suggest some paths to cope with them. * As you know profiling can pertain to one individual person, to a group or groups of persons, but also to animals, to objects and to relations between all those. It can be used, on the one hand, to classify, describe and analyze what happened, which is not particularly new or problematic. In such cases profiling permits a structuration of what was already known. On the other hand -and this is what we target today -profiling is used to cluster data in such way that information is inferred, and predictions or expectations can be proposed. Such profiling activity thus produces a particular sort of knowledge.
Article
Full-text available
This study is a survey and classification of the state-of-the-art in behavioural biometrics which is based on skills, style, preference, knowledge, motor-skills or strategy used by people while accomplishing different everyday tasks such as driving an automobile, talking on the phone or using a computer. The authors examine current research in the field and analyse the types of features used to describe different types of behaviour. After comparing accuracy rates for verification of users using different behavioural biometric approaches, researchers address privacy issues which arise or might arise in the future with the use of behavioural biometrics.
Article
Full-text available
A biometric system is vulnerable to a variety of attacks aimed at undermining the integrity of the authentication pro-cess. These attacks are intended to either circumvent the se-curity afforded by the system or to deter the normal function-ing of the system. We describe the various threats that can be encountered by a biometric system. We specifically focus on attacks designed to elicit information about the original bio-metric data of an individual from the stored template. A few algorithms presented in the literature are discussed in this re-gard. We also examine techniques that can be used to deter or detect these attacks. Furthermore, we provide experimental results pertaining to a hybrid system combining biometrics with cryptography, that converts traditional fingerprint tem-plates into novel cryptographic structures.
Article
Full-text available
Because biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. It is important that such biometrics-based authentication systems be designed to withstand attacks when employed in security-critical applications, especially in unattended remote applications such as e-commerce. In this paper we outline the inherent strengths of biometrics-based authentication, identify the weak links in systems employing biometrics-based authentication, and present new solutions for eliminating some of these weak links. Although, for illustration purposes, fingerprint authentication is used throughout, our analysis extends to other biometrics-based methods.
Article
Full-text available
The widespread deployment of biometric systems has raised public concern about security and privacy of personal data. In this paper, we present a novel framework for biometric template security in multimodal biometric authentication systems based on error correcting codes. Biometric recognition is formulated as a channel coding problem with noisy side information at the decoder based on distributed source coding principles. It is shown that the proposed method binds the biometric template in a cryptographic key which does not reveal any information about the original biometric data even if it is compromised by an attacker. Furthermore, the advantages of the proposed method in terms of security and impact on matching accuracy are discussed. We assess the performance of the proposed method in the context of HUMABIO, an EU Specific Targeted Research Project, where face and gait biometrics are employed in an unobtrusive application scenario for human authentication. Experimental evaluation on a multimodal biometric database demonstrates the validity of the proposed method.
Article
Full-text available
This paper presents a new approach for the squint-mode spotlight SAR imaging. Like the frequency scaling algorithm, this method starts with the received signal dechirped in range. According to the geometry for the squint mode, the reference range of the dechirping function is defined as the range between the scene center and the synthetic aperture center. In our work, the residual video phase is compensated firstly to facilitate the following processing. Then the range-cell migration with a high-order range-azimuth coupling form is processed by a nonlinear frequency scaling operation, which is different from the original frequency scaling one. Due to these improvements, the algorithm can be used to process high squint SAR data with a wide swath and a high resolution. In addition, some simulation results are given at the end of this paper to demonstrate the validity of the proposed method.
Book
Digitising personal information is changing our ways of identifying persons and managing relations, e.g. over the Internet. What used to be a "natural" identity, e.g. the personal appearance of an individual at a counter, is now as virtual as a user account at a web portal, an email address, or a mobile phone number. It is subject to diverse forms of identity management in business, administration, and among citizens. Core question and source of conflict is who owns how much identity information of whom and who needs to place trust into which identity information to allow access to resources. This book presents answers from the EU funded research project FIDIS (Future of Identity in the Information Society), a multidisciplinary endeavor of 24 leading institutions from research, government, and industry. Research from states with different cultures on e.g. the identification of citizens and ID cards is combined towards a well-founded analysis of HighTechIDs and Virtual Identities, considering aspects, such as privacy, mobility, interoperability, profiling, forensics, and identity related crime. "FIDIS has put Europe on the global map as a place for high quality identity management research." -Viviane Reding, Member of the European Commission, Responsible for Information Society and Media.
Book
Automatic biometrics recognition techniques are becoming increasingly important in corporate and public security systems and have increased in methods due to rapid field development. Behavioral Biometrics for Human Identification: Intelligent Applications discusses classic behavioral biometrics as well as collects the latest advances in techniques, theoretical approaches, and dynamic applications. A critical mass of research, this innovative collection serves as an important reference tool for researchers, practitioners, academicians, and technologists.
Human identification using heart sound. Paper presented at the Second International Workshop on Multimodal User Authentication
  • K Phua
  • T H Dat
  • J Chen
  • L Shue
Handbook of privacy and privacy-enhancing technologies. The Hague: College bescherming persoonsgegevens
  • G W Van Blarkom
  • GW Van Blarkom
Ethical issues in biotechnology
  • R Sherlock
  • J D Morrey
Behavioural biometric profiling and transparency enhancing tools. Deliverable D7
  • Fidis Project
Biometric template security
  • A K Jain
  • AK Jain