Industry News

Only Four in 10 US Adults Trust Governments to Handle Personal Biometric Data

Some 42 percent of US adults in a recent survey said they trust governments to handle their biometric data.

Organizations that consumers view as traditionally handling sensitive information, or those that serve important life functions such as hospitals and banks, are the most trusted, at 64 percent.

A third of consumers are neutral on using these technologies due to a lack of understanding about the user experience, data security and overall value proposition to them.

Although fewer than half of US adults have used any biometric technology, digital fingerprinting (29 percent) and voice recognition (13 percent) are the most widely used technologies. Consumers are most familiar with biometrics commonly portrayed in the media – such as DNA analysis – and biometrics they have seen, such as fingerprint readers on smartphones.

Some 91% of companies plan to turn to advanced authentication to help manage access and gain trust of customers and business partners, according to PwC. Some businesses are developing and implementing more advanced on-premises authentication technologies such as biometrics.

USAA, the San Antonio, TX-based financial services and insurance firm that caters to military veterans and service members, has implemented facial and voice recognition and fingerprint scanning for customer access to mobile apps. Biometrics has enabled USAA to enhance security and customer service, reduce help desk calls and improve ease of use for customers.

Another approach is hardware-based authentication. Tech giant Google has developed a USB device called Security Key that provides highly secure two-factor authentication for its Google for Work applications. Using the FIDO Alliance’s Universal 2nd Factor (U2F) standard, the Security Key transmits an encrypted signature rather than a verification code to help ensure credentials cannot be phished. To authenticate, users simply tap the Security Key, which is faster than requesting and entering an authentication code, the survey shows. Starwood Hotels & Resorts has created an entirely different type of access key.

The hospitality company’s SPG Keyless service allows preregistered hotel guests to bypass the check-in desk and tap their smartphone or Apple Watch to unlock hotel room doors. The app, available to members of Starwood’s Preferred Guest frequent traveler program, also provides guests with directions to the property from the airport, as well as information about individual hotel and frequent traveler account balances. Use of these types of password-less authentication and apps will require organizations to rethink their approach to identity management and focus solutions on building identity trust relationships with users, said Suzanne Hall, Managing Director, PwC, cited in the document.

The “Biometric Technology” study surveyed 1,013 U.S. adults.

About the author

Răzvan MUREȘAN

Former business journalist, Razvan is passionate about supporting SMEs into building communities and exchanging knowledge on entrepreneurship. He enjoys having innovative approaches on hot topics and thinks that the massive amount of information that attacks us on a daily basis via TV and internet makes us less informed than we even think. The lack of relevance is the main issue in nowadays environment so he plans to emphasize real news on hotforsecurity.com

1 Comment

Click here to post a comment
  • ‘Some 42 percent of US adults in a recent survey said they trust governments to handle their biometric data.’

    I somehow wonder if the Americans that complain most when others say ‘Americans are stupid’ (and similar statements) are included in that percent.

    ‘Although fewer than half of US adults have used any biometric technology, digital fingerprinting (29 percent) …’

    I don’t think it’s that low for fingerprinting, not now. I say that based on the following:

    https://www.cga.ct.gov/2001/rpt/2001-R-0858.htm

    With the states and the city of Honolulu (at the time – and note the year) which require people getting a drivers license (or non-driving license identification) adding up to be 24.2% in the 2000 census I seriously doubt it’s only now just 29%. Whether they use it for authenticating is frankly irrelevant especially in the context of governments having them. It seems to me also that it’s digital now, too (as it goes directly into their database).

    ‘A third of consumers are neutral on using these technologies due to a lack of understanding about the user experience, data security and overall value proposition to them.’

    Smart of them. Smarter would be to learn about them especially because it does affect them. Governments can’t even keep their own secrets; how can anyone trust them?

    ‘Organizations that consumers view as traditionally handling sensitive information, or those that serve important life functions such as hospitals and banks, are the most trusted, at 64 percent.’

    Banks are to be trusted? Really? See my initial hypothetical question. And the fact at least one hospital (documented here if I recall) has paid out to ransomware (rather than have disaster recovery planning/testing/etc. which every organisation should have BUT ESPECIALLY A MEDICAL CENTRE/HOSP/ETC.) should say enough. But yet: hospital staff aren’t usually trained in security so whilst they might attempt to protect the details of patients it does not mean they are especially good at it. This could be the same with banks except that banks are typically greedy and corrupt (and I know for a fact that Bank of America has stolen money [and actually worse] and has been the defendant in numerous class-action lawsuits because of it).

    ‘Another approach is hardware-based authentication. Tech giant Google has developed a USB device called ‘

    Why am I not surprised it would be Google? USB has been proven inherently insecure and in ways that (as I recall) you cannot detect. I do not even refer to the USB attacks that blow up the computers (and/or set them on fire).

    ‘The hospitality company’s SPG Keyless service allows preregistered hotel guests to bypass the check-in desk and tap their smartphone or Apple Watch to unlock hotel room doors.’

    Complete stupidity and recklessness.

    ‘Use of these types of password-less authentication’
    AND… THERE is the PROBLEM: security is a MANY-LAYERED concept. REMOVING a layer is COMPLETELY STUPID AND _WEAKENS_ SECURITY.