Biometric systems recognize people via distinct physical features and are used as proof of authorization. With the use of fingerprints, iris scan or facial recognition, forgetting passwords or displacing keys is no longer an issue. Enhanced comfort is the key argument used by all biometrics manufacturers.
"The critical issue, however, is data protection", explains Alexander Nouak, head of the "Identification and Biometrics" Competence Center at Fraunhofer IGD, the world's leading research institute for applied Visual Computing. "Companies using biometric systems must think about this issue twice when it comes to their staff."
According to Nouak, it is essential to prevent that the biometric data saved by the system are inappropriately used and that the privacy of the staff member is violated by the systems. There may be a violation of privacy if the system enables the employer to create an exact movement and behavior profile of its employees. For instance: When did Mayer unlock his PC? Or: Is Müller at the cafeteria? "There are already some manufacturers who have built in security restrictions in this regard", says Nouak. "In doing so, the event log of an access control system can only be viewed with the prior consent of a works council member by password."
The issue of actual data protection, i.e. the risk that my fingerprint is stolen, is not yet solved in this way, however. According to the Fraunhofer researcher, biometric data are best protected by not saving them in the first place. Researchers at Fraunhofer IGD have developed a system which can do without saved biometrics (cf. http://www.presseportal.de/...) and which they will present at CeBIT in Hanover in Hall 9 Booth B36.