What is Biometrics, and what is it used for? According to the United States National Science & Technology Council:
Biometrics is a general term used alternatively to describe a characteristic or a process. As a characteristic, a biometric is a measurable biological (anatomical and physiological) and behavioral characteristic that can be used for automated recognition. As a process, a biometric is an automated method of recognizing an individual based on measurable biological (anatomical and physiological) and behavioral characteristics.
Today, biometrics are increasingly being used to allow secure access into restricted areas such as top-secret research centers, laboratories, production floors, and other areas that are off-limits to unauthorized personnel. In some companies, biometric systems are also used in other ways, such as monitoring time and attendance at workplaces. With the costs of sophisticated biometric sensors going down, we are seeing systems such as fingerprint and iris scanners (as well as voice detection and recognition systems) being used for workforce time and attendance tracking.
While biometrics can enhance security at highly restricted areas where unauthorized persons must never gain access, we at Replicon believe that biometrics are sheer overkill when it comes to registering employees’ time and attendance at almost any organization. Let us look at some of the primary reasons why biometrics are unsuitable in such contexts:
However, biometric sensors such as iris scanners do have security holes, and can be spoofed, according to studies published by the Electronic Frontier Foundation, a leading online privacy watchdog group. “Function creep” or “mission creep” is a major concern to privacy advocates. It is the process by which the original reason for obtaining private information is broadened to include reasons other than those originally stated. Because mission creep can occur with or without the knowledge or agreement of the employee whose biometric data is being captured, it is a pernicious violation of privacy rights.
It is not too far-fetched or Orwellian to see how mission creep can extend to real-time surveillance of employees and monitoring their actions and accessing private databases. Even with good intentions to start with, biometric time tracking of individuals and groups may become malicious and breach employees’ privacy—especially in cases of inadequate oversight of the trackers—and given the various ways in which surveillance data can be misused. Identity theft and misuse of personal information are also of concern to privacy advocates, since biometric markers are harder to fake, and those with access to secret biometric data cannot always be trusted to ensure that they are not misused in any way.
HIGH INITIAL & RECURRING COSTS
Apart from the large initial expenditure on installation and rollout of biometric scanners, there are recurring monthly service fees to consider as well. As with most new technologies, costs can be very high for early adopters. Another fact to consider is the time required to train users to correctly use biometric systems, which adds to the total cost of ownership.
Since biometric technologies are fairly recent, they may fall short when it comes to reliability and service life as compared to simpler technologies such as card-scanners, magnetic card readers and touchscreen devices, which are proven technologies that have served organizations well for about 2 decades now.
While there are other good reasons as well to avoid biometric scanners to monitor employees’ time and attendance, these are the main reasons why they should not be used for such applications. Given today’s proven technologies—ranging from magnetic card readers to tablet-based touchscreen devices such as CloudClock—there is little reason to take chances with biometric systems that are intrusive and potentially liable for privacy violations, especially when it comes to workforce time and attendance tracking solutions.