In January 2020, just before the pandemic, we surveyed consumers about biometrics to find out whether the technology was ready for mainstream adoption by the public. Our take from that survey at the time was “it depends.” Now, only two years later, the answer is a resounding “yes”—and much of the reason for this rapid change is the value consumers derived from biometrics as a result of the pandemic.
But just because people are becoming more at ease with biometrics doesn’t mean the technology doesn’t still face obstacles surrounding privacy and public trust. In this piece, we’ll dig into the results of our recent Biometric Data Survey*, explain how consumer attitudes have shifted over the last two years, and the challenges your business should consider before adopting biometrics.
Facial recognition is now widely used at airports across the world. Fingerprints are commonly used to access devices, authenticate online accounts, and make contactless payments. Some stores are even scanning palms as a payment method. And the next time you call a customer service number, you might be given the choice to use voice recognition to authorize security on your account—an offer 65% of our survey respondents say they’d accept.
But it’s not just that biometric technology has grown rapidly; its use has become more valuable due to circumstances caused by the COVID-19 pandemic. We asked consumers if biometrics have made the pandemic easier to deal with, and 46% said yes.
Here are a few responses our surveyed consumers gave explaining how the technology made things easier for them:
“It has made some things, like checking in at the airport, easier and faster.”
“I can and have started to utilize payments on my phone that only require me to use my fingerprint reader and tap my phone to the payment kiosk.”
“It has made it easier to work remotely and to sign in by using biometric data and reducing the number of passwords and logins I need to remember.”
“I have not had to touch shared surfaces as much and that makes me feel more comfortable.”
Clearly, the use of biometrics during the pandemic has the technology poised for mass adoption.
Back in 2020, fingerprints were by far the type of biometric identifier consumers felt most comfortable sharing with private companies. Only two years later, comfort with face, voice, hand, and iris scans have risen sharply. Comfort with iris scans rose by 31%, hand scans by 30%, and voice scans by 26%. Perhaps most strikingly, consumer comfort with face scans jumped by 38% (from 32% to 44%).
Of the various types of biometric data, facial recognition is almost a separate category with particular attention paid to its potential for bias and invasion of privacy, both which we’ll get to later in this report. Despite these concerns, the public is being widely exposed to the technology whether at the airport, to unlock their phone, or in retail stores.
Comfort with face recognition used for retail purchases grew by 81% while both personalized advertising and emotion analysis more than doubled. This is despite controversy surrounding emotion analysis and its use in everything from job interviews to fraud detection. And while comfort with these novel uses have surged, they still lag well behind acceptance of face recognition used for more established security purposes such as passport control and building access.
Trust in the use of biometric data is rising rapidly, whether it’s by employers, tech companies, or government agencies. Two years ago, consumers generally trusted their employers with their biometric data but were relatively dubious about its use by tech companies and the government. Now, those numbers are changing quickly (as evidenced in the chart below).
Despite improvement, significant discomfort remains with governmental use of biometric technology. In November 2021, the Internal Revenue Service (IRS) announced plans to require facial recognition to access online IRS services beginning in summer 2022. The move prompted widespread public outcry and only a few weeks later, the IRS announced that it was reconsidering its plan and looking for alternatives.
Chief among reasons for the IRS’ reversal were concerns about privacy and worries about racial bias.
When asked for concerns about biometrics, our respondents' top worry is data breaches (69%). This is a valid concern—you can’t just change your fingerprint if your identity is stolen in a biometric data breach. A couple of years ago, 27 million biometric data records were breached via an insecure database run by a biometric security company. In another example, late last year, a slot machine chain in Nevada revealed a breach that included customers’ biometric data.
Beyond breaches, there are widespread concerns about biometrics and the invasion of privacy—a concern shared by 62% of our respondents. In particular, passive biometrics such as voice and face recognition can identify people without their consent or knowledge.
To illustrate this emerging problem, a photographer used his phone to identify random people on the subway and track down their personal details for a project. Now, as face recognition is being built into everything from glasses to drones, the privacy issues are clear.
For these and other reasons, biometric privacy laws are on the rise. The GDPR and CCPA both regulate the collection and processing of biometric data online. Illinois' long-standing Biometric Information Privacy Act (BIPA) has served as a model for other states that have begun adopting their own laws and regulations.
Texas and Washington have both enacted broad biometric privacy laws, some jurisdictions have specifically regulated facial recognition, and biometric privacy bills have recently been introduced in more than a dozen states. It’s worth noting that 85% of our respondents think the use of biometric data should be regulated by law.
Part of the push for regulating biometric technology is the risk of algorithmic bias, particularly with face recognition. The problem of face recognition being much more accurate when detecting white faces than Black faces, for example, is well documented and increasingly manifesting in real-world consequences. A full 80% of our respondents agree that face recognition should not be used if it is racially biased.
Algorithmic bias is primarily an issue for one-to-many biometric recognition systems that try to match your biometric trait to a giant database such as those used by police to identify suspects. Conversely, one-to-one biometric systems, such as those that you use to unlock your phone, are much less problematic.
If you’re a business leader considering the use of biometric technology in your company, here are a few takeaways to consider from our data:
Research biometric privacy laws to ensure that your use of biometric data is legal.
Consider the still relatively negative consumer sentiment of biometrics for non-security use cases.
Ensure that any databases housing biometric data are well secured and protected against cybersecurity threats.
Take care that biometrics are implemented in a way that is fair to all users.
Finally, be upfront with customers or employees about your use of biometrics and clearly explain the reasons why they are superior to traditional methods. If you can’t do this, think again about whether you’re implementing biometrics because you should or simply because you can.
Want to learn more about the wide array of biometric technologies and how they work? Read our companion report: Is Biometric Authentication Ready to Go Mainstream?
GetApp conducted this survey in January 2022 among 974 consumers, including 389 business leaders who reported management responsibilities or above to learn about attitudes toward biometrics and the use of multi-factor authentication by U.S. businesses.
Explore by topic