Biometric technology, once the domain of science fiction, has swiftly found its way into our daily lives, enhancing security, ease of use, and saving time.
The global market for biometric systems is already seeing more than USD 42.9 billion in revenue per year, and this figure is forecast to reach USD 82.9 billion by 2027. But should the market grow to that extent?
As with any technological advancement, there are both potential benefits and pitfalls. In this article, we review how biometrics can be integrated into alarm monitoring systems and other security services, how secure it really is, and attempts to answer the question: will biometrics lead us towards a safer or a more invasive future?
How is Biometric Technology Used in Alarm Monitoring?
There are two main categories of biometrics. Physical biometrics is the use of fingerprints, iris scans, palm vein patterns, facial recognition, and other biological means of identification, while behavioural biometrics involves the recognition of voice, gait, and other patterns of activity. A few use cases of biometrics that relate to alarm monitoring are below.
Access Control Monitoring
Access control to secure areas, devices or sensitive information is the most obvious application of biometrics in alarm monitoring.
The concept of biometric user authentication has been in use since the second half of the 20th century, originally used only in maximum security premises such as nuclear power plants.
These days, it is widespread. A company may use it within their intruder alarm system and for granting access to their premises, while consumers unlock their personal devices using fingerprint scans or facial recognition. It is also used to prevent shoplifting at point-of-sale.
Alarm Activation and Deactivation
Biometric systems ensure that only authorised personnel can activate or deactivate alarms. In situations where hands-free operation is necessary or more convenient, voice recognition can be used to activate or deactivate alarm systems. (Alternatively, our solution provides remote access via our Remote Reset module.)
Enhanced Duress Notifications
Some access control systems allow individuals to register one of their fingerprints as a duress signal. If they are forced to disarm an alarm or access a secure area under duress, they can use that finger to disarm the system and appease potential intruders.
At the same time, the Alarm Receiving Centre (ARC) is notified that the disarm was done under duress, prompting a response from the emergency services.
Integrated Video Verification
Biometric facial recognition can be integrated with CCTV cameras to quickly identify and verify if the person in the premises is an intruder or an authorised individual. This helps to more effectively prevent crime and reduce false alarms, taking the pressure off of monitoring centres.
Some advanced CCTV monitoring systems may also contain behavioural biometrics features such as gait recognition. If an unrecognised or unusual gait pattern is detected in a secured area, an alarm may be triggered.
The Advantages of Biometrics in Alarm Monitoring
Traditional alarm systems can be vulnerable to breaches such as password hacking or key duplication. Biometrics, by relying on unique physical attributes, offers a more foolproof security measure. It also adds more layers for multifactor authentication. However, biometric systems are not as secure as is often claimed, as we will soon discuss.
Forget the hassle of remembering complex passwords or keeping track of keys and access cards. With biometric systems, the user’s body becomes the key. This can save time and is especially helpful in high-stress situations where a user might forget a password or misplace keys or fobs.
Processing Speeds for Fingerprint Scanning
Biometric system processing speeds can vary significantly based on the technology used, the quality and size of the database, the specific algorithm employed, and other factors.
Fingerprint recognition is typically fast. Modern fingerprint scanners can capture and match prints within milliseconds to seconds, making them suitable for real-time applications.
Voice data is an example of a form of verification that can be slower to process. Voice recognition can be affected by ambient noise and voice modulation, among other extraneous factors. While many systems can process voice data quickly, the need for multiple attempts due to poor audio quality can make it slower for end-users.
In addition, when facial recognition is used in crowded areas, processing can be slower. The system might need more time to process all the potential matches, especially if real-time analysis of moving individuals is required. Multimodal systems (those that combine multiple biometric data types) also require more processing time.
Despite the benefits above, biometrics comes with certain risks and its use has always been controversial.
With biometric systems, especially facial recognition, there’s a potential for misuse in continuous surveillance. Using such systems in public spaces is perhaps the most controversial application.
Is it ethical to scan everyone who passes by a certain location? Is it ethical to use behavioural biometrics to monitor people’s emotions and movements, and follow where they go? Should people have the right to opt-out? Would opting out even be possible?
Live Biometrics in Public Spaces Banned in Europe
In June 2023, the European Parliament banned real-time facial recognition systems in public spaces, whether used by public authorities or private entities. This comes under the Artificial Intelligence Act, a piece of legislation designed to ensure that AI systems are implemented in an ethical and environmentally sustainable way.
An amendment was proposed by the European People’s Party, which would allow such systems to be used in three scenarios: to prevent terrorist attacks, to search for missing people, and to detect criminals under European arrest warrants. The amendment was rejected, and a total ban has been placed on live biometrics in public spaces.
Euronews quoted Roberta Metsola, president of the European Parliament saying, “Going forward, we’re going to need constant, clear boundaries and limits to artificial intelligence” and that “any time technology advances, it must go hand in hand with our fundamental rights and democratic values.”
The Invasive Alternative
Without such restrictions in place, there is the risk of going down a slippery slope towards a dystopian, Big Brother-like future. This is already the case in China, with mass surveillance becoming the norm some years ago.
Recent developments to the ‘one person, one file’ system mean that AI has a greater role in the decision-making process pertaining to the data stored on each individual. Further developments would connect an individual’s personal details to their real-time location.
Some applications of this technology are understandable. For example, some of the organisations using it are schools that want to monitor unknown faces outside their premises. But of course, there are plenty of other use cases that are not so appealing when it comes to infringing on privacy.
While the use of biometrics could have many positive outcomes, a more conservative use is the best option for any country that claims to support democratic values. Besides, there are other effective and less invasive ways to improve public safety.
Like any data, biometric data is vulnerable to hacking. Passwords can be changed if compromised, but biometric data is immutable – once someone has a copy of your fingerprint, facial structure or iris, it’s potentially out there for good.
This has already happened on a large scale, such as in the Office of Personnel Management data breach in 2015. More than 22 million records were stolen by a Chinese agent, and this included fingerprint scans of US government employees and anyone that had undergone background checks in the US.
The stakes are higher when different types of biometric signatures are stored and are associated with names, addresses and other personal information. The consequences of a bad actor accessing all of this data would be severe, so it goes without saying that organisations should correctly secure any access control system’s database.
Under the GDPR, biometric information is classified as sensitive personal data, and some countries require special measures to be implemented to enhance its protection.
Biometrics boasts high accuracy but it’s not infallible; there’s always a chance of the system misidentifying an individual. Even though our fingerprints or vein patterns are unique, it’s not an extremely detailed record that is stored and analysed. Instead, algorithms analyse a set of defining points.
A false positive might grant access to an intruder, while a false negative might wrongfully deny access to a legitimate user or even trigger a false alarm. Some factors that affect the false rejection rate include the sensor’s cleanliness, as well as sunlight.
The Potential for Biased Security Systems
There are concerns in the security industry that the algorithms for some biometric systems are biased due to only being trained on images of individuals of certain races. As such, the systems will not be as skilled in recognising other individuals, increasing the risk of misidentification among those populations.
The Advancement of Hackers
As with any advancement in the security industry, hackers are advancing in tandem. While biometric systems are hard to crack, it’s not impossible. Silicone copies of fingerprints can be used to spoof a system, as well as 3D masks for cracking facial recognition systems.
It’s always worth considering whether each use case is worth it given the risk. For the highest security scenarios, biometrics may not be the holy grail after all.
Biometric technology eliminates many vulnerabilities inherent in traditional systems. They also improve ease-of-use and in turn, speed up responses, which is crucial in alarm monitoring.
However, the increasing sophistication of biometric systems does not come without its challenges. There is the threat of invasive surveillance, and the immutable nature of biometric data raises the stakes, making the proper protection of this sensitive information paramount.
The recent legislative actions taken by the European Parliament underscore the need for a balanced approach, where technological advancements are weighed against fundamental rights and democratic values.
GeminiSense is the UK’s leading provider of alarm monitoring software, providing state of the art solutions for more than 30 years. To find out how our systems may be a fit for your organisation, contact us today to book a demo.