Biometrics, such as fingerprints, facial recognition, and soon even DNA, have become popular for identity authentication and verification. While they offer convenience, they also pose significant risks. Once compromised, your biometric data is virtually impossible to change, making it crucial to exercise caution. Here are some key points to consider before using biometrics for identity authentication and verification:
Uniqueness: Consider the uniqueness of your biometric data. DNA is the most unique, but it's expensive and time-consuming to validate. Facial recognition is more convenient and less prone to compromise.
Data Capture: Understand how your biometric data is captured. Some implementations capture images, while others use mathematical computations. Avoid solutions that capture and store images. Those images can be used for other purposes.
Data Storage and Processing: Ensure that your biometric data is encrypted, stored locally, and protected with full end-to-end encryption if necessary. Any less secure approach should be avoided.
Applications: Be cautious when using desktop and mobile applications that claim to use biometric authentication. If the application doesn't use your device's biometric authentication, it's best to avoid it.
How do the Philippine Statistics Authority (PhilSys ID), the Commission on Elections, and the Department of Information and Communications Technology securely manage our biometric data? I wish these agencies will publish this information.