Security Experts Explain Consumer
Resistance to Biometrics"> Those who watch the retail security industry for a living have little trouble understanding the consumer resistance, although most agree that biometrics will likely win over consumers with time. Mark Rasch, a former federal white-collar crime prosecutor, responded sarcastically to reports of consumers hesitant to use biometrics at their supermarket."Who could have predicted that? People who want to buy a loaf of bread and eggs dont want to have their finger scanned," he said."The ultimate thing with biometrics in a consumer retail setting is its all about customer convenience. But why is biometrics more convenient? Its really about preventing fraudpreventing fraud against Piggly Wiggly, not me. Why should I be inconvenienced to protect them? It ends up taking more time, has a greater error rate and doesnt provide the consumer with anything they want." Rasch, who today serves as a senior vice president for security software vendor Solutionary, nicely sums up the issues behind consumer resistance. "People just generally dont want to give up fingerprints because they justifiably or unjustifiably believe theres a database being created with their biometrics. This presents unique consumer concerns," he said. "It does provide the consumer with a little convenienceyou dont have to take your card out of your wallet and hand it to a cashier who has to swipe it. But Theres this direct link to me, which presents privacy concerns, like, Hey, what are they doing keeping a record of what Im buying?" Rasch said. "Radio Shack asks for your phone number when you buy something. And people ask, Why give a phone number just to buy some batteries? Theres the idea that theres nothing in it for me and Im giving up some privacy," he said. "What people dont realize is if they pay by credit card, they already have your phone number. Those are short-sighted privacy concerns. Concerns should be more genericthat every time you pay by credit card, theres a record. When it feels linked to you, theres much more consumer resistance." Rasch also questioned the ultimate security of the system, and pointed to the permanence of a fingerprint ID, which significantly raises the stakes. "Theres a whole bunch of problems with biometrics technology. Its not nearly as secure as people think it is. You always have your biometrics with you. If the magnetic strip on your credit card is unreadable or if its stolen, you get a new one. You cant get a new fingerat least not easily. So, thats one big problem," he said. "The other problem with biometrics authentication is its one thing in a complicated system. Its another layer where things can go wrong. If the sensor fails, you cant read the fingerprint. Maybe 2 to 3 percent of the time when I present my credit card, it cant be read. Someone can type in the number and if they cant, I give another card. You dont have that option with biometrics." As a practical matter, Rasch said, many retailers will deal with these concerns by making the system more lenient, so as to reduce the number of customers incorrectly rejected. But making the system more lenient decreases its security value. "These things can be as sensitive or as insensitive as you want. Consumers dont want to wait in line. So where you have high-volume transactions, you can create a lot of tolerance for false positives. And then Im going to say, If Im 85 percent sure its this guy, let it go through," he said. Next Page: Consumer resistance could kill the deal.