Biometrics have been used for decades by law enforcement and high-security facilities in their systems for identifying people and controlling access. These systems compare the behavioural and physical data which has been gathered and stored with the actual person wishing to gain access.
More recently, the scope has broadened to consumer markets. We can already access smartphones or tablets with a fingerprint or use voice recognition applications to authenticate online bank accounts.
IEC technical committees (TCs) and their subcommittees (SCs) produce International Standards for biometrics to help ensure reliability, quality and interoperability.
The Joint Technical Committee of the IEC and the International Organization for Standardization (ISO), ISO/IEC JTC 1, covers information technology. The scope of ISO/IEC JTC 1/SC 37: Biometrics, includes specifications for the security, testing and reporting of different aspects such as data interchange formats, face image data, facial recognition, iris image data and voice command speech recognition.
As cars become more connected and move towards being fully self-driving, the automotive industry is riding this trend too. A report by Frost and Sullivan says that one in three cars (almost 34 million passenger vehicles) will be using biometrics for identification and personalization by 2025.
In 2016, a record number of tech companies partnered with car manufacturers, which increasingly are incorporating intelligent features into their newest vehicles. Research by Gartner estimates that a quarter of a billion connected cars will be on the road by 2020, offering various levels of automated driving and opening up the scope for new in-vehicle services. However, among the biggest challenges will be to secure the huge amounts of data such cars will produce and to protect passengers from hacking.
Many new cars are being developed with systems using biometrics which are built-in or brought in through external services such as the cloud.
In the future, features that add another layer of security could include:
Synergies will be built up between car, insurance and health industries as advanced biometrics make future cars more secure. Though we are still years away from the day when cars will drive fully autonomously and humans no longer need to steer, the automobile industry is already developing ways to monitor driver alertness. For example, sensors in seat belts and covers could monitor drivers’ heartbeats and alert them if they are about to have a heart attack, while eye trackers will detect drowsy drivers and give them time to pull over. The work of IEC TC 47: Semiconductor devices, covers the design, manufacture and use of sensors.
The advent of innovative health management devices, combined with aging populations, increased health awareness and the growing need to manage chronic diseases, is driving the boom in medical wearables. According to a report by Global Industry Analysts, the global market for medical wearables is expected to reach USD 4,5 million by 2020.
Against this backdrop, IEC has just established IEC TC 124 which will begin standardization activities for wearable electronic devices and technologies. These will include patchable materials and devices and implantable and edible materials and devices, as well as electronic textile materials and devices.
While biometric data is unique to individuals and a logical choice as an element of access and control security, nothing is 100% safe and users will still need to be careful. Cards, passwords and personal identification numbers can be cancelled or changed if lost, misplaced or stolen, whereas fingerprints that have been lifted, copied and misused cannot. Additionally, biometric information is stored in databases which must be protected from all potential security breaches. If this technology is to become widespread, these issues will need to be addressed.
IEC takes cyber security and data privacy seriously. The software and hardware in cars will need to be protected. A number of ISO/IEC JTC 1 Subcommittees contribute towards mitigating such risks, for example ISO/IEC JTC 1/SC 27: IT Security techniques, including cloud services. High volumes of data will be exchanged between smartphone apps and intelligent car dashboards, which will also become an integral part of the Internet of Things. The work of ISO/IEC JTC 1/SC 6: Telecommunications and information exchange between systems, also contributes towards improving data security.