44% of Aussies voluntarily provide biometric data to private companies

Biometric methods are a form of digital identification, which enables a person to have access to systems, devices, or data records. These identifiers require the unique physical or behavioral characteristics of the user, such as fingerprints, DNA, and voice or facial recognition, for example, which make up their biometric data.

Biometric technology may use quick, secure, and accurate authentication software, but it is still a topic largely up for debate. Whilst some users may think biometric digital identity is a good idea, others may not be as trusting of their biometric data privacy.

GetApp surveyed over 1,000 Aussies to see how they feel about their personal information being used for identity verification and whether they believe that biometrics are secure. The full methodology of this survey can be found at the bottom of this article.

What is biometric authentication?

Biometric authentication acts as a password or code and may include the use of retinal scans, voice recognition, digital signatures, and even DNA samples, as seen with law enforcement. One of the most common examples of biometric use is the smartphone, which requires fingerprints (Touch ID) or facial recognition (Face ID) as methods to unlock a mobile phone.

In Australia, the use of biometric technology continues to evolve as seen with the government’s recent launch of the portal myGov. The system requires a digital identity for citizens to access government services online, such as the Australian Taxation Office, Centrelink, child support, and Medicare. Essentially, the user takes a selfie and the image is live-matched against their passport photo in order to log in and use the services.

Other examples of biometrics authentication include the digital driver’s license (DDL) in New South Wales, and the use of facial recognition technology to enter gambling venues in South Australia. The government is also in talks about creating the new digital birth certificate and, in light of the COVID-19 pandemic, a digital health pass for mandatory travel. With all of these changes happening, how do Aussies feel about the use of their biometric data?

44% of Aussies voluntarily provided biometric data to a private company

According to GetApp’s survey, 44% of Australians have voluntarily given biometric data to a private company that is unrelated to healthcare. Survey respondents selected fingerprints (87%) and face scans (64%), both popular methods for unlocking a mobile phone, as the type of biometrics they use the most.

Similarly, when asked which types of biometric data respondents feel most comfortable sharing with private companies (unrelated to healthcare), 48% answered fingerprints and 36% said face scan, closely followed by voice scan (24%).

It seems, however, that Aussies are still resistant to the use of biometric methods. 34% said they are not comfortable sharing any of their biometric data with private companies, which also includes the use of DNA, and iris, vein, and hand scans.

78% of GetApp’s survey respondents trust their employer with their biometric data

When it comes to third parties collecting biometric data, survey respondents say they trust their employer and Big Tech to properly use and safeguard their information. Results show that Aussies trust in tech companies and their employer more so than the government – but only just!

A combined total of 78% of Aussies answered that they either ‘highly trust’ (27%) or ‘somewhat trust’ (51%) their employer with their biometric data. Comparatively, an overall total of 71% either ‘highly trust’ (16%) or ‘somewhat trust’ (55%) in tech companies.

The government proves to be the least trustworthy with Australians as 32% of survey respondents say they ‘don’t trust’ them to handle their information responsibly. However, a combined total of only 68% of Aussies do trust the government with their biometrics data.

Aussies trust Apple more with their biometric data than Amazon and Facebook

‘Big Tech’ refers to the most dominant companies in the IT industry, which include Facebook, Apple, Microsoft, Amazon, and Google. Each of these tech companies are considered to be the global leaders in facial recognition and biometric research.

When setting up a new smartphone, for example, there is the option to add a fingerprint scan, which never leaves the device. It can be used to unlock the phone but also to access certain apps that need an account and require extra security, such as with banking apps. As biometrics data is stored on the phone, consumers rely on these tech companies to keep that data secure.

GetApp found that a combined total of 72% of survey respondents either ‘highly trust’ (26%) or ‘somewhat trust’ (46%) Apple in using and keeping their biometric data secure. In contrast, a total of only 45% of survey respondents trust in both Amazon and Facebook when it comes to safeguarding their biometric data.

69% of Aussies think private companies’ use of biometric data should be regulated by law

In Australia, The Privacy Act (1988) is in place to protect the privacy of individuals and to regulate how government bodies and most organisations (but not necessarily all) handle consumers’ personal information.

As it currently stands, there is minimum regulation or statutory protection in place for the use of biometric data even though the Biometrics Privacy Code was published by the Biometrics Institute as part of The Privacy Act. The organisation, however, is merely an industry association that simply promotes regulation to technology providers. This means that companies do not have to legally comply with the principles of the Biometrics Privacy Code because it is voluntary.

GetApp’s survey results have made it very clear that consumers want more control and rights when it comes to their biometric data privacy. Key findings show:

• 85% of those who GetApp surveyed think private companies should not be allowed to share biometric data with other companies without consent from consumers.
• 69% believe private companies’ use of biometric data should be regulated by law.
• 81% think that consumers should have the right to opt out of facial recognition technology used by private companies.
• 87% of respondents believe they should have the right to know if a private company is in possession of their biometric data.
• 86% of consumers that GetApp surveyed think they should have the right to request the deletion of their biometric data stored by private companies.

Identity theft is the biggest concern for Aussies when using biometric technologies

Despite the advancements in the past few years, biometric technology comes with quite a few concerns. The most common of these are security threats and personal information being stolen.

GetApp asked Aussies about their biggest concerns in using biometric technologies and allowed for survey respondents to choose more than one option. Unsurprisingly, 76% of those GetApp surveyed are most concerned about ‘identity theft’ when using biometric technologies.

This was very closely followed by ‘data breaches’ (75%), which may result in stolen or lost biometric data. A further 70% of respondents selected ‘the misuse of biometric data’ as one of their main concerns with biometric methods. Other concerns Aussies have include a ‘lack of regulation’ (62%) and ‘inaccurate or unfair results’ (43%) when using biometric technologies. Only 8% of respondents say they do not have any concerns at all.

Are biometrics secure?

One of the biggest questions on consumers’ lips is whether biometrics are secure. Government regulation, as seen with The Privacy Act, is one way of ensuring biometric data privacy isn’t breached. Another is through the use of data protection tools.

Authentication software is designed to keep all types of data securely stored to prevent data theft. Identity management software is helpful in eliminating weak passwords and mitigating insider threats. This is thanks to the use of multi-factor security, such as two- or three-factor authentication.

There may always be the threat of identity theft when organisations use biometric methods, but one of the best ways to maintain a secure device is by regularly updating software where required. Another is to ensure the highest level in cybersecurity is applied to biometric systems. Following these steps can play a role in protecting biometric data privacy. In the next article in this two-part series, GetApp explores consumer attitude towards data security to see how they manage, update, and save their passwords.