This week at my 24-Hour Fitness club in Silicon Valley, I noticed the installation of fingerprint scanners at the front desk. A day or so later, they began asking patrons who signed in to allow the scanners to record biometric images of their right and left index fingers. It's all part of the giant gym chain's national cardless check-in program, designed to eliminate the need for members to carry gym cards and make it easier for them to validate their identities.
When biometrics get down to the local gym, however, serious questions must be raised. Your biometric identifiers are immutable and, once stored on a computer, impossible to take back. So if the 24-Hour Fitness database gets hacked and some enterprising Black Hat team of computer experts makes off with this sensitive information, many people could forever lose control of this permanent identification marker. Of course, you could scrape off your fingerprints and replace them with new ones. (This is probably possible). But that's getting a little too close to Total Recall for my taste.
A Whole New Level of Identity Theft
As we all know too well, once something is digitized and in a computer we don't control, it's safe to assume that piece of information will exist forever somewhere in the world on someone's computer. The New York Times Magazine recently ran an article about how the Internet has made it virtually impossible for people to reinvent themselves or to escape from past judgments and circumstances. And The Wall Street Journal detailed the emergence of information exchanges where Web publishers install tracking software on the computers of unsuspecting visitors, track their movements across the Web and sell that information to the highest bidder. Further, its well known that underground marketplaces exist for stolen social security numbers and credit cards. Those problems are painful for identity theft victims, but can largely be addressed: You can always change an account number. Stolen fingerprint metrics, however, would be far harder to resolve.
To be sure, 24-Hour Fitness does not mandate fingerprint scanning. And its technology partner claims to have put in place rock-solid security procedures. In fact, they make the totally plausible claim that your fingerprint image is not stored at all -- that the record is just a jumble of numbers tied to your name. Those numbers are put through an algorithm to obscure the original digit, making it impossible to recreate the original biometric fingerprint map. From the 24-Hour Fitness website:
My reaction to this is that its never impossible to crack a code or an algorithm. More importantly, we need to think very hard before we start adopting biometrics to solve trivial problems like making entry to a health club easier. To date, biometrics have largely been used to applications that truly require high security, such as banking or military matters. As that starts to change, identity theft could take on a whole new and more troublesome meaning. Biometric hackers have already demonstrated that fingerprints can be faked or distorted. When these types of biometrics become more ubiquitous, rest assured, someone will find a way to use them for questionable ends.
"We've partnered with MorphoTrak, a leader in the biometric industry, to develop this convenient new way to check in to our clubs. By scanning your finger, we chart the distance between a few distinct points that are unique to you and come up with an identifying number based on those distances. We do not store a fingerprint, nor can the data we store be re-created into a fingerprint image."