Sept. 24, 2010 — Biometric systems -- designed to automatically recognize individuals based on biological and behavioral traits such as fingerprints, palm prints, or voice or face recognition -- are "inherently fallible," says a new report by the National Research Council, and no single trait has been identified that is stable and distinctive across all groups.  To strengthen the science and improve system effectiveness, additional research is needed at virtually all levels of design and operation. (See Full Report)


"For nearly 50 years, the promise of biometrics has outpaced the application of the technology," said Joseph N. Pato, chair of the committee that wrote the report and distinguished technologist at Hewlett-Packard's HP Laboratories, Palo Alto, Calif.  "While some biometric systems can be effective for specific tasks, they are not nearly as infallible as their depiction in popular culture might suggest.  Bolstering the science is essential to gain a complete understanding of the strengths and limitations of these systems."


Biometric systems are increasingly used to regulate access to facilities, information, and other rights or benefits, but questions persist about their effectiveness as security or surveillance mechanisms.  The systems provide "probabilistic results," meaning that confidence in results must be tempered by an understanding of the inherent uncertainty in any given system, the report says.  It notes that when the likelihood of an imposter is rare, even systems with very accurate sensors and matching capabilities can have a high false-alarm rate.  This could become costly or even dangerous in systems designed to provide heightened security; for example, operators could become lax about dealing with potential threats.


The report identifies numerous sources of uncertainty in the systems that need to be considered in system design and operation.  For example, biometric characteristics may vary over an individual's lifetime due to age, stress, disease, or other factors.  Technical issues regarding calibration of sensors, degradation of data, and security breaches also contribute to variability in these systems.


Biometric systems need to be designed and evaluated relative to their specific intended purposes and the contexts in which they are being used, the report says.  Systems-level considerations are critical to the successful deployment of biometric technologies.  Effectiveness depends as much on factors such as the competence of human operators as it does on the underlying technology, engineering, and testing regimes.  Well-articulated processes for managing and correcting problems should be in place. 


The report notes that careful consideration is needed when using biometric recognition as a component of an overall security system.  The merits and risks of biometric recognition relative to other identification and authentication technologies should be considered.  Any biometric system selected for security purposes should undergo thorough threat assessments to determine its vulnerabilities to deliberate attacks.  Trustworthiness of the biometric recognition process cannot rely on secrecy of data, since an individual's biometric traits can be publicly known or accessed.  In addition, secondary screening procedures that are used in the event of a system failure should be just as well-designed as primary systems, the report says.


The report identifies several features that a biometric system should contain.   Systems should be designed to anticipate and plan for errors, even if they are expected to be infrequent.  Additional research is needed in all aspects of design and operation, from studying the distribution of biometric traits in given populations to understanding how people interact with the technologies.  In addition, social, legal, and cultural factors can affect whether these systems are effective and accepted, the report says. 


The study was funded by the Defense Advanced Research Projects Agency, the Central Intelligence Agency, and the U.S. Department of Homeland Security, with assistance from the National Science Foundation.  The National Academy of Sciences, National Academy of Engineering, Institute of Medicine, and National Research Council make up the National Academies.  They are private, nonprofit institutions that provide science, technology, and health policy advice under a congressional charter.  The Research Council is the principal operating agency of the National Academy of Sciences and the National Academy of Engineering.  A committee roster follows.



Copies of Biometric Recognition: Challenges and Opportunities are available from the National Academies Press; tel. 202-334-3313 or 1-800-624-6242 or on the Internet at  Reporters may obtain a copy from the Office of News and Public Information (contacts listed below). 


Contacts: Molly Galvin, Senior Media Relations Officer

Christopher White, Media Relations Assistant

Office of News and Public Information

202-334-2138; e-mail <>


#       #       #


[ This news release and report are available at ]




Division on Engineering and Physical Sciences

Computer Science and Telecommunications Board


Whither Biometrics Committee


Joseph N. Pato (chair)

Distinguished Technologist

Hewlett-Packard Laboratories

Cambridge, Mass.


Bob Blakley

Vice President and Research Director

Burton Group Identity and Privacy Strategies


Austin, Texas


Jeanette Blomberg

Research Staff Member

IBM Research, Almaden

San Jose, CA.


Joseph P. Campbell

Senior Member of Technical Staff

Information Systems Technology Group

MIT Lincoln Laboratory

Lexington, Mass.


George T. Duncan

Professor of Statistics, Emeritus

H. John Heinz III College

Carnegie Mellon University



George R. Fisher


George Fisher Advisors LLC



Steven P. Goldberg*

James and Catherine Denny Professor of Law

Georgetown University Law Center

Washington, D.C.


Peter T. Higgins


Higgins & Associates, International

Washington, D.C.


Peter B. Imrey

Department of Quantitative Health Sciences

Cleveland Clinic

Professor of Medicine

Cleveland Clinic Lerner College of Medicine of Case Western Reserve University

Cleveland, OH


Anil K. Jain

University Distinguished Professor

Department of Computer Science and Engineering

Michigan State University

East Lansing, MI


Gordon Levin

Staff Engineer

Design and Engineering

Walt Disney World

Lake Buena Vista, Fla.


Lawrence D. Nadel



Falls Church, Va.


James Wayman

Research Administrator

Office of Graduate Studies and Research

San Jose State University

Pebble Beach, Calif.





Lynette Millett

Study Director



* Deceased