Retina ScanOK, “souls” is alliterative, but a bit over the top.  How about instead “selling our bodies for security,” such as our retinas, our fingerprints, or our faces?  Multifactor authentication is indeed a useful security access control, the combination of two or more of (1) something you know, (2) something you have, and (3) something you are.  Thus, requiring both a password or PIN (something you know) and also a token or certificate (something you have) should be more secure than merely requiring a password.

The problem is that as biometric authentication becomes more widespread, our immutable characteristics are in play, in a when not if world of data breaches.  Getting hacked can cause harm and embarrassment, but if biometric authentication becomes widespread, the post-breach “loss of face” will be literal … and also permanent.

State laws provide some protection for biometric data used for consumer authentication security.  The Illinois Biometric Information Privacy Act (BIPA) became law back in 2008, and Texas followed suit with its Biometric Identifiers statute, effective in 2009.  Seven states (Iowa, Illinois effective 1/1/2017, Nebraska, North Carolina, Oregon, Wisconsin, and Wyoming) include unique biometric data, when combined with a state resident’s name, in their definitions of protected personal information subject to breach notification requirements.

Class action litigation has now blossomed regarding the use of facial recognition software, with Illinois’ BIPA taking center stage in lawsuits against Facebook and Google.  Perhaps along the way the parameters of privacy law regarding biometric data will become more clear, and the policy issues on biometric data will surface in public discussion.

Regardless, the fact remains that no law will absolutely prevent my personal data from being hacked.  When my credit card account is compromised in a breach, I can change my cardholder data.  And when my email and passwords are accessed by a hacker, I can change those as well – indeed, I should be changing my passwords periodically anyway.  It’s harder to replace a Social Security number, but with some diligence I could deal with that too.  Plus, over the last few years of mega-breaches I’ve accumulated several overlapping credit monitoring and identity theft resolution services for free, courtesy of victimized companies.

But for better or worse, I only have one set of fingerprints, only one pair of retinas, and (definitely for worse) only one face.  All original equipment, with no replacement plan.  Sure, there are limited instances where the high level of necessary security merits biometric authentication (think nuclear codes), yet what’s percolating now is the notion that biometric authentication will become commonplace for consumers generally, for financial, health, and other transactional accounts.  If we’ve learned anything, it’s that no data repository or transmission can be 100% secure, and once one’s biometric data is compromised, there’s no Plan B.  Sometimes something seems like a bad idea because it is.