This post is generating a conversation about the matter. The post from libraryplanet.com states briefly the pros and cons of biometric systems. Some people are concerned about privacy issue, implying that biometrics is a step closer towards a "Big-brother-is-watching" society. Some wonder about the costs for the system, like this post from librarian.net.
Personally, I'd like to see biometric technology being used in NLB libraries, either as an alternative or replacement of the barcode authentication. It would eliminate problematic cases of members losing their membership cards and finding that it's been misused. If there's no card, it won't be lost in the first place. And less likely for cases of unauthorised access. Seems that it offers greater privacy-protection that barcode technology.
Of course, like any systems, there are potential loopholes. These posts shows how biometric systems could be cracked: (1) How to fake fingerprints and (2) Gummi bears defeat fingerprint sensors (via Anil).
But in the library's context, I really don't see people going through all that trouble just to steal access to my library records and borrowing privileges. The biometric system makes it less easy for abuse compared to barcode technology (where the effort to duplicate the barcode is less than that in duplicating fingerprints).
What about children, or parents who wish to borrow on behalf of their children? Or people who wish to borrow on behalf of say, a bedridden friend who wish to get some books? What about people whose physical features prevent them from using biometic systems?
The above are not insurmountable, so long we provide alternatives. For instance, separate access cards could be issued by default for children, but authenticated against the parent's fingerprints. Those who wish to make their borrowing-rights transferrable could get a waiver (the trick is to not have too much red tape).
In the Singapore context, the greatest hurdle for biometric-tech applications (in libraries or otherwise) would be more of the cost, i.e. how much are we willing to pay for the added convenience.
Naperville PL is paying USD$40,646 to install the system for 130 PCs. That's about USD$313 per workstation, or SDG$520 (based on currency exchange rate of USD$1 = SGD$1.66). There's also the recurrent maintenance costs to pay the vendor.
Should NLB libraries implement biometric systems, we could offer an opt-in approach, i.e. you opt-in to use the biometric system. I wouldn't mind paying for a small one-time fee. I see more pros than cons. I'd imagine my wallet being a lot less bulky with one less card. And the data-privacy issues are no different from existing systems being used.
References:
- American Libraries Online - Naperville to Launch Fingerprint ID System for Internet Access (20 May 05)
- Chicago Tribune - Library card? Check. Fingerprint? Really? (20 May 05)
- United Press International - Library to require fingerprint-scan ID (20 May 05)
- The Naperville Sun - Library gets its fingers on biometric login technology (19 May 05)
Tag:library security, biometric, fingerprint
Regarding the bulky wallets, can't we already use NRIC cards as a library card alternative? I know I always carried my IC card when I was in Singapore.
ReplyDeleteNow for the biometric database, does it mean that NLB get to tap into government's database of our fingerprints? Only seems natural if NLB wants to avoid recollecting everyone's data - a daunting task if at all possible. However, sharing data means potential security and privacy issues. I am not sure, but are our NRIC fingerprints already used by other institutions besides the government?
GadgetDude - yes you're right. We can use NRIC as library card. I do too, but I know some people prefer not to and they choose to carry a few cards. And if Biometric technology is pervasive enough, I think we don't have to carry any cards, or at least less cards.
ReplyDeleteI don't know if NLB or any agency implementing biometics will tap into some national database. To my knowledge, no other agencies use the fingerprint database.
Anyway I have to clarify that the post is purely speculative and just meant to highlight possibilities. As to specifics of implementation, it'll be a lot more detailed, and I don't have enough knowledge to say more about Biometrics implementation.
Yeah, I sort of jumped into the risk/gain analysis. Nature of my day-time job. :)
ReplyDeleteLike you said, opt in would be best. I also hope that they don't keep (or even have access to) our fingerprints if we don't opt in. It's convenient for sure, but I for one may not want to give my "precious" fingerprints since I already carry my IC.