I read with interest and concern the recent article claiming that the public's resistance to the adoption of biometric technologies was fundamentally a marketing problem, resolved by developing an industry code of conduct.

With the current state of biometric technologies and the questions surrounding the security and integrity of stored biometric data, I would not describe the public as gullible. I would describe them as rightly sceptical and prudent.

There are a myriad of issues surrounding biometric technology, the two fundamental issues being fraudulent use and security of biometric profiles.

Fraudulent Use (a.k.a. Masquerading)

The current generation of biometric technologies are unable to distinguish between the animate and inanimate. They cannot differentiate between the living and the dead. Personal biometric data is not secret. We carry it around with us on public display. We engage in biometric identification every time we recognise someone. We also leave millions of copies in our wake, from fingerprints to photographs.

It's just too easy to fool a biometric system. With fingerprint recognition you could simply cut of a persons finger and place the severed digit on the reader - bingo you're in. You could also take a less violent approach, like Japanese cryptographer Tsutomu Matsumoto and produce a fake finger. With $5.00 worth of products he made a simple gelatine mould of a finger, superimposed a lifted fingerprint and was able to fool nine out of ten readers he tested.

Broader tests were conducted in Germany and were able to fool an iris scanner by getting a photograph of a persons face, place the photograph of the eyes before the scanner and they were in.

Sure there is a little work involved but it isn't rocket science. Respected cryptologist Bruce Schneier said - you can fool 80 percent of the biometrics systems 100 percent of the time. Until the technology is more fraud proof it is unlikely to be adopted by the public and its use will remain in highly controlled environments.

Protection of Biometric Profile Data

Identity theft - the fastest growing crime in the world and one that can literally destroy a person's life! This is a core issue and the greatest obstacle to adoption.

We constantly hear from security types, myself included, that there is no 100 percent secure IT system. With the best will in the world no biometrics organisation can guarantee the security of biometric profile information. The information is being stored on the technology we attempt to secure with varying degrees of failure. In this context conduct regarding the handling of information is a necessary element for protection but does not solve the fundamental problems.

Where multiple vendors of the technology have multiple data bases of biometric profiles, there are that many more opportunities for the information to be stolen. The notion of one massive centralised database also falls short - single point sensitive. Experience tells us that not all vendors will necessarily operate at the highest standards.

The argument about the odds of having your data stolen is shallow. If there was only a 1 percent chance of your data being stolen it is cold comfort if you are in that 1 percent. The ramifications of identity theft are too great to take such a risk.

Currently with online transactions there is a very real risk of identity theft from stolen credit cards and other forms of psuedo identity. With a credit card it is easily cancelled and a new one issued. With biometrics this is impossible - a new finger, eyeball, hand?

Biometrics is a new frontier and promises solutions to many security issues we are confronted with but its time is yet to come. I for one will embrace the technology when it comes of age but in the meantime I will watch with interest.

The obstacles to adoption of biometrics are technology based. The issue is security, not marketing. Unless you define marketing as "spin".

The public are not gullible about technology, they have learnt a lot of hard lessons at the hands of technology spinmeisters. Wide-eyed? No, just not blindly accepting.

Glenn Miller is the managing director of IT security specialist distributor Janteknology e-Distribution

Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved.
ZDNET is a registered service mark of CBS Interactive. ZDNET Logo is a service mark of CBS Interactive.