Biometrics and QA Services: Changing the Security Landscape

QASource | May 23, 2018

Biometrics and QA Services: Changing the Security Landscape

Remember the days when storing sensitive data behind a simple alphanumeric password worked just fine? Those were the days... such simple, innocent days. Every time the latest company data breach makes the news, we’re reminded that those days are over. As hackers and leakers become ever more skilled and brazen, product companies are responding by doubling down on security measures to protect their users, proprietary information, and their reputation in the market.

Today, access control goes far beyond the keyboard. The advent of biometrics - the process of authenticating a person using physical or behavioral characteristics - is expanding the reach of security and increasing its effectiveness.

Although retina scanning and facial recognition appeared in the sci-fi genre long before it arrived in reality, it’s finally here - and by all indications, it’s here to stay. You might be familiar with some of the hottest forms of biometric security, but here’s a quick rundown of everything that’s circulating across industries:

  • Facial recognition uses bone structure to match identities. Commonly used in financial and defense sectors.
  • Fingerprint scanning is commonly used to unlock personal devices and grant access to secured areas.
  • Iris scanning is often used by the financial and government sectors to authenticate identity and maintain clearance records.
  • Voice recognition is finding use in smart automobiles, personal devices, and home smart speakers.
  • DNA recognition is typically only used for legal purposes (i.e. identity verification, exoneration, etc.).
  • Behavioral characteristics usually includes measurable online activity (search history, tracked clicks, and ‘liked’ content on social media platforms).

As you can see, biometrics hinges on all the pieces of us that are completely unique. It’s hard to copy your face or fingerprint and pass it off as someone else's. It’s impossible to copy and transplant your eye’s iris. Capturing the timbre and nuance of your voice is still a challenging feat. For the time being, at least.

With that biometrics primer out of the way, what is it actually good for? Let’s look at some of its practical uses for businesses:

  • Authentication. When an alphanumeric password just won’t cut it.
  • Access and attendance control. For large companies that need to secure their various entry points.
  • International travel control. To protect the security of nations and their respective government agencies, fingerprint and facial recognition is often used.
  • Financial transactions. Biometric measures may be used to verify outgoing transactions and limit fraudulent activity.
  • Car theft prevention. If your car only listens to you, there’s less chance of it being driven off by a stranger. Voice detection will also be used in self-driving cars.
  • Mobile security. Devices are built to support many different types of biometric security-face recognition, fingerprint scanning, etc. to protect their users and their data.

So, what type of testing does all this require?

In order for biometric security to be helpful, it needs to work and work well. Because it’s such a new space, QA visionaries are rapidly developing new methodologies and approaches to biometric systems testing.

Biometric systems are changing the way that companies think about security and access control, and QA services providers are rapidly developing new methodologies and approaches to biometric systems testing. (Click to tweet)

That said, there are already a few key areas that you need to pay attention to when considering QA services for your system:

Sensor testing

All of the biometric input is received and interpreted by your system’s sensor. Therefore, it should be stringently maintained per the regulations outlined by the manufacturer.

Security testing

Your biometric system is the first line of defense against a data breach. Your QA team should also verify that the information within the system is properly encrypted and stored. Any gap in security could result in a damaging compromise. Learn more about the importance of security testing.

Performance testing

No one’s going to use a biometric solution if it’s slow, buggy, and inaccurate. Your team should help ensure that the user experience of the solution is seamless, fast, and reliable.

Usability and accessibility testing

The system should be easy to use for a wide, diverse segment of the population. For this reason, it should be tested for ADA compliance and provide a range of accessibility options for all users.


Dealing with challenges

Biometric systems do not come without their challenges. Because they rely on input from the human body to function, any change to the body can complicate things. For example, a cut on the identifying finger, a thick contact lens covering the iris, or a significant weight gain or loss affecting the shape of one’s face.

Because biometrics is such a new area, it is very costly to implement and keep up to date. Additionally, storing all the data that is produced by the system (i.e. facial and iris scans, fingerprint records, etc.) can quickly become expensive. However, if the organization values its security and wants to be on the cutting edge of access control and data protection, biometrics is a worthy investment.

QA Professionals Survey 2018


This publication is for informational purposes only, and nothing contained in it should be considered legal advice. We expressly disclaim any warranty or responsibility for damages arising out of this information and encourage you to consult with legal counsel regarding your specific needs. We do not undertake any duty to update previously posted materials.