Background checks are a standard part of the hiring process at many companies. While these verification procedures are often essential, they can also introduce some complications around privacy and ethics. The use of biometric authentication in this sphere further muddies the waters.
Police departments, immigration authorities, electoral processes and other government functions have used biometrics for years. Consequently, they make sense as a vehicle for background checks in sensitive industries. As the use of this technology has grown, though, so have the concerns around it, so businesses must weigh both sides of the issue.
Benefits of Biometric Authentication
Using biometrics to run background checks has many advantages. Most notably, it avoids false positives that could arise when looking someone up by their name or other information they may share with others. That’s why law enforcement typically uses fingerprinting for identification instead of different methods.
Biometric authentication is also fast. Getting an FBI identity summary takes just 48 hours when using an approved electronic fingerprinting service, whereas alternatives can take weeks. The act of scanning a fingerprint or face itself takes mere seconds, too, helping candidates prove their reliability and start working sooner.
Fingerprint and facial recognition also work well as methods to restrict access to prospective workers’ background check data. These platforms should require multi-factor authentication (MFA), and biometrics are an optimal MFA vehicle. Hackers can access email accounts and SMS to break past other MFA methods, but hacking through biometric systems is not so easy.
Ethical and Privacy Concerns Around Biometrics
As beneficial as biometric background checks can be, they’re not a perfect solution. While they may be less hackable than a password, users can’t change their faces or fingerprints if there’s a breach. Consequently, it’s theoretically possible for an attacker to steal biometric data from a company database and use it to access other sensitive files without the victim being able to stop them.
Biometric authentication also does not work equally well for all people groups. Facial recognition is often less accurate when identifying people of color, and false positives here could exacerbate racial barriers that already exist in many industries. Applicants with clean records could submit a background check only to be misidentified as a criminal because of their race.
Firms must consider legal implications, too. At least three states have biometric privacy laws governing how entities can store and use this data. Several others have general cybersecurity legislation that may apply to biometric data. Failure to comply with such regulations can result in hefty penalties.
How Businesses Can Use Biometrics Responsibly
Given these risks, hiring and onboarding teams must approach biometric background checks carefully. The first step is to review local laws to see if there are any applicable restrictions on how they can use biometrics or requirements for the storage of such data.
It’s also worth considering if a background check is necessary for the position in question. Leaders should waive biometric requests if not. In cases where they are essential, it’s safest to delete candidates’ biometric data as soon as the background check results come in.
Enterprises can minimize ethical complications by choosing the right type of authentication technology. Facial recognition may be popular, but it’s the least accurate form of biometrics, so fingerprinting or palm scans are a better option to reduce false positives. Using other verification methods like names, addresses and social security numbers to complement the biological scan can help, too.
Restricting access permissions to biometric data is likewise crucial. All such data must reside in encrypted databases, and only admins who need access to delete it should be able to see and manage it.
Biometric Background Checks Require Care
Biometrics holds significant potential as a security and background check technology compared to some older alternatives. At the same time, organizations must recognize that it’s imperfect and requires careful usage and restriction to be ethical and safe.
When leaders understand biometrics’ shortcomings and account for them accordingly, the technology can make a big impact on the company. However, failing to consider these factors can lead to substantial ethical, privacy and legal complications.
