Open Access is an initiative that aims to make scientific research freely available to all. To date our community has made over 100 million downloads. It’s based on principles of collaboration, unobstructed discovery, and, most importantly, scientific progression. As PhD students, we found it difficult to access the research we needed, so we decided to create a new Open Access publisher that levels the playing field for scientists across the world. How? By making research easy to access, and puts the academic needs of the researchers before the business interests of publishers.
We are a community of more than 103,000 authors and editors from 3,291 institutions spanning 160 countries, including Nobel Prize winners and some of the world’s most-cited researchers. Publishing on IntechOpen allows authors to earn citations and find new collaborators, meaning more people see your work not only from your own field of study, but from other related fields too.
To purchase hard copies of this book, please contact the representative in India:
CBS Publishers & Distributors Pvt. Ltd.
www.cbspd.com
|
customercare@cbspd.com
Biometrics applications are progressively widespread as a means of authenticating end-users owing to the extensive range of benefits over traditional authentication (token-base-authentication). However, the transaction involves taking into account the perceptions and responses of end-users. If end-users are fearful, hesitant about these biometric technology-applications, misuse and implementation-complications can surely overshadow. The goal of this study is to sightsee the user’s-motivation, understanding, consciousness and acceptance towards utilization of biometric technology-applications. A 300-person survey was conducted to evaluate public-opinion on the use and adoption of biometrics. Stratified sample technique was used to administer the surveys. The results presented that perceived ease-of-use, user-motivation and attitude are more important-factors when deciding whether to accept new technology-applications. Although many end-users have become more familiar with biometric technology-applications (e.g., Fingerprints or facial-recognition), many individuals still have a negative-perception of the technology. Concerns regarding confidentiality and security i.e., storing and protecting personal-identification data, the fear of intruding into a person’s daily-life and disclosing personal-information remain a major problem. Some end-users claim that despite the potential resilience to biometrics, designers must mentally and psychologically prepare the general public for the new use of biometric technology. This will make it possible to transform negative user-perceptions into a positive-experience. Thus, this study can help end-users and companies understand and make the right decisions to promote the use of biometric-applications and services. The study is expected to be an important research-discovery that will greatly contribute to Uganda’s digital-economy.
Department of Computer Science and Electrical Engineering (CSEE), Muni University, Uganda
Edith Talina Luhanga
School of Computational and Communication Sciences and Engineering (CoCSE), Nelson Mandela African Institution of Science and Technology (NM-AIST), Tanzania
Anael Elikana Sam
School of Computational and Communication Sciences and Engineering (CoCSE), Nelson Mandela African Institution of Science and Technology (NM-AIST), Tanzania
*Address all correspondence to: hamitech2019@gmail.com
1. Introduction
Biometric technologies are becoming more ubiquitous in our day-to-day life for a wide variety of applications such as border clearance and immigration, civilian ID cards, mobile banking, police and security, health care labs and many others [1]. The technology is used for authorization and proof of identity as a solution to the challenges associated with combatting, managing and potentially resolving criminal activity [2, 3]. In fact, mobile companies have increasingly embraced biometric technologies to allow users to connect to their mobile devices by scanning their fingerprints and faces [4]. It is estimated that 100% of mobile devices i.e., smartphones, portable devices and tablets will require biometric protection by 2020 deliberately about preventing fraud. This is quite possible because users are now exposed to biometric technologies and never realize it. Banks and credit unions have used biometrics as part of a multi-level safety means to assist address risk-related concerns. It is expected that many others will move in this direction [3, 5].
Indian, Hindustan Computing Limited (HCL) Technologies reported that e-commerce inventors are discovering the usage of biometrics and smart cards to properly prove the identity of a party to the transaction. Because it can help to reach the security facilities on the handset via voice verification [6, 7]. Since the focus is on what the user is, rather than what the user knows or possesses. The implementation of biometrics is largely dependent on the degree to which system users are willing to accept the technology [8]. User behavior may cause or break the implementation of biometric technology. The process of providing personal data publicly may be offensive to some people. As well, users may associate fingerprints with law enforcement and crime and may be unwilling to use fingerprint systems [9]. Others believe that scanning, iris and retinal systems can be harmful to their eyes. In any event, these positions may potentially contribute to significant public embarrassment to the company that collected the data, regulatory fines or law suits. If DNA scans become prevalent, they can give escalation to an entire new arena of secrecy worries such as exposure of health situations and household relationships [10].
At present, there is not a single piece of legislation that provides a comprehensive overview, addresses legislation or provides standardized guidelines for the usage of biometrics [1]. The lack of a specific document or regulation that obliges as a pre-eminent guide and governs biometric usage leaves organizations to make their own rules about how to handle and use biometric data. The potential for misuse of biometrics is an important concern for users. Consequently, the perception of the user, especially in the field of security and privacy, must be well understood. As reported by Emami et al. user’s perception on use of biometric applications are generally tied to their sociocultural, religious believe, health matters and occasionally the lawful consequence of the subject matter which has to do with delinquency. Researchers found that when applying for biometrics, individuals are unwilling to allow for instance, their faces to be captured as it violates their religious belief. Once again, others are not comfortable entering their fingerprints for fear of a security breach or for health reasons. Chandra et al. reported that while user fear is: belief, user acceptance, secrecy concerns are not taken into consideration, there is a possible threat of system failure. It might be surprising to install biometric applications without assessing the acuity of biometric knowledge [11, 12]. As a result, users must be educated on why the system was introduced and how it can be beneficial to them.
The study therefore focuses on the intensity, comprehension, awareness and acceptance of biometric use by end-users. The objective is to provide useful information and benefits of the usage of biometrics technology as well as factors affecting end-users in the usage of related technologies. The author assumes that this study will help stakeholders and policymakers at different levels to differentiate between the capacity of the application of biometrics technology, and user acceptability in the design of robust procedures for deploying biometric technologies that are user-centric. The paper is prearranged into five sections: Section 2 briefly presents several studies carried out to understand users’ perceptions regarding the usage of biometric applications. Section 3 provides an idea of the method used in conducting the study. Section 4 presents the results and discusses their importance, and Section 5 presents the discussion of findings. Finally, the conclusion, limitations and some insights for future research.
The review addresses two main lines of research: (a) the Technology Acceptance Model (TAM) and (b) the user’s perception of the usage of biometric technology application. The relevant literature for each of these two areas is discussed below.
2.1 Technology acceptance model (TAM)
To examine the public perception of the usage of biometric technology, the Technology Acceptance Model (TAM) was examined. This is an accepted model for explaining people’s acceptance and behavior. Based on its simplicity and understanding [13, 14]. It helps researchers and practitioners distinguish between the reasons why a proposed technology may be acceptable or unacceptable [15]. The model is based on the Theory of Reasoned Action (TRA), a psychological approach that illustrates how the individual’s belief application system acts on human behavior [16]. This implies that behavioral intent is closely related to real behavior. In essence, the TAM is based on two basic concepts: perceived usefulness (PU) and perceived ease of use (PEOU). Perceived usefulness is the extent to which a person believes that the usage of a particular technology would enhance their work performance [17]. If the assessed PU results are positive, users will tend to have confidence in the technology. However, perceived ease of use refers to the extent to which an individual believes that using a specific system would be effortless. The extent to which one believes that the usage of technology would exempt a person from conscientious work. In addition to the PU and PEOU, two other variables were expressed: attitude and motivation. Attitude is a general positive or negative assessment of a person’s particular behavior. In studies of user behavior, attitude is considered as a predictor of the future inspiration to be used. Thus, the impact of the user’s attitude on the intention to usage is universal, which partly explains why the TAM has been widely studied in various areas. Motivation is an indicator in which a system is used to measure subjective intent by users. This has a critical impact on whether a certain type of technology or system is accepted. Therefore, in the present study, the motivation to use was to define the magnitude of the intention of users with respect to the usage of biometric technology. Figure 1 adds two variables that are proposed for the determinants of relative advantage, attitude and motivation to establish the intent and perception of the end-users to use the biometric technology application. The relative benefit is the level at which an innovation is better discovered than the practice previously employed. Derived from Figure 1, perceived usefulness, perceived ease of use, user attitudes, and user motivation are variables dependent on end-users’ perception to make effective use of the application of biometric technology. As a result, technology users have greater acceptance and satisfaction. From this perspective, we anticipate the same thing in the case of accepting biometric technology. The greater the perceived usefulness, the greater the intent to accept a biometrics application system. The greater the perceived ease of use, the greater the intended acceptance of a biometric system. The perceived usefulness of the biometrics system is positively correlated with perceived usability. The greater the attitude towards the use of the biometric application, the greater the likelihood that an end-user will consider a biometric application system to be useful. The higher the motivational factor, the more end users perceive a biometric application system to be easy to use.
Figure 1.
Framework model for user acceptance of the biometric application.
2.2 User perception with respect to the usage of biometric applications
Increasingly, biometric technologies are being used in almost all areas of human activities for verification and identification [2, 4]. This technology allows for the collection of personal information and physiological data for identifying purposes. However, the available data is limited. Because users are more likely to have little acceptance or confidence in biometrics due to privacy concerns [18]. As such, it is significant to know the reasons that contribute to user acceptance as well as the need to consider user perception and will associated with biometric technology. As human perception is highly unpredictable in many cases, a greater comprehension of user needs is required.
Study by Habibu et al. [9] conducted a survey of user knowledge and concerns related to biometrics. The study shed light on the user’s experience with the usage of biometrics. The findings present that the overall response was optimistic about their prior knowledge of biometric characteristics, but had relatively little practical experience using them. In addition, they noted that many technologies were generally better accepted than others. For example, respondents felt better about the usage of fingerprints and face images than with iris examinations. In fact, fingerprints and faces are used in many national identity systems. For example, inside access control, door pass, and client ID simply required the person to touch the sensor screen or look at the authentication device.
Carpenter et al. [19] presented a study examining workers privacy concerns associated to the organization’s use of biometrics. Their findings suggest that self-determination has played a significant role in formulating privacy protection, perceived accountability, and concerns about perceived vulnerability. The research suggests that, it serve as important indicators of user attitudes to biometric technologies in the workplace.
Furthermore, a study by Jones et al. [20] explaining the purpose of users to use biometrics as an authentication tool with young Arabs were studied. The findings revealed that, perceived ease and usefulness are the most decisive factor influencing user’s perception to accept or reject new technology. Therefore, the key to increasing the acceptability of any technology is to work out how the negative perceptions can be lessened.
A study presented by Chan and Elliot [21] updated biometrics secrecy perceptions with two investigations. The first investigation, carried out amongst 200 participants, asked participants of their knowledges and insights of biometrics. Another investigation, observed to measure variations in perception over time. The study suggested a level of disbelief around the safety and secrecy of the biometric data. For example, forty-five percent (45%) of participants were not able to trust their data from a public company. Because the findings revealed that there was more support for the usage of biometrics in the fight against terrorism and the banking sector.
Furthermore, El-Abed et al. [22] claimed that the major drawback in the general satisfactoriness of biometric application is the lack of general assessment method that appraises performance, users’ acceptance and satisfaction, data quality and security. Such evaluation methodology assists system designer to be able to ascertain suitability of the technology being designed and aid in making necessary adjustment to the design, in the early stage, to improve the satisfactoriness level.
Study by Elliot et al. [23] reviewed technique to identify and inspect the citizen’s perceptions, opinions and fears of biometrics technology. The issues such as security and privacy concerns of users are asked in the review. The findings indicated that people are pro biometrics i.e., they accept the biometrics utilization as a way to enhance security, but they have fears about their privacy (who can utilize that information). The mainstream of the individuals accepted the biometric technology, but also, have security anxieties of using biometric technology. In short, the individuals are eager to utilize the biometrics technology, but they lack hope with approximately legislative organizations. The prerequisite to teach individuals about biometrics in order to eliminate users’ greatest concerns is paramount.
One common theme that comes out of the studies is that users are concerned about the privacy and security of their personal data. This is an area that requires further study as part of the proposed research, which explores the concerns of participants and the contextual nature of those concerns.
This study involved a questionnaire survey to assess user’s perception in the usage of biometric technology applications. The surveys enable to gather information to be statistically analyzed. It consisted of three sections (A, B and C). Section A was designed to capture demographic, experiential and behavioral characteristics that may affect the use of biometrics or relate to the views of participants. The participant demographic information included age, gender, the education background, the experience level about biometric technology application. The common biometric features listed in the questionnaire were fingerprint, face, iris, voice, retina, gait, signature and palm print. The analysis of the respondent’s descriptive distribution is shown in Table 1. Section B considered questions to ascertain the participant intention, willingness and general perception with respect to the use of biometric technology applications. The five-point Likert scale from Strongly Agree (5), Agree (4), Neither (3), Disagree (2) to Strongly Disagree (1) is used. This was aimed to understand users’ acceptance and utilization of biometric application. Section C considered questions to ascertain users fears in use of the biometric technology, the technique required for securing the biometric data and the strategies aimed at regulating and protecting the biometric technology information.
Variables
Item
Frequency
Percentage (%)
Age
21–30
94
31.3
31–40
154
51.3
41–50
36
12.1
50 and above
16
5.3
Gender
Male
200
66.7
Female
100
33.3
Education level
BSc
134
44.7
MCs
94
31.3
PhD
72
24.0
Role
Students
138
46.0
Staff
98
32.7
Employee
64
21.3
Biometric feature User experience
Fingerprint
106
35.3
Facial
98
32.7
Iris
30
10.0
Retina
12
4.0
Voice
26
8.7
Signature
28
9.3
Table 1.
Respondents distribution frequency.
3.1 Analysis of the data
Data analysis involved a mixture of quantitative and qualitative techniques. Author applied Statistical method (SPSS) version 25 and presented findings using descriptive statistics in the form of frequency, percentage, mean and standard deviation to analyze responses to close-ended questions. Compared the mean independent t-test results across some aspects for instance, between user willingness and non-user willingness. A total of 300 participants (students, academic staffs and employees) from two selected institutions Muni University and IUIU University were collected. This is largely due to the fact that they are associated with a greater affinity, understanding and acceptance of new technologies, which would be necessary to transmit biometric concepts. The participants were given a consent form to notify them of the theme and take their consent to respond in the survey. The questionnaires were provided to the participants who were comfortable in completing the survey by themselves. Stratified random sample was utilized to draw the target population. The formula
was deployed for the sample size [24]. By using this approach to find the sample size, it is anticipated that the degree of bias can be fixed and the measurements of sampling error becomes low.
Out of the 300 survey participants, most of the participants were male with 66.7% and female with 33.3% respectively. The majority of participants to the survey were aged between 31 and 40 with 51.3%. Thirty-one-point-three percent (31.3%) were between 21 and 30 ages old. Twelve-percent (12%) were between 41 and 50, and 5.3% were over 51 years old. Nevertheless, this distribution of the participants’ ages means that most of respondents will have either grown up with technology from an early age or been early adopters of new technologies.
In terms of education, a majority of participants had at least a high-level degree equivalent with 44.7% having at least a Bachelor’s degree, 31.3% with a Master’s degree, and 24% of the respondents held a doctoral degree. This is likely to be influenced by the researchers’ personal and professional networks. Finally, in regards to respondent’s categorical level, 46% of the participants were students, 32.7% were academic staffs, and 21.3% were employees. Figure 2 presents the investigation of the social demographical information.
Figure 2.
Social demographic information, (a) age group, (b) gender, (c) education level, (d) categorical level.
4.2 Biometrics feature utilization
The respondent’s experience towards the usage of biometric technology were examined. Participants were asked about the biometric features that should be used in each of the physical and behavioral characteristics. It was used to better understand which technologies participants liked most and which ones they liked least. Participants were generally knowledgeable about a numeral of physical biometrics technologies. Thirty-five-point-three percent (35.3%) of the respondents had shared knowledge of how fingerprints are used. Thirty-two-point-seven percent (32.7%) were vast in facial scan. This is not surprising considering their commonness in personal devices and in our everyday lives (e.g., smartphones or migration at an airport). Both of these technologies have been used to protected personal devices and is increasingly become common in our daily lives. For example, the vast widely held of personal devices (e.g., smartphones and tablets) now make use of fingerprint and facial recognition so such a common usage is expected. Ten percent (10%) were having knowledge in Iris, 4% were vast in Retina.
In terms of possibly classified as behavioral biometrics technology, 8.7% were experienced in Voice, and 9.3% were vast in Signature scan. This is actually predictable in that traditionally behavioral biometrics do not require the user to interact with any specific hardware directly. Instead, their behaviors are normally monitored remotely. These analyses were pointed to the user’s experience in the usage of biometric application and getting to know whether new biometric technology devices such as smartphones, tablets, or laptops can either be accepted or not. Therefore, developers need to consider actual user willingness and acceptance in the utilization of these new technologies embedded with biometrics devices when designing a biometric security application, and make an effort to promote the use in a positive way. The findings from the analysis are shown in Figure 3.
Figure 3.
Biometric feature utilization.
4.3 Usefulness of biometric technology applications
Three hypotheses were verified by multiple regression analysis. Perceived ease of use (PEOU), perceived usefulness (UP), and perceived enjoyment (ENJ), with participants’ attitudes towards the usage of biometric technology (ATT) as a dependent variable. Three general questions related to satisfaction with biometric technology were also raised. Sixteen quantitative questions were asked on a five-point Likert scale, ranging from strongly agree to strongly disagree. Table 2 presents the analytical descriptive statistics for the constructions of each survey question. All three of the PEOU statements ranked highly with an average of 3.70 out of 5.00. “I would find biometric technology easy to use during workplace” scored highest with a mean of 3.73. Most of the survey statements related to perceived usefulness also ranked highly at an average of 3.66. However, respondents ranked the statement, “Biometric technology enables me to have more convenience at workplace,” the lowest at 3.07. “Using biometric technology increases security level of an individual data at workplace,” the highest at 4.42. With respect to participants’ enjoyment using the biometric technology, this category scored the lowest with an average of 2.83. “I have fun when using biometric technology” scored the lowest at 2.30 and “The actual process of using biometric technology is pleasant” scored the highest at 3.59.
Measurement questions
Mean
Std. Dev.
Min
Max
N
Variance
Perceived Ease of Use (PEOU) I know how to use biometric technology
3.69
1.248
1
5
300
1.551
I would find biometric technology easy to use during workplace
3.73
1.443
1
5
300
2.082
Learning to use biometric technology is easy for me
3.67
1.438
1
5
300
2.067
Perceived Usefulness (PU) I find biometric technology useful at workplace
3.18
1.278
1
5
300
1.633
Biometric technology enhances the personal security information
3.95
1.442
1
5
300
2.078
Biometric technology enables me to have more convenience at workplace
3.07
0.958
1
5
300
0.919
Using biometric technology increases security level of an individual data at work
4.42
1.043
1
5
300
1.087
Perceived Enjoyment (ENJ) I find using biometric technology is enjoyable
2.61
1.556
1
5
300
2.420
The actual process of using biometric technology is pleasant
3.59
1.369
1
5
300
1.875
I have fun when using biometric technology
2.30
1.538
1
5
300
2.365
Attitude (ATT) Using biometric technology at workplace is a good idea
3.81
1.316
1
5
300
1.731
I like the idea of using biometric technology at workplace
3.72
1.441
1
5
300
2.075
Biometric technology makes work environment more interesting
3.83
1.201
1
5
300
1.441
Overall satisfaction Overall, I am satisfied with the usage of biometric technology
3.81
1.498
1
5
300
2.243
As a whole, I am happy with the usage of biometric technology
4.01
1.168
1
5
300
1.364
I believe by attending any biometric technology conference will enhance my profounder understanding of the technology
3.91
1.430
1
5
300
2.046
Table 2.
Descriptive statistics.
Respondents’ attitude towards the biometric technology was strong with an average of 3.79 out of 5.00 over the three statements. “I like the idea of using biometric technology at workplace” scored at the lowest with 3.72, while “Biometric technology makes work environment more interesting and “Using biometric technology at workplace is a good idea” were the strongest at 3.83 and 3.81 respectively. In regards to the participants’ overall satisfaction with the biometric technology in general, this category scored a very high average of 3.91 over the three statements. The most highly ranked statement was, “As a whole, I am happy with the usage of biometric technology,” and scored a 4.01. The results from the statistical analysis are shown in Table 2.
In order to gain additional insights, two open-ended questions were asked: (1) “What did you like about the biometric technology?” and (2) “What did you not like about the biometric technology?”. A greater percentage 66% responded with optimistic response about the likeness of the biometric technology, while 34% of the biometric users responded with negative feedback. Of the biometric technology user group, 40% mentioned that the biometric technology was easy to use, 28% indicated greater security, while 32% showed conveniences and user friendly. Regard the negative feedback of the dis-likeness of biometric technology, 34.7% mentioned risks of personal data, 45.3% indicated that the biometric data can be stolen, while 20% mentioned insecurity of personal data.
4.4 User willingness vs non-user unwillingness with respect to the usage of biometric applications
In order to compare the overall user willingness vs. non-user unwillingness satisfaction levels in the usage of biometric technology, a t-test was run in SPSS. Statistical measurement of two intact groups using an independent samples t-test is appropriate to evaluate the variance amongst the two groups [24]. The results were statistically significant between user willingness vs. non-user unwillingness. The user willingness to use biometric technology mean was 4.39 and non-user unwillingness to use biometric technology mean was 3.33. This result shows that both users and non-users willingness rated their overall usage of biometric satisfaction at virtually different level. Table 3 presents the comparison of the sample independently of the t-test results.
Comparison sample
Mean
User willingness vs non-user unwillingness to use biometric technology?
Willingness(102)
Unwillingness (198)
Mean difference
t-value
Sig.
4.39
3.33
1.059
7.610
0.000
Table 3.
Independent samples of t-test results.
4.5 Security of the biometric technology
The security issues were intended to measure the extent to which subjects felt the application of biometric technology would improve the security of the end-user. Participants were asked to comment on biometric security versus other traditional methods [24]. Ninety-two percent (92%) of participants agreed with the statement that biometrics were more secure because it involves a personal presence during the verification process. Participants were also asked about the ability of biometrics to offer the same level of security as two-factor authentication. The majority 84.7% of respondents concur with this statement. Lastly, respondents were asked if they were of the opinion that biometrics could easily be compromised. Forty-eight percent (48%) of participants explained that biometrics might be compromised. While 52% stated that biometrics cannot be easily compromised, which was not surprising. This is particularly true when seeing that most respondents indicated that biometrics was as secure as two-factor authentication.
One of the key findings of this study was that participants were generally knowledgeable about the usage of fingerprints and face. This emphasizes that exposure to these technologies assists in generating support for the desired methods.
4.6 Users fear in usage of biometric technology
Another area was the level of concern of subjects about privacy issues associated with the implementation of biometric technology. The issues of willingness to provide personal biometric information for collection, use and storage were addressed. While biometric technology offers highly compelling proof of identity and individual confirmation solutions. Participants voiced concern about the usage of biometric technology, as biometrics can easily be hacked and the consequences of their mismanagement could be incredibly dangerous. Thirty-two-point-seven percent (32.7%) expressed the selling of the information to 3rd party. The danger of identity stealing is greater because, unlike a credit card, biometrics cannot be canceled or superseded if it is entered by a third party. With fingerprints all over the place and faces in full view. Forty-eight percent (48%) indicated misuse or abuse of personal data. This is because a compromised biometric data stored in the database cannot be revoked. For instance, the DNA information can reveal a person’s health and exposure to disease [25]. Biometrics can be safely described as the future of human identification. However, this future would remain uncertain unless rigorous methods are employed to protect it from misuse or violation of data. Nineteen-point-three percent (19.3%) of the participants showed identity fraud. The analysis is shown in Figure 4(a).
Figure 4.
(a) User fear in use of biometric technology, (b) techniques to protect the biometric data.
The manner in which personal information is increasingly collected, stored and transmitted through Internet of Things (IoT) devices and services in the cloud, make biometrics technology more susceptible to identity theft. By accessing biometric data, hackers can easily steal an individual’s identity or even use and falsify personal information that may be life-threatening [26]. For example, there was an incident in 2015 when the U.S. Office of Staff Management was hacked. Cyber criminals successfully fingerprinted 5.6 million government employees and made them vulnerable to identity theft. The question of whether biometric technologies can ever be full proof remains unanswered.
4.7 Techniques for securing the biometric data
With respect to biometric security techniques, 38% of respondents recommended the use of encryption techniques as a better approach to protecting biometrics. Encryption technique can help to safeguard sensitive data. It can securely link the user’s ID and biometric information to ensure that the key and biometric information cannot be retrieved from the template stored along with improving the security of personal data and communications. Increase the trust, acceptance and use of the population, which is more consistent with privacy laws.
Fourteen-point-seven percent (14.7%) expressed building centralized data Centre. This approach provides a low-cost implementation of biometric verification and benefits users who require multi-site authentication. User biometrics can be relocated over the network (generally on the Internet) and open doors for sniffing.
Twenty-four percent (24%) of the participants recommended the combination of fingerprint and strong password (Two-factor authentication). Two-factor authentication makes it possible to prevent password theft and card theft. This may make the biometrics of the database so difficult to hack or steal for a hacker. Twenty-three-point-three percent (23.3%) preferred the use of personal e-card. With smart card biometrics, users can feel that they are controlling their biometrics, increasing user acceptance of systems. In addition to these advantages, this technique also has certain deficiencies. The cost of implementing card-based biometrics is high because biometric chip readers are necessary to verify users. The user must present their biometric chip card and then their biometric credentials to the scanner to authenticate their identity. The analytical results are illustrated in Figure 4(b).
In addition, other ways of securing biometrics in the database may include keeping the software up to date. When the system manufacturer informs you of an up-to-date or available software patch. It is very important to install it immediately in order to decrease the possibility of the device being susceptible to security vulnerabilities. It is particularly important to keep your operating system and Internet security software current.
4.8 Strategies to control the security of biometric information
For the aim of preventing identity theft and protecting against fraudulent acts, respondents were requested to provide a recommendation to regulate development and implementation of new security technologies as more players recognize the tremendous potential of biometric technologies. Thirty-four percent (34%) of the participants recommended that the laws to protect personal information should be adhered to. The rights of persons must be adequately protected and their data in the hands of private and public bodies must be carefully and sensitively managed. Companies needs to get consent from the individual before processing the data for surveillance or profiling [27].
Twenty percent (20%) of respondents recommended that citizens be made aware of new safety measures. Citizens need to be alert of the new security technologies put in place before being applied. The government has the ability to provide citizens with relevant information on safety and security, because it is responsible for safety and security. Through this initiative, public trust, willingness and acceptance of new biometric devices can be restored. Fourteen-point-seven percent (14.7%) of the participants recommended use of legal procedure to be taken against wrong or misuse of personal information. As biometric technologies have become more commonplace, legal procedures need to be developed to better guide employers on how to properly collect, store and use biometric information. The employer shall inform the employee if his or her biometric information is disclosed as a result of a breach of his or her records.
Thirty-one-point-three percent (31.3%) of the respondents recommended keeping the personal data as secure as possible. As the global movements show that biometric technologies are advancing rapidly, regulations need to be kept up-to-date. Technical, human, process and policy challenges need to be addressed to secure digital data and ensure that biometric technology can efficiently shape human identity authentication applications. The analytical findings are presented in Figure 5.
Figure 5.
Strategies to regulate and protect usage of biometric application.
To ensure compliance with biometric security strategies, employers should:
Audit the workplace. Perform a workplace verification to identify any biometrics used. Review the company’s policies and procedures for storing, retaining, disclosing and destroying this information.
Familiarize oneself with the law. Review applicable national and state legislation to identify legal obligations associated with the processing of employee biometric information. Keep in mind that obligations are expected to extend beyond employee information to include the processing of user or third-party biometric information. It’s always good to consult to obtain clarification if we are not sure of the legislation that applies.
Adopt appropriate policies. Current policies that respect state laws and inform employees of their rights and obligations as they relate to the collection, storage and use of their biometric information. One should not forget to review any data breach notification policies to ensure that they include biometric data within the definition of protected information.
Finally, refer to service providers. A number of companies outsource certain aspects of human resources to third parties. If an employer has retained the services of a payroll company or any other supplier who collects or uses employee biometrics. It should discuss the responsibilities of the service provider with respect to this data and the efforts of the service benefactor to comply with applicable legislation. You make sure each person is on the same page when we talk about compliance.
Therefore, there is a need to guide individual awareness of the security and confidentiality of the application of biometric data collected within the daily business organization [28].
4.9 Proposed implementation of E-passport system
Two categories are defined in the biometric application process: The System Administrator task and the End-User (applicant) task. The system administrator starts by creating and deploying regional offices and agents responsible for the biometric ePassport process. With respect to the trial, thirteen (13) regional offices were deployed within the system from the four regions of Uganda. As well, the main regional headquarters controls all 13 regions. Figure 6 shown the creation and deployment of the regions.
Figure 6.
Creation and deployment of regions.
The system administrator assigns regional agents who are responsible for processing only the application process for that specific region. Agent is not able to see details from colleague in other regions. This is due to security concerns given that all applicants come from different regions. Figure 7 shown how to register an agent in a given region.
Figure 7.
Register an agent in a given region.
The Regional Officer can only see applicants from that specific region and has no access to other applicants from other different regions or centres. The Regional Officer is responsible for approving (verifying) or disapproving (denying) the applicant as required.
Once the Regional Officer has verified (approved) the applicant, the applicant information is automatically transmitted directly to the Regional Head Office (Kampala) for further processing of the ePassport. The regional agent will no longer see the applicant information on the system. This is part of the safety measure needed for end users to track, but the officer will have a hardcopy to support the applicant information (PDF file). The applicant information is deactivated from the agent side and the Twilio SMS is sent to the applicant for status quo. In the event that the officer rejects the verified applicant information (approval) because of incomplete requirements, SMS text will automatically be sent directly to the requester for refusal to make the necessary changes and re-submit the request. Figure 8(a) and (b) shown the Twilio SMS approval and denial process for the applicant’s application process.
Figure 8.
(a) Verified applicant information, (b) denial of applicant information.
The job of the applicant was to launch a new application by first clicking on the disclaimer acceptance button. The applicant is then guided through the on-line application process. The applicant is required to set up an account for its own credentials in the given region. Here, an applicant will be provided with a randomly generated Unique Identification Code (UIC) from the selected region. The information concerning the applicant’s credentials are shown in Figure 9.
Figure 9.
Applicants login details.
The applicant will then proceed to fill in his/her personal details, the origin, residential, spouse detail if any, the person of contact (next of kin), and finally the parents’ details. Once the information is provided, the applicant will provide the required attachments, such as a personal passport photograph. This passport photograph will be automatically encrypted for security reasons. This will only be visible to the requester if the correct password is entered. Keep in mind that you will not be able to see your passport picture when you are not using the system. Other documentation included a copy of the National Identification Number (NIN), a letter of reference and a payment slip. Upon completion of the required documents, the applicant can now submit the form. Prior to the submission of the application, the applicant can download a copy of the application details for further investigation or follow-up and backup.
The features of biometric technology used were fingerprints and a face image. The authors used the Biostar 2 Server standard to retrieve biometric features and templates. Figure 10 shown the enrolment in biometrics.
Figure 10.
Biometric fingerprint and ficial enrollment.
The enrolled biometric function and the personal information were combined and encrypted to produce two files, i.e. the byte file and the text file for the security reasons. This ensures that no trespasser may have access to personal information without his or her consent. It was practical evidence for the end user to understand and motivate themselves on how users perceive the use of biometric technology applications. Everyone has the privilege of reviewing the status of their claim. Any unlawful attempt with individual data, a text message is automatically sent to the individual for warning, detection and alert. The organization is in a position to handle individual data and provide timely feedback. Consequently, the increased process of biometric passport system, accuracy and competence of users. Figure 11 shown the encrypted text and byte files.
The study focused on user perception when using biometric technology to characterize its operationality and acceptability. It determines whether a meaningful relationship exists amongst demographic features and user perceptions. Participants revealed that biometric technology is more secure and appropriate than traditional approaches to fraud. It also revealed a good level of knowledge and acknowledgement of biometric technology. Participants had first-hand acquaintance of a numeral of physical biometrics technologies. It ought to be noted that while these technologies are widely accepted, they depend heavily on the context. However, the study revealed that users appear to be most comfortable with these biometric feature (e.g., fingerprints and face recognition). Considering somewhat more intangible biometric characteristics (e.g., voice and signature) they tend to be less popular. This proposes that there might be opportunities to increase public acceptance of these behavioral biometric characteristics.
User willingness and acceptance of biometric technologies were reviewed. We conclude that acceptance of biometric technology might be highly dependent upon the degree to which system users are willing to accept the technology. The attitude of the user may do or pause the operation of a biometric application. Some individuals may find the process of publicly disclosing personal information unpleasant. As well, users may associate fingerprints with law enforcement and crime. Others may think that iris or retinal systems can harm their eyes, despite clear evidence to the contrary. Therefore, it is necessary to educate users about why the system was introduced and how it could be beneficial to them [29]. The study also examined the age of participants based on their opinions on the usage of biometric technologies. The majority of respondents were aged between 31 and 40 with 51.3%. This distribution means that most of respondents will have either grown up with technology from an early age or been early adopters of new technologies.
Overall, the findings of the study indicated that perceived usefulness (PU) was the highest forecaster of user attitudes to the usage of biometric technology. This outcome is consistent with a number of other studies that demonstrate PU as one of the strongest predictors of attitude and confirms importance to explain the users’ attitude towards event biometric technology.
However, the study has some limitations concerning the scope of the study. The survey participants consisted of two institutions within a limited geographical province of the northern part of Uganda, limiting the regional diversity. A future study could extend the spatial reach by surveying users’ perception to the usage of biometric technology applications across all regions of the Uganda or East African Community (EAC) member states or even globally. Furthermore, the vast majority of the study’s participants were male (66.7%). While still offering valuable insights, the study could have benefitted from a better male/female balance. Another limitation of this investigation is the data collection method. While the responses were collected from both students, staffs and employees of the institution, this study did not compare the demographic profile of each group before combining data. In reality, staffs and students of the institution might have different characteristics. Thus, it would be worthwhile if future research compares staffs and students’ profiles or focuses on one population. Furthermore, the study neglected to ask the non-user unwillingness to use biometric technology any open-ended questions. Future research could delve into the non-user unwillingness for rejecting the usage of biometric technology application by asking an open-ended “why?” questions. This study only included three variables (e.g., perceived usefulness, perceived ease of use, and perceived enjoyment) as pre-cursors of attitude. In addition, the finding indicated that attitude is a significant predictor of satisfaction in the usage of biometric application. Thus, future studies could incorporate more variables that might contribute to the variance in attitude and satisfaction (e.g., prior experience) into the current model. Future work in this area would further develop a deeper understanding of the experiences and perceptions of biometrics technologies amongst the general public. This could be achieved by larger more representative samples, and cover wider ranges of biometrics and related technologies which we were unable to address in this article. There are other limitations which could also form the basis for future work in this area to transcend the work conducted here. Notably, the conceptual framework should be tested on other samples and on samples as representative as possible of the whole population in order to see if all hypotheses postulated can be verified. In addition, it would also be appealing to examine the motivations of public and private organizations, their perceived risks in the implementation of biometrics, and the effects of private companies or public bodies in enabling this process (e.g., e-government initiatives such as e-passport).
The survey results, also indicated that same applicant may be reluctant to move to the biometric application system. However, they seemed eager to admit the application technology when requiring the biometric permit from the migration office. Those who have accepted biometric application are pleased with the relative ease of use, convenience, and increased security offered. Raising awareness and overcoming goals such as privacy and data safety issues will help promote wider acceptance of the technology. As their comfort level with using the biometric application in the regional Centre’s increases, they may be more eager to welcome the system when processing the permit. Many users probably do recognize the value of the biometric application to them. Study results indicated that users were not totally convinced that biometric application could speed up the process of the permit and congestion in the waiting stages. User education is probably critical in accelerating individual acceptance of the application. This survey has revealed some strategies (i.e., Quick application, free status checks, notification SMS for security purpose). However, extra investigation is required to determine strategies that will cause users to use the application on a frequent basis.
The study suggests that the greatest benefit to users who use the application systems will be increased privacy and security, easy permit process time and SMS notification for violation of the personal data. Users will not face the danger of having their data be compromised or stolen and used by someone else. Since any attempt by the user’s information, will notify the user immediately and he/she can report the incidence to police to make a follow up. However, this benefit evaporates if only users use strong authentication character during the process of creating their user accounts. Users would still have to remember their credential for checking the status of their permit. It will probably take a wider implementation by many users to insure this promised benefit for all. The study further, proposed encoding methods as the most favorable tactic of protecting the biometric data application, because the encryption produced two encoded files (byte and text file) to securely protect data where no one else has access. These files are incorporated with Twilio message. The message is auto-generated directly from the application database, to alert users in circumstances where an attacker tries to access the application database. The text message is one of the security mechanisms successfully implemented. It helps inform the users and the authority, how secure and safe the individual biometric data application.
Since there is little research conducted concerning biometric passport application for end-users, the area provides a means of opportunities for further research. For example, can users identify who the intruder when data is compromised? Can they have privilege to deny access when the data are used for another purpose other than to purpose required for? Can the same application be utilized to detect when employees arrive or leave? There will likely be many possible uses, and users will need research data that will help make the decision on or not to implement the application. Researchers need to determine how much privacy users are eager to bounce up for faster service and more security. Until these privacy footraces are overcome, biometrics application may have a hard time getting a position in most database storage. Further, significantly, do users perceive greater benefits? Users need to be persuaded that the application knowledges offer extra rewards than current application systems. The study, therefore, recommended that, greatest practices are required for the strategy and growth of biometric application and the procedures for their action. Secondly, social, legal, and cultural factors can affect the acceptance and effectiveness of biometric application systems and must be taken into justification in application design, development, and deployment. Ideas of proof related to biometric application authentication must be built on solid, peer-reviewed trainings of system accuracy under many conditions and for many persons reflecting real-world sources of error and uncertainty in those mechanisms. Companies will need to assure potential users that their data is safe, using methods such as high-level encryption and hardened data Centre’s, and aggressively promote these features. An increase in testing and input from end-users in the design phase may also help to raise awareness and make the transition from knowledge-based to biometric security easier. This is particularly significant in how it relates to making the application easy to use, learn, and rely on. There should be a need for law-making to guard in contrast to the robbery or deceitful usage of biometric application systems and biometric data. Since governments are both major producers and utilizers of citizen identity data, as public authorities, they have a responsibility to guard the secrecy of those they represent. They use biometrics to provide efficient and secure access to citizen services, through reliable identification of individuals. The public sector is currently the main marketplace for biometric applications worldwide, such as identity cards, social benefits, immigration and border control, or e-voting. They are typically bound by the same privacy laws as private sector organizations. If anything, they face a greater degree of scrutiny from regulatory bodies such as Data Privacy Commissions, not only for the vast amount of individual data to which they have access, but also to fears of a “surveillance state”.
In this paper, user’s embracing and gratification of biometric application deployment is explained. The findings indicated that users have the willingness and high acceptability in using the biometric application, but they have worries relating to the biometric data infringement, such as selling of individual data to 3rd parties, misuse or abuse of individual data and identity fraud. The proposed encryption algorithm helped build users’ confidence. The encryption encoded user’s biometric data kept in the database and other roles in the application. User biometric data application in the storage is highly secured and protected with Twilio SMS. And prevented individual data from been compromised by an impostor, hence higher security of individual privacy data. The application will help users to understand the process of applying online. It has capabilities of conducting fraudster inquiry based on personal data, retrieval and dissemination of security information. This study will help designers to solve security-usability-privacy trade-offs when designing biometric technology application features.
The authors would like to acknowledge Nelson Mandela African Institution of Science and Technology, Arusha-Tanzania. Muni University Arua-Uganda, and Hamitech Computer Centre Limited for the financial support and research resources.
1.Biometrics and Fraud: You’re One in 7 Billion. 2019. Available from: http://www.paymentscardsandmobile.com/biometrics-and-fraud-youre-one-in-7-billion [Accessed: May 01, 2020]
2.BBC. Banks Turning to Voice Recognition. 2016. Available from: http://www.bbc.co.uk/news/business-36939709 [Accessed: February 19, 2019]
3.Bank Customers to Use Biometrics by 2021: Goode Intelligence. 2018. Available from: https://findbiometrics.com/bank-customers-biometrics-2021-goode-intelligence-509244 [Accessed: May 02, 2020]
4.Buckley O, Nurse JRC. The language of biometrics: Analysing public perceptions. Journal of Information Security and Applications. 2019;47:112-119. DOI: 10.1016/j.jisa.2019.05.001
5.Namiti A, Ondiek DCO. Adoption of biometric system to manage teachers absenteeism for improvement of teachers performance: A case study for Karuri High School in Kiambu County, Kenya. International Journal of Scientific and Research Publications. 2020;10(05):434-445. DOI: 10.29322/ijsrp.10.05.2020.p10150
6.Mwapasa M et al. ‘Are we getting the biometric bioethics right?’—The use of biometrics within the healthcare system in Malawi. Global Bioethics. 2020;31(1):67-80. DOI: 10.1080/11287462.2020.1773063
7.Singh B, Singh N. A mobile app to make biometrics usage more secure. Tech Powered by IEEE. 2020;5(42):1-29
8.El-Abed M, Giot R, Hemery B, Rosenberger C. A study of users’ acceptance and satisfaction of biometric systems. In: 44th Annual 2010 IEEE International Carnahan Conference on Security Technology. French: HAL Open science; Vol. 2010. pp. 170-178
9.Habibu T, Luhanga ET, Sam AE. Evaluation of users’ knowledge and concerns of biometric passport systems. Data. 2019;4(April):1-17. DOI: 10.3390/data4020058
10.Zirjawi N. A survey about user requirements for biometric authentication on smartphones. IEEE. 2015;2(12):1-6
11.Cornacchia M, Papa F, Sapio B. User acceptance of voice biometrics in managing the physical access to a secure area of an international airport. Technology Analysis & Strategic Management. 2020;32(10);1-15. DOI: 10.1080/09537325.2020.1758655
12.Chhabra V, Rajan P, Chopra S. User acceptance of new technology in mandatory adoption scenario for food distribution in India. International Journal on Food System Dynamics. 2020;11(2):153-170. DOI: 10.18461/ijfsd.v11i2.47
13.Habibu T, Luhanga ET, Sam AE. Developing an algorithm for securing the biometric data template in the database. International Journal of Advanced Computer Science and Applications. 2019;10(10):361-371
14.Emami C, Brown DR, Smith DRG. Use and acceptance of biometric technologies among victims of identity crime and misuse in Australia. Trends and Issues in Crime and Criminal Justice. 2016;10(511):1-6
15.Chandra A, Calderon T. Challenges and constraints to the diffusion of biometrics in information systems. Communications of the ACM. 2005;48(12):101-106
16.Jin CC, Seong LC, Khin AA. Factors affecting the consumer acceptance towards Fintech products and Services in Malaysia. International Journal of Asian Social Science. 2019;9(1):59-65. DOI: 10.18488/journal.1.2019.91.59.65
17.Dhagarra D, Goswami M, Kumar G. Impact of trust and privacy concerns on technology acceptance in healthcare: An Indian perspective. International Journal of Medical Informatics. 2020;141(February):104164. DOI: 10.1016/j.ijmedinf.2020.104164
18.Miltgen CL, Popovič A, Oliveira T. Determinants of end-user acceptance of biometrics: Integrating the ‘Big 3′ of technology acceptance with privacy context. Decision Support Systems. 2013;56:103-114
19.Pai CK, Wang TW, Chen SH, Cai KY. Empirical study on Chinese tourists’ perceived trust and intention to use biometric technology. Asia Pacific Journal of Tourism Research. 2018;23(9):880-895. DOI: 10.1080/10941665.2018.1499544
20.Thongsri N, Shen L, Bao Y. Investigating academic major differences in perception of computer self-efficacy and intention toward e-learning adoption in China. Innovations in Education and Teaching International. 2019;00(00):1-13. DOI: 10.1080/14703297.2019.1585904
21.Chien S-Y, Lewis M, Hergeth S, Semnani-Azad Z, Sycara K. Cross-country validation of a cultural scale in measuring trust in automation. Proceedings of the Human Factors and Ergonomics Society Annual Meeting. 2015;59(1):686-690
22.Carpenter D, McLeod A, Hicks C, Maasberg M. Privacy and biometrics: An empirical examination of employee concerns. Information Systems Frontiers. 2018;20(1):91-110
23.Jones LA, Antón AI, Earp JB. Towards understanding user perceptions of authentication technologies. WPES ‘07: Proceedings of the 2007 ACM Workshop on Privacy in Electronic Society. 2007;13(6):91-98. DOI: 10.1145/1314333.1314352
24.Shalabh K. Chapter 4 stratified sampling. In: Stratif. Sampl. Helvetic Editions LTD. Switzerland: International Journal of Academic Research in Management (IJARM); 2014. pp. 1-27. Available from: http://home.iitk.ac.in/~shalab/sampling/chapter4-sampling-stratified-sampling.pdf
25.Elliott SJ, Massie SA, Sutton MJ. The perception of biometric technology: A survey. In: 2007 IEEE Workshop on Automatic Identification Advanced Technologies. Alghero, Italy: IEEE; Vol. 2007. pp. 259-264
26.El-Abed M, Giot R, Hemery B, Rosenberger C. A study of users’ acceptance and satisfaction of biometric systems. Proceedings—International Carnahan Conference on Security Technology. 2010;36(99):469-476. DOI: 10.1109/CCST.2010.5678678
27.Wilson C et al. Fingerprint vendor technology evaluation 2003: Summary of results and analysis report. NIST Interagency/Internal Report (NISTIR). 2004;7123:1-79
28.Habibu T, Luhanga ET, Sam AE. A study of users’ compliance and satisfied utilization of biometric application system. Information Security Journal. 2020;30(3):125-138. DOI: 10.1080/19393555.2020.1813354
29.Bustard J. The impact of EU privacy legislation on biometric system deployment: Protecting citizens but constraining applications. IEEE Signal Processing Magazine. 2015;32(5):101-108. DOI: 10.1109/MSP.2015.2426682
Written By
Taban Habibu, Edith Talina Luhanga and Anael Elikana Sam
Open access peer-reviewed chapter
