The million people who live in Leon, Mexico are beginning an attempt to secure their city through biometric identification. By using their irises, individuals will be able to prove their identities when they visit hospitals, withdraw money from ATMs, and use it to pay when riding the bus. While many balk at the idea of giving up their fingerprints because of the negative, criminal connotations, they are willing to give up their iris and facial scans as they do not have any, current associations with negative behavior.

Every other means of access (license, credit card, keys, etc) has the potential of being augmented or replaced by iris and face scanning. Get on a bus, pass security on the way into work, pay for a meal, order packages online – all without using anything besides your eye. The Leon project could make this futuristic world appear in just 3 to 5 years.

What these people do not understand is that there are several security and privacy implications involved when giving up biometric information. While biometric identifiers are being pushed more and more into the mainstream, a large argument against them revolves around the fact that individuals have no control of how their information is used or stored. That is a major reason for concern.

If you open a bank account that uses this system and then get a job that uses the same system, the likelihood that these accounts will be connected increases. Both businesses will have access to your records. This could lead to iris spoofing, once hackers determine the algorithms. It may take time to spoof a live eyeball, bit it will, eventually be done.

Another concern is illness, medication, age, and any other factors that could change the general makeup of your eye, even temporarily. You could get pink eye, conjunctivitis, or herpes in your eye. Not only would this change how your eye looks in the next few days or weeks, scarring could permanently change the makeup of your eye. In this case, you could make an appointment to get a new iris scanned, but how do you access your own money and public services in the mean time? What fall backs to identity will there be?

If other countries begin requiring iris scans to enter their country, how do you know that information won’t be misused? If you head to the airport and have a few drinks, how much error correction will be needed to still identify you before you are no longer denied boarding?

If you need to purchase something after having your eyes dilated, would this be possible? Medication can also cause changes in your pupils (http://pupilcheckup.com/). Are you going to be misidentified as a drug user?

Simple aging changes the iris. Getting lasik changes the iris. How long will people be forced to forego public services, purchasing food, and buying other necessities until their “new” iris is recognized?

A larger concern is the push for private uses. If you need an iris scan to log onto a computer, you could, potentially, be denied access to your home or work computer, preventing vital work from being done.

Once this goes international, you will have even less control over how your biometric information will be used. The database containing all your private, life information will be accessible to everyone from hotel staff to medical personnel to a cashier at the supermarket.

If governments are so keen on using biometric information, we need to pressure them to stay within set guidelines and not to erroneously place people on watch lists. If biometric systems must be used, they have to be a benefit and not a hindrance to an individual’s daily life.