Empower individuals to control their biometric data

Issue 1 2025 Information Security, Access Control & Identity Management, Security Services & Risk Management

What if your face, fingerprint, or iris was your greatest vulnerability in a cyberattack? All those parts of you that are most unique and private are now embedded in our devices, workplaces, and airports, promising seamless access and enhanced security, but there is a dark side to this convenience; the fear of knowing where biometric data is stored and how it is used, and cybercriminals have seized on this.

Attracted by these potential loopholes, they are questioning the security and integrity of our data storage. Trust in biometrics is being eroded as individuals worry that their sensitive information is being stored in cloud environments that are vulnerable to breaches and misuse. To address these concerns, the future of biometric access security needs to drive action for change on an economy-wide scale.

Why the cloud is a concern

The rise of cloud-based systems has accelerated the adoption of biometric solutions. By storing large amounts of data remotely, cloud platforms allow for scalability and easier system updates. However, high-profile data breaches and unauthorised access to personal information have fuelled public scepticism. Deloitte’s 2023 ‘Customer data privacy and security’ survey found that 67% of consumers fear their biometric data could be misused if stored in the cloud, and this concern is particularly acute in regions with strict privacy laws, such as the European Union under the General Data Protection Regulation (GDPR).

Geopolitical tensions also increase the risks. Critical environments such as airports, military installations, and nuclear power plants cannot afford vulnerabilities in their access systems. In fact, they are a goldmine for hackers. They can intercept valuable biometric data and commit serious crimes such as rigging elections, spying on hostile nations, usurping identities, or sabotaging sensitive systems and areas. These are irreversible actions with potentially dramatic consequences.

Moving to localised storage

Biometric systems that prioritise edge computing offer a solution. Instead of sending data to the cloud, biometric information is processed and stored locally on secure devices or smart cards. These systems eliminate the need to transmit data over networks, dramatically reducing the risk of potential hacking.

For example, smart cards embedded with biometric data allow users to authenticate their identity without needing to interact with the cloud. This decentralised approach enhances privacy as the data remains under the control of the user and is less likely to fall prey to cyberattacks. It also complies with ethical and legal frameworks by giving users autonomy over their personal information.

Strategically securing high priority environments

Industries that handle sensitive materials or information – such as pharmaceuticals, energy, and defence – demand the highest levels of access security. Traditional access systems, such as swipe cards or PIN codes, are not enough to prevent unauthorised access. Biometrics offers a reliable alternative to the strategy adopted by these high-risk industries, but only if it is implemented without introducing new vulnerabilities.

Some organisations have already deployed on-premises biometric solutions that process data in a closed environment, ensuring that sensitive information never leaves the facility. For example, nuclear power plants are increasingly using locally stored multimodal biometric systems (e.g., combining fingerprint and iris scans) to strengthen access controls.

Similarly, the military and financial institutions are adopting innovative technologies such as the use of biometric smart cards; personal data is stored exclusively on the card itself, without recourse to the cloud or external servers. This not only reduces the risk of data leakage, but also ensures strict compliance with the RGPD by guaranteeing secure, local management of personal data.

Challenges and the way forward

Despite its benefits, localised biometric security faces challenges, especially as local devices must be robust enough to prevent tampering and cyber intrusions.

To overcome these hurdles, manufacturers are investing in advanced encryption techniques and tamper-resistant hardware. The use of biometric templates —mathematical representations of biometric data rather than raw images — also mitigates risks. These templates cannot be reverse engineered into the original data, further protecting users’ privacy.

Looking ahead, biometric systems will need to balance convenience, security, and ethical responsibility. By moving away from cloud dependency, organisations can rebuild public trust while securing critical environments.

Eventually, to fully realise the potential of localised biometric systems, the industry must come together to establish standards and best practices. This is not just a technological shift, but an ethical and strategic imperative to rebuild trust and safeguard critical environments.

The future of access security lies not in centralised technologies such as the cloud, but in empowering individuals to control their own data. The question is not whether industries can adapt to this ethical evolution, but how quickly they will embrace this shift.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cybersecurity needs actual intelligence before artificial intelligence
Information Security AI & Data Analytics
Cybersecurity depends on interpretation. A tool can tell you that something unusual has happened, but people need to determine whether it is a genuine risk, the business impact, and how to respond without causing unnecessary disruption.

Read more...
Duxbury Cybersecurity sharpens reseller offering
Duxbury Networking Information Security News & Events
Duxbury Networking has strengthened its Duxbury Cybersecurity business unit by adding WatchGuard and Cynet, giving South African resellers broader, more integrated coverage for the security risks customers are now asking them to address.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
NEC XON detects and stops ransomware attack
NEC XON Information Security IoT & Automation
Ransomware attacks rarely begin with chaos. More often, they start quietly, with probing, mapping, and patient reconnaissance inside a target’s network. That was the situation facing a global recruitment firm when cybercriminals attempted to navigate its systems.

Read more...
Next-generation cash-in-transit vehicle
News & Events Security Services & Risk Management
Fidelity Services Group has unveiled a new, purpose-engineered Cash-in-Transit (CIT) vehicle designed to redefine crew protection, deter threats, and enhance operational resilience in an increasingly complex criminal environment.

Read more...
Sara AI Pentesting available in South Africa
Information Security News & Events
Synack and Wolfpack Information Risk are offering Sara AI Pentesting to organisations across South Africa, helping companies move from point-in-time testing to continuous security validation with AI and human expertise.

Read more...
Sophos establishes South African legal entity to strengthen local operations
News & Events Information Security
Global cybersecurity company, Sophos, has announced the formation of its local legal entity, which will support local invoicing, partner enablement, compliance requirements and expanded regional investment.

Read more...
AURA partners with Discovery to launch Discovery 911
News & Events Security Services & Risk Management
AURA has announced a partnership with Discovery Insure to power the security-response component of its new Discovery 911 virtual panic-button offering, which is available through the Discovery Insure app.

Read more...
Cybersecurity in a digitally connected security industry
SA Technologies Information Security IoT & Automation
As more organisations move towards digital visitor management, cloud-based access control, mobile applications, biometric verification, and connected security platforms, cybersecurity must be viewed as part of the full security environment.

Read more...
Enterprises must prepare for digital conflict
Information Security
Cyberattacks can be launched remotely and at scale. A coordinated attack launched from anywhere in the world can disrupt supply chains, shut down utilities, or expose millions of customer records within minutes.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.