Empower individuals to control their biometric data

Issue 1 2025 Information Security, Access Control & Identity Management, Security Services & Risk Management

What if your face, fingerprint, or iris was your greatest vulnerability in a cyberattack? All those parts of you that are most unique and private are now embedded in our devices, workplaces, and airports, promising seamless access and enhanced security, but there is a dark side to this convenience; the fear of knowing where biometric data is stored and how it is used, and cybercriminals have seized on this.

Attracted by these potential loopholes, they are questioning the security and integrity of our data storage. Trust in biometrics is being eroded as individuals worry that their sensitive information is being stored in cloud environments that are vulnerable to breaches and misuse. To address these concerns, the future of biometric access security needs to drive action for change on an economy-wide scale.

Why the cloud is a concern

The rise of cloud-based systems has accelerated the adoption of biometric solutions. By storing large amounts of data remotely, cloud platforms allow for scalability and easier system updates. However, high-profile data breaches and unauthorised access to personal information have fuelled public scepticism. Deloitte’s 2023 ‘Customer data privacy and security’ survey found that 67% of consumers fear their biometric data could be misused if stored in the cloud, and this concern is particularly acute in regions with strict privacy laws, such as the European Union under the General Data Protection Regulation (GDPR).

Geopolitical tensions also increase the risks. Critical environments such as airports, military installations, and nuclear power plants cannot afford vulnerabilities in their access systems. In fact, they are a goldmine for hackers. They can intercept valuable biometric data and commit serious crimes such as rigging elections, spying on hostile nations, usurping identities, or sabotaging sensitive systems and areas. These are irreversible actions with potentially dramatic consequences.

Moving to localised storage

Biometric systems that prioritise edge computing offer a solution. Instead of sending data to the cloud, biometric information is processed and stored locally on secure devices or smart cards. These systems eliminate the need to transmit data over networks, dramatically reducing the risk of potential hacking.

For example, smart cards embedded with biometric data allow users to authenticate their identity without needing to interact with the cloud. This decentralised approach enhances privacy as the data remains under the control of the user and is less likely to fall prey to cyberattacks. It also complies with ethical and legal frameworks by giving users autonomy over their personal information.

Strategically securing high priority environments

Industries that handle sensitive materials or information – such as pharmaceuticals, energy, and defence – demand the highest levels of access security. Traditional access systems, such as swipe cards or PIN codes, are not enough to prevent unauthorised access. Biometrics offers a reliable alternative to the strategy adopted by these high-risk industries, but only if it is implemented without introducing new vulnerabilities.

Some organisations have already deployed on-premises biometric solutions that process data in a closed environment, ensuring that sensitive information never leaves the facility. For example, nuclear power plants are increasingly using locally stored multimodal biometric systems (e.g., combining fingerprint and iris scans) to strengthen access controls.

Similarly, the military and financial institutions are adopting innovative technologies such as the use of biometric smart cards; personal data is stored exclusively on the card itself, without recourse to the cloud or external servers. This not only reduces the risk of data leakage, but also ensures strict compliance with the RGPD by guaranteeing secure, local management of personal data.

Challenges and the way forward

Despite its benefits, localised biometric security faces challenges, especially as local devices must be robust enough to prevent tampering and cyber intrusions.

To overcome these hurdles, manufacturers are investing in advanced encryption techniques and tamper-resistant hardware. The use of biometric templates —mathematical representations of biometric data rather than raw images — also mitigates risks. These templates cannot be reverse engineered into the original data, further protecting users’ privacy.

Looking ahead, biometric systems will need to balance convenience, security, and ethical responsibility. By moving away from cloud dependency, organisations can rebuild public trust while securing critical environments.

Eventually, to fully realise the potential of localised biometric systems, the industry must come together to establish standards and best practices. This is not just a technological shift, but an ethical and strategic imperative to rebuild trust and safeguard critical environments.

The future of access security lies not in centralised technologies such as the cloud, but in empowering individuals to control their own data. The question is not whether industries can adapt to this ethical evolution, but how quickly they will embrace this shift.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Managed security solutions for organisations of all sizes
Information Security
Cyberattackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
Multiple IoT devices targeted
Information Security Residential Estate (Industry)
Mirai remains one of the top threats to IoT in 2025 due to widespread exploitation of weak login credentials and unpatched vulnerabilities, enabling large-scale botnets for DDoS attacks, data theft and other malicious activities.

Read more...
SABRIC Annual Crime Statistics 2024
News & Events Security Services & Risk Management Residential Estate (Industry)
SABRIC has released its Annual Crime Statistics for 2024, reflecting a significant decline in financial crime losses, but also warning of the growing threat posed by artificial intelligence (AI) in fraud schemes.

Read more...
Local-first data security is South Africa's new digital fortress
Infrastructure Information Security
With many global conversations taking place about data security and privacy, a distinct and powerful message is emerging from South Africa: the critical importance of a 'local first' approach to data security.

Read more...
Sophos launches advisory services to deliver proactive cybersecurity resilience
Information Security News & Events
Sophos has launched a suite of penetration testing and application security services, designed to identify gaps in organisations’ security programs, which is informed by Sophos X-Ops Threat Intelligence and delivered by world-class experts.

Read more...
SA’s private security industry receives multi-million USD investment
News & Events Security Services & Risk Management
South Africa's private security sector has attracted significant international attention, with the world’s largest tactical flashlight manufacturer, Nextorch, announcing a major investment in its local operations, Nextorch Africa.

Read more...
Kaspersky highlights biometric and signature risks
Information Security News & Events
AI has elevated phishing into a highly personalised threat. Large language models enable attackers to craft convincing emails, messages and websites that mimic legitimate sources, eliminating grammatical errors that once exposed scams.

Read more...
Software security is a team sport
Information Security Infrastructure
Building and maintaining secure software is not a one-team effort; it requires the collective strength and collaboration of security, engineering, and operations teams.

Read more...
Smarter security for safer estate living
neaMetrics Suprema Integrated Solutions Surveillance Access Control & Identity Management Residential Estate (Industry)
The expansion of residential estates has led to many communities being constructed with security as an afterthought. Unfortunately, fencing, cameras, and a guard at the gate only create a false sense of safety, which vanishes after the first incident.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.