JP Morgan is now requiring staff to register their biometric date just to access its new Manhattan HQ! If I worked there I would find that deeply concerning.

In recent years we’ve seen so many major data breaches (recent examples include Land Rover, M&S, Discord, Stellantis, and countless others). Unlike a password, YOUR biometric data is not something you can change. If it’s stolen, it’s YOU that’s exposed – permanently.

We all know that biometrics bring real security and convenience; which is why we all use it to unlock our phones, but, those benefits do not outweigh the potentially catastrophic, irreversible risks of storing biometric data centrally. Once it’s compromised, there’s no going back.

The truth is, we don’t need to make this trade-off at all. Technologies like those we’re building at Authentiq8.me use the secure biometric capabilities already on your device — without storing your personal data on corporate servers. You still get frictionless logins and strong protection, but your identity stays with you, where it belongs.

Centralising sensitive biometric data is a step backwards for privacy and security. I know governments are doing it (no, I’m not going down that rabbit hole) but in the Private Sector we need to pause and rethink how identity is managed; and instead build a digital future that’s easy to use, inclusive and safe by design.