Abstract:

Traditional methods based on user IDs and passwords to authenticate identity have given way to more advanced technologies which includes progressive authentication systems, such as biometrics.[1] Initially, the word “biometrics” meant “applying mathematical measurements to biology.”[2] Today, the terms refers to a range of technique and systems that enable machines to recognise individuals with reference to their physical and behavioural attributes including facial, voice patterns, fingerprints, palm prints, structures of the eye (iris or retina), or gait.[3]  The use of biometric recognition facilities is not new in Malaysia.[4] Over the years there has been a marked increase in the adoption of such technology by various private companies and governmental departments, varying from the banking sector to surveillance technologies.[5] Hence, it was not a surprise for Malaysia to deploy facial recognition system to fight crime in one of its States in the country.[6] In spite of substantial efforts to bring about security to the system there remain unaddressed questions about the management of data for biometric recognition. The aim of this paper is threefold.  Section 1 explains the fundamental concepts of biometrics. The following section 2 focuses on some of the existing authentication methods in biometrics with a focus on face recognition. Section 3 examines the adequacy of the current data protection laws in Malaysia to the processing and collecting of data through face recognition.