A very good observation from Latanya Sweeney in an interview with Scientific American.
Think about it: we leave fingerprints all over the place, just like our SSNs are all over the place. As we use fingerprints to regulate access to more value, the value of collecting fingerprints and faking them will rise.
It won’t be tomorrow or next week, but watch for fingerprint-based identity fraud – if we rely on that biometric too much. DNA has the same quality. Other biometrics, like vein recognition, are neither easy to collect nor to reproduce (though, yes, both of these facts are technology-contingent).
In my book, Identity Crisis, I talked about the qualities of identifiers: fixity, permanence, and distinctiveness. Biometrics like fingerprints and DNA are high on the scale of fixity and permanence, but may drop in reliable distinctiveness with advanced forgery techniques.
The better designed systems will use biometric identifiers that are not only hard to forge, but that are somewhat hard to collect. Biometrics that can only be made available through some volition on the part of the individual will be the most secure.