Privacy Concerns in Biometric Time Clocks

If you are considering a new Time and Attendance system with biometric Time Clocks, then you or your employees might be concerned about privacy. What if the fingerprint reader stores employees’ fingerprints or the hand reader keeps a copy of the employees’ hands? What if someone gets a hold of the device and extracts this information?

Properly designed biometric time clock should not store any private biometric information which can be retrieved. For example, when HandPunch by Ingersoll Rand reads employees’ hands, it takes series of hand measurements to establish a unique identity of each employee. HandPunch does not store an image, but only a series of numbers. HandPunch cannot recognize fingerprints, tattoos, or other surface details that could be used to invade privacy. Here is an example of what HandPunch stores in its database: 132-140-155-119-136-119-113-122-100. These numbers cannot be used to reproduce a hand image.

Properly designed fingerprint reader, should not store any images of employees’ fingerprint either. For example, Fingerprint Readers by ZK Software, after scanning a fingerprint, identify “core points” in the image; these core points are converted to numerical values (similar to those stored in a HandPunch) and are then saved in the database. These values cannot be converted to an image.