ABSTRACT:

This paper discusses theoretical and practical issues related to the use of a biometric-enabled security layer in accounting systems aimed at enhancing user authentication and reducing control risk. Originating in criminology, biometric technology has matured over the years with applications in diverse disciplines. However, its use in business and accounting is still in its infancy, and many issues about its role in information systems security are unresolved. The paper proposes an access decision framework that draws from the strategy and risk assessment literature to model processes where biometrics might be used to reduce control risk. Despite its potential strengths, biometric technology is not a panacea and represents one element in a portfolio of security mechanisms needed to protect information resources. The paper discusses challenges in implementing biometric technology and identifies avenues for future research.