Biometrics Introduction and Links
Biometrics is the automated measuring of one or more physical characteristics or personal behavioural traits of a person, such as a fingerprint or face, with the aim of being able to distinguish that person from all others.
Why use Biometrics
Verification and identification
Factors for selection
Acceptance and Privacy
Some Biometrics Links
Verification of the identity of an individual by measuring the body dates back to ancient Egypt, when Pharaohs would measure the height of a person to verify their identity. Fingerprinting has been utilised by law enforcement officials for more than a century. Biometrics date back to the late 1960’s and early 1970’s when biometric devices were developed to measure the length of a person’s fingers for identification.
Today, a variety of biometric access control devices are used, some performing more reliably than others. Common biometric devices include:
- Finger Scanning
- Hand Geometry
- Dynamic Signature Verification
- Voice Verification
- Retina Scan
- Iris Scan
- Vascular Patterns
- Facial Geometry
Why use Biometrics
There are many applications (e.g. access to buildings, usage of computers, etc) where there is a need to know who the person is. Biometric technology holds limitless promise in the fields of personal identification and security.
The ability to implement different levels of security based on the accuracy of a submission or the value of the item protected is simply unthinkable in any password or key-based setting.
|The recent reports of laptop PC thefts and losses by government and industry has brought computer security at the forefront of everyone’s mind.|
Typical reasons for implementing biometrics systems are:
- Some areas of the organisation or application require high security.
- Fraud in the current application is, or is feared to be, too high or uncontrollable.
- Current verification methods are too expensive, inconsistent, unreliable or easy to circumvent.
- Passwords are a pain.
|With biometrics you can get both security and convenience. With low-cost fingerprint-authentication devices, users can merely put down a digit and forget about passwords. No matter how scatterbrained a user might be, he or she simply can’t forget his or her fingers.|
The use of Biometric has increased significantly primarily due to the decreasing cost associated with biometric solutions, the speed with which a biometric transaction can be completed, and the non-obtrusive nature of many of the new biometric readers.
One of the major factors is price reduction. Examples of price reduction are evident in most primary biometric technologies: for finger scan, peripheral units which may have cost £500 only 2 years ago are now available for under £100, and the majority of peripheral devices are under £200. The drop in price of peripheral cameras, to as low as £50-£75, has brought facial scan into the range of home use for network login. The across-the-board price reductions come as a result of extensive R&D on the part of biometric vendors, as well as the inexorable march of technology toward the smaller, faster, and less expensive.
|Having objective information on biometric
technologies, and the skills to implement the technology, will become perhaps more valuable than the products themselves.
Until recently, the price of biometric devices stood as a major impediment to their wide-scale implementation. Now that desktop devices are well within the range of even modest corporate budgets, the primary question will go from “Is this affordable?” to “How do I find the best solution for my money?” For many biometric projects hardware costs may be significantly less that those involved in finding exactly which devices will work under particular environmental conditions or network infrastructures, and then getting the devices to work optimally. The actual cost of implementing biometric technologies goes far beyond the basic factors of hardware and software. It includes the back-end processing power, user research, system integration, exception processing, as well as the installation, training, public relations and marketing costs.
Verification and identification
Biometrics can be used in two different modes:
1 Identification of a specific individual from amongst all the individuals enrolled on the system. In order to be identified, a person must submit their biometric sample (e.g., place their finger on the reader or have a camera take their picture). The system searches the entire stored database of biometric templates for a match to this submission. This process can be time consuming as the system must compare the submission to virtually every enrolled template.
2 Verification that the person is who they claim to be. In order to for a person’s identity to be verified, the user must claim an identity before submitting their biometric sample. This can be done in a variety of ways, utilising badges, cards, passwords, PIN numbers, etc. Claiming an identity enables the biometric system to rapidly search its files, find the associated biometric template and match the submitted sample with the retrieved template to verify identity. This process is generally much faster than identification, where the system must compare a submission to many of the enrolled templates to find a match.
Before either identification or verification can take place, a person must be initially “enrolled” into a biometric system. This process usually requires a person to submit their biometric sample a number of times so the system can capture differences in presentation (e.g., a finger print in various positions).
Factors for selection
System reliability, the ability to correctly match a “live” biometric sample to a previously captured sample, is critically important to the success of biometric technology. Like any other form of verification, biometrics are not 100% accurate. However, different types of biometric technology may produce significantly better results dependent upon the application, the environment and other respective variables.
In response to the question “What is the best biometric?” one must immediately qualify the application in mind. For different applications, the ideal biometric will vary.
The table below groups some factors into two headings: User Criteria and Technology Criteria.
|User Criteria – Aspects which relate to the user of the system.||Technology Criteria – Aspects which relate to the technology|
|Effort – How much time and effort is required on the part of the user?||Cost – Cost of hardware capture device|
|Ease of Use – Do people consider biometrics easy or difficult to use?||Data Collection Error Rates -Some biometric measurements are prone to error during the measurement while others produce consistent results from read to read.|
– Do people view biometrics (e,g, finger scan and face geometry) as secure technologies?
How secure are biometrics technology compared to alternatives. Can the technology be cheated (e.g. by using a picture instead of the person’s face)?
– Do people prefer biometrics or traditional authorisation procedures? How comfortable people are using biometrics?
–Technologies may be by operating conditions and personal characteristics (e.g. ageing, injuries).
|Privacy – How biometrics affect one’s personal privacy?||Discrimination
– The performance of some technologies may vary according to the enrolled population size. Uniqueness of attributes measured.
– How intrusive the users perceives the system to be?
– How well the system identifies individuals; the rate of false acceptance (an impostor is accepted as a match) and the rate of false rejects (a legitimate match is denied).
Other factors include security requirements, strategic perspective, availability, popularity, maturity number of suppliers, maintenance requirements and logistics.
|The use of hand geometry as a means of verification is the most popular method used for access control. Hand geometry readers examine the length, width and height of a person’s hand in a 3-D image|
The compressed size of a biometric file was a limiting factor in the past. Biometric files can range from a 9 byte file for hand geometry to a 1,000 byte file used for voice recognition.
Of the many biometric technologies, from voice analysers and eye scanners to hand sniffers, fingerprint identification is the one mature, highly-accurate and legally-accepted technology that has been proven to work for the general population. Traditionally associated with law enforcement, fingerprint identification is now being used successfully to stop welfare fraud, screen job applicants, secure driver’s licenses and control national borders. In the commercial sector, the financial industry is not just test marketing the fingerprint security concept but is working to establish performance and testing standards to ensure that the systems work effectively.
Acceptance and Privacy
A factor causing the popularity of biometrics to increase is the overall acceptance by the general public of biometric techniques for a variety of applications. There will always be individuals who object to biometric technology.
Concerns are often based on privacy issues stemming from the use of biometric information once it is captured. However, a majority of the population seems to be accepting the value associated with a higher form of security verification.
The hysteria and misunderstanding surrounding the use of fingerprints for personal identification is clouding the real issues: What is the cost of not having personal identification security and when are we going to stop paying those costs? Identification fraud is very common and very costly. Credit card and check fraud reportedly costs hundreds of millions of pounds each year. Welfare double-dippers claiming false identities steal from the truly needy at a rate that may exceed £1 billion a year. These staggering costs are largely hidden and are passed along to you and me as higher credit card fees, consumer prices and taxes.
|Biometric authentication has proven to be an effective means of deterring fraud.|
Closer to home, a social security number or even a photo ID card affords little protection against identification fraud. It is not difficult to create false identification documents that enable invasion of financial and medical information and creation of bank accounts and credit cards in someone else’s name, leaving a victim with ruined credit and possibly even criminal charges, to say nothing of the loss of privacy.
Biometric technology, the measurement of a unique characteristic to identify each person as an individual, is an intuitively obvious personal security solution to the identification fraud problem. Security and privacy would be enhanced immeasurably if no one but the true owner could use their credit cards or use their user ID to access personal information.
Biometric devices will continue to improve, becoming even more accurate and reliable as technology evolves. As biometric technologies are more widely accepted, the proliferation of applications should multiply into many phases of our daily activities.
|The facts are that automated fingerprint identification technologies work, the age of real security through positive personal identification is here and we will all be the beneficiaries.|