|
Biometrics are automated methods of recognizing a person based on
a physiological or behavioral characteristic. Among the features
measured are; face,
fingerprint, hand geometry,
iris, retinal,
signature, and voice.
Biometric technologies are becoming the foundation of an extensive
array of highly secure identification and personal verification
solutions. As the level of security breaches and transaction fraud
increases, the need for highly secure identification and personal
verification technologies is becoming apparent.
Biometric-based solutions are able to provide for confidential
financial transactions and personal data privacy. The need for
biometrics can be found in federal, state and local governments, in
the military, and in commercial applications. Enterprise-wide
network security infrastructures, government IDs, secure electronic
banking, investing and other financial transactions, retail sales,
law enforcement, and health and social services are already
benefiting from these technologies.
Biometric-based authentication applications include workstation,
network, and domain access, single sign-on, application logon, data
protection, remote access to resources, transaction security and Web
security. Trust in these electronic transactions is essential to the
healthy growth of the global economy. Utilized alone or integrated
with other technologies such as smart cards, encryption keys and
digital signatures, biometrics are set to pervade nearly all aspects
of the economy and our daily lives. Utilizing biometrics for
personal authentication is becoming convenient and considerably more
accurate than current methods (such as the utilization of passwords
or PINs). This is because biometrics links the event to a particular
individual (a password or token may be used by someone other than
the authorized user), is convenient (nothing to carry or remember),
accurate (it provides for positive authentication), can provide an
audit trail and is becoming socially acceptable and inexpensive.
The security field uses three different types of authentication:
 | Something you know — a password, PIN, or
piece of personal information (such as your mother's maiden
name) |
| Something you have — a card key, smart
card, or token (like a Secure ID card) |
| Something you are — a biometric. |
Of these, a biometric is the most secure and convenient
authentication tool. It can't be borrowed, stolen, or forgotten, and
forging one is practically impossible. (Replacement part surgery, by
the way, is outside the scope of this introduction.)
CHARACTERISTICS
Face recognition analyzes facial
characteristics. It requires a digital camera to develop a facial
image of the user for authentication. This technique has attracted
considerable interest, although many people don't completely
understand its capabilities. Some vendors have made extravagant
claims — which are very difficult, if not impossible, to
substantiate in practice — for facial recognition devices. Because
facial scanning needs an extra peripheral not customarily included
with basic PCs, it is more of a niche market for network
authentication. However, the casino industry has capitalized on this
technology to create a facial database of scam artists for quick
detection by security personnel.
Back to Top
Fingerprint looks at the
patterns found on a fingertip. There are a variety of approaches to
fingerprint verification. Some emulate the traditional police method
of matching minutiae; others use straight pattern-matching devices;
and still others are a bit more unique, including things like
moiréfringe patterns and ultrasonics. Some verification approaches
can detect when a live finger is presented; some cannot.
A greater variety of fingerprint devices is available than for
any other biometric. As the prices of these devices and processing
costs fall, using fingerprints for user verification is gaining
acceptance — despite the common — criminal stigma.
Fingerprint verification may be a good choice for in-house
systems, where you can give users adequate explanation and training,
and where the system operates in a controlled environment. It is not
surprising that the workstation access application area seems to be
based almost exclusively on fingerprints, due to the relatively low
cost, small size, and ease of integration of fingerprint
authentication devices.
Back to Top
Hand Geometry involves
analyzing and measuring the shape of the hand. This biometric offers
a good balance of performance characteristics and is relatively easy
to use. It might be suitable where there are more users or where
users access the system infrequently and are perhaps less
disciplined in their approach to the system.
Accuracy can be very high if desired and flexible performance
tuning and configuration can accommodate a wide range of
applications. Organizations are using hand geometry readers in
various scenarios, including time and attendance recording, where
they have proved extremely popular. Ease of integration into other
systems and processes, coupled with ease of use, makes hand geometry
an obvious first step for many biometric projects.
Back to Top
Iris based biometric, on the
other hand, involves analyzing features found in the colored ring of
tissue that surrounds the pupil. Iris scanning, undoubtedly the less
intrusive of the eye-related biometrics, uses a fairly conventional
camera element and requires no close contact between the user and
the reader. In addition, it has the potential for higher than
average template-matching performance. Iris biometrics work with
glasses in place and is one of the few devices that can work well in
identification mode. Ease of use and system integration have not
traditionally been strong points with iris scanning devices, but you
can expect improvements in these areas as new products emerge.
Back to Top
Retina based biometric
involves analyzing the layer of blood vessels situated at the back
of the eye. An established technology, this technique involves using
a low-intensity light source through an optical coupler to scan the
unique patterns of the retina. Retinal scanning can be quite
accurate but does require the user to look into a receptacle and
focus on a given point. This is not particularly convenient if you
wear glasses or are concerned about having close contact with the
reading device. For these reasons, retinal scanning is not warmly
accepted by all users, even though the technology itself can work
well.
Back to Top
Signature verification
analyzes the way a user signs her name. Signing features such as
speed, velocity, and pressure are as important as the finished
signature's static shape. Signature verification enjoys a synergy
with existing processes that other biometrics do not. People are
used to signatures as a means of transaction-related identity
verification, and most would see nothing unusual in extending this
to encompass biometrics. Signature verification devices are
reasonably accurate in operation and obviously lend themselves to
applications where a signature is an accepted identifier.
Surprisingly, relatively few significant signature applications have
emerged compared with other biometric methodologies. But if your
application fits, it is a technology worth considering.
Back to Top
Voice
authentication is not based on voice recognition but on
voice-to-print authentication, where complex technology transforms
voice into text. Voice biometrics has the most potential for growth,
because it requires no new hardware — most PCs already contain a
microphone. However, poor quality and ambient noise can affect
verification. In addition, the enrollment procedure has often been
more complicated than with other biometrics, leading to the
perception that voice verification is not user friendly. Therefore,
voice authentication software needs improvement. One day, voice may
become an additive technology to finger-scan technology. Because
many people see finger scanning as a higher authentication form,
voice biometrics will most likely be relegated to replacing or
enhancing PINs, passwords, or account names.
By Benson Yeung, Senior Partner
Back to Top 
Information Request Form
|
|
