About Biometrics
Biometric authentication uses physiological or behavioral characteristics — such as fingerprints, iris, face, or voice — to verify or establish a person's identity, and is increasingly central to security, government, and commercial applications.
In our global information society, there is an ever-growing need to authenticate individuals. Biometrics-based authentication is emerging as a reliable method that can overcome some of the limitations of traditional automatic personal identification technologies. Automated biometrics deal with physiological and/or behavioral characteristics, such as a fingerprint, signature, palm print, iris, hand, voice, or face, which can be used to authenticate a person's claim to a certain identity or establish a person's identity from a large database. With the rapid progress made in electronics and Internet commerce, and the increased emphasis on security, there is a growing need for secure transaction processing using biometrics technology.
Biometrics is expected to be incorporated in solutions for Homeland Security, including applications for improving airport security, strengthening national borders, and in travel documents, visas, and preventing ID theft. Now, more than ever, there is a wide range of interest in biometrics across federal, state, and local governments. Congressional offices and a large number of organizations across many markets are addressing the important role that biometrics will play in identifying and verifying individuals and protecting national assets.
There are many needs for biometrics beyond Homeland Security. Enterprise-wide network security infrastructures, secure electronic banking, investing and other financial transactions, retail sales, law enforcement, and health and social services are already benefiting from these technologies. A range of new applications can be found in such diverse environments as amusement parks, banks, credit unions and other financial organizations, enterprise and government networks, passport programs and driver's licenses, colleges, physical access to multiple facilities (e.g., nightclubs), and school lunch programs.
Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristic. Among the features measured are face, fingerprints, hand geometry, handwriting, iris, retina, vein, and voice. Biometric technologies are becoming the foundation of an extensive array of highly secure identification and personal verification solutions. As the level of security breaches and transaction fraud increases, the need for highly secure identification and personal verification technologies becomes ever more apparent.
Biometric-based solutions can provide confidential financial transactions and personal data privacy. The need for biometrics can be found in federal, state, and local governments, in the military, and in commercial applications. Enterprise-wide network security infrastructures, government IDs, secure electronic banking, investing and other financial transactions, retail sales, law enforcement, and health and social services are already benefiting from these technologies.
To elaborate on this definition, physiological biometrics are based on measurements and data derived from direct measurement of a part of the human body. Fingerprint, iris scan, retina scan, hand geometry, and facial recognition are leading physiological biometrics.
Behavioral characteristics are based on an action taken by a person. Behavioral biometrics, in turn, are based on measurements and data derived from an action, and indirectly measure characteristics of the human body. Voice recognition, keystroke scan, and signature scan are leading behavioral biometric technologies. One of the defining characteristics of a behavioral biometric is the incorporation of time as a metric — the measured behavior has a beginning, middle, and end.
A biometric system is essentially a pattern recognition system which makes a personal identification by determining the authenticity of a specific physiological or behavioral characteristic possessed by the user. An important issue in designing a practical system is determining how an individual is identified. Depending on the context, a biometric system can be either a verification (authentication) system or an identification system.
There are two different ways to resolve a person's identity: verification and identification. Verification ("Am I whom I claim to be?") involves confirming or denying a person's claimed identity. In identification, one has to establish a person's identity ("Who am I?"). Each of these approaches has its own complexities and could probably be solved best by a particular biometric system.
In day-to-day life, most people with whom you do business verify your identity. You claim to be someone (your claimed identity) and then provide proof to back up your claim. For encounters with friends and family, there is no need to claim an identity. Instead, those familiar to you identify you, determining your identity upon seeing your face or hearing your voice.
These two examples illustrate the difference between the two primary uses of biometrics: identification and verification.
Identification (1:N, one-to-many, recognition) — The process of determining a person's identity by performing matches against multiple biometric templates. Identification systems are designed to determine identity based solely on biometric information. There are two types of identification systems: positive identification and negative identification. Positive identification systems are designed to find a match for a user's biometric information in a database of biometric information.
Positive identification answers "Who am I?," although the response is not necessarily a name — it could be an employee ID or another unique identifier. A typical positive identification system would be a prison release program where users do not enter an ID number or use a card, but simply look at an iris capture device and are identified from an inmate database. Negative identification systems search databases in the same fashion, comparing one template against many, but are designed to ensure that a person is not already present in a database. This prevents people from enrolling twice in a system, and is often used in large-scale public benefits programs in which users might otherwise enroll multiple times to gain benefits under different names.
Not all identification systems are based on determining a username or ID. Some systems are designed to determine whether a user is a member of a particular category. For instance, an airport may have a database of known terrorists with no knowledge of their actual identities. In this case the system would return a match, but no knowledge of the person's identity is involved.
Verification (1:1, matching, authentication) — The process of establishing the validity of a claimed identity by comparing a verification template to an enrollment template. Verification requires that an identity be claimed, after which the individual's enrollment template is located and compared with the verification template. Verification answers the question "Am I who I claim to be?" Some verification systems perform very limited searches against multiple enrollee records. For example, a user with three enrolled fingerprint templates may be able to place any of the three fingers to verify, and the system performs 1:1 matches against the user's enrolled templates until a match is found. There is also a middle ground between identification and verification referred to as one-to-few (1:few). This type of application involves identification of a user from a very small database of enrollees. While there is no exact number that differentiates a 1:N from a 1:few system, any system involving a search of more than 500 records is likely to be classified as 1:N. A typical use of a 1:few system would be access control to sensitive rooms at a 50-employee company, where users place their finger on a device and are located from a small database.
Biometrics is a rapidly evolving technology that is being widely used in forensics, such as criminal identification and prison security, and has the potential to be used across a large range of civilian application areas. Biometrics can be used to prevent unauthorized access to ATMs, cellular phones, smart cards, desktop PCs, workstations, and computer networks. It can be used during transactions conducted via telephone and internet (electronic commerce and electronic banking). In automobiles, biometrics can replace keys with keyless entry devices.
The primary biometric disciplines include the following:
- Fingerprint (optical, silicon, ultrasound, touchless)
- Facial recognition (optical and thermal)
- Voice recognition (not to be confused with speech recognition)
- Iris scan
- Retina scan
- Hand geometry
- Signature scan
- Keystroke scan
- Palm scan (forensic use only)
Disciplines with reduced commercial viability or still in exploratory stages include:
- DNA
- Ear shape
- Odor (human scent)
- Vein scan (back of hand or beneath palm)
- Finger geometry (shape and structure of finger or fingers)
- Nailbed identification (ridges in fingernails)
- Gait recognition (manner of walking)
Biometric systems convert data derived from behavioral or physiological characteristics into templates, which are used for subsequent matching. This is a multi-stage process, described below.
Enrollment — The process whereby a user's initial biometric sample or samples are collected, assessed, processed, and stored for ongoing use in a biometric system. Enrollment takes place in both 1:1 and 1:N systems. If users experience problems with a biometric system, they may need to re-enroll to gather higher quality data.
Submission — The process whereby a user provides behavioral or physiological data in the form of biometric samples to a biometric system. A submission may require looking in the direction of a camera or placing a finger on a platen. Depending on the biometric system, a user may have to remove eyeglasses, remain still for a number of seconds, or recite a pass phrase in order to provide a biometric sample.
Acquisition device — The hardware used to acquire biometric samples. The following acquisition devices are associated with each biometric technology:
| Technology | Acquisition Device |
| Fingerprint | Desktop peripheral, PCMCIA card, mouse, chip or reader embedded in keyboard |
| Voice recognition | Microphone, telephone |
| Facial recognition | Video camera, PC camera, single-image camera |
| Iris scan | Infrared-enabled video camera, PC camera |
| Retina scan | Proprietary desktop or wall-mountable unit |
| Hand geometry | Proprietary wall-mounted unit |
| Signature scan | Signature tablet, motion-sensitive stylus |
| Keystroke scan | Keyboard or keypad |
Biometric sample — The identifiable, unprocessed image or recording of a physiological or behavioral characteristic, acquired during submission, used to generate biometric templates. Also referred to as biometric data. The following sample types are associated with each biometric technology:
| Technology | Biometric Sample |
| Fingerprint | Fingerprint image |
| Voice recognition | Voice recording |
| Facial recognition | Facial image |
| Iris scan | Iris image |
| Retina scan | Retina image |
| Hand geometry | 3-D image of top and sides of hand and fingers |
| Signature scan | Image of signature and record of related dynamics measurements |
| Keystroke scan | Recording of characters typed and record of related dynamics measurements |
Feature extraction — The automated process of locating and encoding distinctive characteristics from a biometric sample in order to generate a template. The feature extraction process may include various degrees of image or sample processing in order to locate a sufficient amount of accurate data. For example, voice recognition technologies can filter out certain frequencies and patterns, and fingerprint technologies can thin the ridges present in a fingerprint image to the width of a single pixel. Furthermore, if the sample provided is inadequate to perform feature extraction, the biometric system will generally instruct the user to provide another sample, often with some type of advice or feedback. The manner in which biometric systems extract features is a closely guarded secret and varies from vendor to vendor. Common physiological and behavioral characteristics used in feature extraction include the following:
| Technology | Feature Extracted |
| Fingerprint | Location and direction of ridge endings and bifurcations on fingerprint |
| Voice recognition | Frequency, cadence, and duration of vocal pattern |
| Facial recognition | Relative position and shape of nose, position of cheekbones |
| Iris scan | Furrows and striations in iris |
| Retina scan | Blood vessel patterns on retina |
| Hand scan | Height and width of bones and joints in hands and fingers |
| Signature scan | Speed, stroke order, pressure, and appearance of signature |
| Keystroke scan | Keyed sequence, duration between characters |
Template — A comparatively small but highly distinctive file derived from the features of a user's biometric sample or samples, used to perform biometric matches. A template is created after a biometric algorithm locates features in a biometric sample. The concept of the template is one of biometric technology's defining elements, although not all biometric systems use templates to perform biometric matching: some voice recognition systems utilize the original sample to perform a comparison. Depending on when they are generated, templates can be referred to as enrollment templates or verification templates. Enrollment templates are created upon the user's initial interaction with a biometric system and are stored for use in future biometric comparisons. Verification templates are generated during subsequent verification attempts, compared to the stored template, and generally discarded after the comparison. Multiple samples may be used to generate an enrollment template — facial recognition, for example, will utilize several facial images to generate an enrollment template. Verification templates are normally derived from a single sample — a template derived from a single facial image can be compared to the enrollment template to determine the degree of similarity.
Just as the feature extraction process is a closely held secret, the manner in which information is organized and stored in the template is proprietary to biometric vendors. Biometric templates are not interoperable — a template generated by vendor A's fingerprint system cannot be compared to a template generated by vendor B's fingerprint system. Biometric decision-making is frequently misunderstood. For the vast majority of technologies and systems, there is no such thing as a 100% match, though systems can provide a very high degree of certainty. The biometric decision-making process is comprised of various components, as indicated below.
Matching — The comparison of biometric templates to determine their degree of similarity or correlation. A match attempt results in a score that, in most systems, is compared against a threshold. If the score exceeds the threshold, the result is a match; if the score falls below the threshold, the result is a non-match.
Biometric comparisons take place when proprietary algorithms process biometric templates. These algorithms manipulate the data contained in the template in order to make valid comparisons, accounting for variations in placement, background noise, etc. Without the vendor's algorithm, there is no way to compare biometric templates — comparing the bits that comprise the templates does not indicate whether they came from the same user. The bits must be processed by the vendor's algorithm as a precondition of comparison.
The matching process involves comparing the match template, created upon sample submission, with the reference template(s) already on file. In 1:1 verification systems, there is generally a single match template matched against a reference template. In 1:N identification systems, the single match template can be matched against dozens, thousands, or even millions of reference templates.
In most systems, reference and match templates should never be identical. An identical match is an indicator that some sort of fraud is taking place, such as the resubmission of an intercepted or otherwise compromised template.
Score — A number indicating the degree of similarity or correlation of a biometric match. Traditional verification methods — passwords, PINs, keys, and tokens — are binary, offering only a strict yes/no response. This is not the case with most biometric systems. Nearly all biometric systems are based on matching algorithms that generate a score following a match attempt. This score represents the degree of correlation between the match template and the reference template. There is no standard scale used for biometric scoring: some vendors might use a scale of 1-100, others might use a scale of -1 to 1; some vendors may use a logarithmic scale and others a linear scale. Regardless of the scale employed, this verification score is compared to the system's threshold to determine how successful a verification attempt has been.
Incidentally, many systems return a score during enrollment, referred to as an enrollment score or quality score. This score refers to how successful the extraction process was at finding distinctive features in the biometric sample. If the sample was rich in information, there will likely be a high enrollment score. This score is not used in the matching process, but might be used to determine whether a user can enroll successfully. A low quality score may indicate that the user cannot be reliably verified.
Threshold — A predefined number, often controlled by a biometric system administrator, which establishes the degree of correlation necessary for a comparison to be deemed a match. If the score resulting from template comparison exceeds the threshold, the templates are a "match" (though the templates themselves are not identical).
When a biometric system is set to low security, the threshold for a successful match is more forgiving than when the system is set to high security.
Decision — The result of the comparison between the score and the threshold. The decisions a biometric system can make include match, non-match, and inconclusive, although varying degrees of strong matches and non-matches are possible. Depending on the type of biometric system deployed, a match might grant access to resources, a non-match might restrict access to resources, while an inconclusive result may prompt the user to provide another sample.
One of the most interesting facts about most biometric technologies is that unique biometric templates are generated every time a user interacts with a biometric system. For example, two immediately successive placements of a finger on a biometric device generate entirely different templates. These templates, when processed by a vendor's algorithm, are recognizable as coming from the same person, but are not identical. In theory, a user could place the same finger on a biometric device for years and never generate an identical template.
Therefore, for most technologies, there is simply no such thing as a 100% match. This does not mean the systems are not secure — biometric systems may be able to verify identity with error rates of less than 1/100,000 or 1/1,000,000. However, claims of 100% accuracy are misleading and do not reflect the technology's basic operation.
For employers
- Reduced costs — password maintenance
- Reduced costs — no buddy punching
- Increased security — no shared or compromised passwords
- Increased security — deters and detects fraudulent account access
- Increased security — no badge sharing in secure areas
- Competitive advantage — familiarity with advanced technology
For employees
- Convenience — no passwords to remember or reset
- Convenience — faster login
- Security — confidential files can be stored securely
- Non-repudiation — biometric transactions are difficult to refute
For consumers
- Convenience — no passwords to remember or reset
- Security — personal files, including emails, can be secured
- Security — online purchases are safer when secured by biometrics
- Privacy — ability to transact anonymously
For retailers (online and point-of-sale)
- Reduced costs — biometric users are less likely to commit fraud
- Competitive advantage — first to offer a secure transaction method
- Security — account access is much more secure than via password
For public sector usage
- Reduced costs — the strongest way to detect and deter benefits fraud
- Increased trust — reduced entitlement abuse
Are biometric systems difficult to use? Biometrics are much easier to use than one might expect. Here is a brief technology-by-technology summary of how one interacts with biometric systems.
As in all good application design, it is the business process requirements that should drive the design — not the other way around. Similarly, the specific type of biometric chosen — i.e., fingerprints, iris codes, hand geometry, etc. — should reflect the application requirements; the application should not be a slave to an individual biometric methodology.
A successful application development and deployment scenario may follow a path such as:
- Identify the business and operational requirements clearly, together with any current problems and the effect they are having on the situation.
- Develop and agree on a suitable business process that has the potential to significantly improve on the current situation, given the current state of technology.
- Quantify the operational logistics, such as (in an access control context) number of people, time profile / distribution of transactions, type of entry point, target transaction time, environmental considerations, availability and profile of system operators, and so on.
- Analyze the existing situation and processes in order to identify legacy requirements and system interaction — it may be necessary to retain or ensure compatibility with certain existing processes.
- Design a system architecture that accounts for all of the above while remaining open for future development and enhancement.
- Design an operating methodology and user interface that satisfies the above requirements in an intuitive and attractive manner.
- Choose the appropriate front-end technology accordingly (i.e., biometric / biometric and chip card, etc.), ensuring that the biometric methodology is the most suitable for this application.
- Interface the biometric / token technology with your system.
- Thoroughly test and document the system in-house before demonstrating it to the client and agreeing on and documenting any design changes.
- Develop and schedule an operator training programme, together with the provision of system manuals as necessary.
- Install and commission the system after surveying the site and noting relevant conditions, with due consideration for existing systems.
- Hand over the system after ensuring that operators have a comprehensive understanding of the functionality and that all operating data is present and correct.
In the example above, you will notice that the final choice of biometric came relatively far down the list. This parameter should only be considered once the business requirement has been fully understood along with the potential benefit that adopting a biometric system might bring.
In defining the specification required, we should be concerned with perceived ease of use, acceptable transaction time, contingency measures for errors, where the biometric template should be stored, enrollment procedures and logistics, and general compatibility and connectivity issues.
We should also understand the distinction between verification and identification. In short, verification is a straightforward one-to-one check whereby a live biometric sample is compared with a single stored template, giving a simple match or no-match result. Identification is a different matter entirely, as it may involve comparing a live biometric sample against hundreds, thousands, or conceivably even millions of stored templates. The probability of errors multiplies with the number of templates in the database. Currently, there is really only one commercially available product that offers the promise of practical identification from a large database of templates. For most applications, we are probably going to be concerned with biometric verification.
We must also consider where the biometric template (the individual reference derived from taking a biometric sample or series of samples) will be stored. The template might be stored on a token such as a chip card and input into the system by the user prior to verification. This would certainly allow for a large user base, as well as a degree of portability between systems, and would provide for automatic updating of templates if appropriate. Alternatively, templates may be kept on a central database and called via a card swipe or PIN input for comparison. This decision will naturally have an impact on system hardware and configuration — if maintaining a central database, one must be confident about the system host and its communication with the biometric readers, not to mention the usual database maintenance and backup requirements.
While on the subject of hardware, it is worth stressing the importance of understanding the cabling and line termination requirements of different communication protocols. Lack of attention to detail in this area can often result in temperamental performance and perceived intermittent faults that can be difficult to trace subsequently. While this may seem like stating the obvious, it is surprising how often otherwise well-designed systems are tripped up by poor installation practice.
You will have noticed that this discussion has gone a long way without repeating the usual marketing promises about biometrics or dwelling on the familiar debates around false accepts / false rejects, etc. This is deliberate — one can concentrate too much on theoretical individual device performance issues. The performance we should be concerned with is that of the entire system, not individual components. In the real world, theoretical performance may be influenced greatly by other, less quantitative parameters. For example, a badly sited reader that is difficult for individuals to use comfortably will almost certainly result in increased false rejects, even though the system may be functioning properly. Similarly, a lack of training or understanding among both system administrators and regular users will play havoc with anticipated performance. The operational processes, coupled with the perception and attitude of the user, are as much a performance criterion as biometric hardware specifications. These elements, coupled with overall system design and component performance, combine to produce Total System Performance (TSP). It is the TSP that should remain uppermost in mind throughout the development and implementation of the entire project.
To put this into perspective, it would seem rather pointless to have lengthy discussions about the inclined valve angle on a one-litre petrol engine being fitted into a three-ton vehicle — the real questions should be about power-to-weight ratios and what sort of engine is needed to propel this vehicle at the required speed. The same is true of a biometric system. The system must be considered as a whole, together with the business-related objectives for implementing it.
So far, we have discussed some of the issues inherent in a typical systems supplier / client situation. In certain cases, the end user (or retained systems house) may wish to buy the component technology on an OEM basis and develop a custom application according to precise requirements. In the early days of biometrics, this would have been quite difficult with many of the proprietary products available. These days, life is a lot easier for the application development team, as several of the leading device manufacturers have made available a Software Development Kit (SDK) for use with their product. This usually takes the form of a set of DLLs which the developer may call from their application in order to access various functions of the device. This allows the developer to concentrate on the user interface and program logic without having to get too involved with low-level coding detail.
This is certainly a step forward and is to be welcomed. However, it is somewhat device-specific, in the sense that if you decided later to use a different front-end biometric device, you would need to rewrite your application accordingly. This may be acceptable in some instances, but what if you wish to use more than one type of biometric device on your system? This is not unreasonable. You may wish to use a dual biometric for high security reasons, or to use different biometrics in different areas for environmental reasons. This can complicate matters somewhat. It would be nice if there were a universally accepted biometric Application Programming Interface (API) that developers could use to mix biometric methodologies within a single system. In fact, much work has been undertaken in this context, and by the time you read this, at least one such API should be freely available. The question is whether biometric manufacturers will be willing to comply with and support such an initiative. Hopefully they will, but this may take a while to become embedded in biometric culture.
What of the future? There is no doubt that biometric technology is mature and eminently usable across a wide variety of advanced personal ID-related applications. Both systems integrators and end users have a wider choice than ever of front-end biometric components, and it is easier than it has ever been to integrate these components into bespoke systems. Individual unit cost is still relatively high for biometric products, but this too is changing, and several manufacturers are introducing lower-cost OEM modules to the marketplace.
In short, if you have an operational problem that biometrics might solve, there is no reason to sit on the fence any longer — biometrics are alive and well and available off the shelf at a location near you!
Legacy links (no longer active) (2)
- http://biometrics.cse.msu.edu/info.html
- http://www.biometrics.org/introduction_bio.html