WHAT IS BIOMETRICS?
Biometrics refers to technologies that measure and analyze human body characteristics, such as DNA, fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for authentication purposes. It is the most accurate way to identify someone. Facial biometrics is one of the fastest growing areas of biometrics. With growing technologies facial recognition can convert a photograph or a video image into a code that describes a face’s physical characterizes. This can be used to identify the common person from a distance, without intruding into their personal space. Computer software for facial identification reads the peaks and valleys of an individual’s facial features; these peaks and valleys are known as nodal points. There are 80 nodal points in a human face, but the software needs only 15-20 to make an identification.
Biometrics: what kind of convenience and security can it offer us?
Biometrics refers to an automated system that can identify an individual by measuring their physical and behavioral uniqueness or patterns, and comparing it to those on record. In other words, instead of requiring personal identification cards, magnetic cards, keys or passwords, biometrics can identify fingerprints, face, iris, palm prints, signature, DNA, or retinas of an individual for easy and convenient verification. With the boom in Internet-based business and the increased need for accurate verification when accessing accounts, biometrics is the simplest and most convenient the solution. Its universal, unique, permanent and measurable features ensures security of information in E-commerce, such as on-line banking and shopping malls. Biometrics can also provide you with convenience and security, by enabling a machine to verify the individual by itself and to respond to the individual’s requests. Through the use of such physical controls as access control, and punch card maintenance, user restrictions on certain apparatus can be made possible with an automated verification system.
- No more forgotten or stolen passwords
- Positive and accurate Identification
- Highest level of security
- Offers mobility
- Impossible to forge
- Serves as a Key that cannot be transferred
- Safe & user friendly
Common Human Biometric Characteristics
Biometric characteristics can be divided in two main classes, as represented in figure on the right:
Physiological are related to the shape of the body. The oldest traits, that have been used for more than 100 years, are fingerprints. Other examples are face recognition, hand geometry and iris recognition.
Behavioral are related to the behavior of a person. The first characteristic to be used, still widely used today, is the signature. More modern approaches are the study of keystroke dynamics and of voice.
Securing personal privacy and deterring identity theft are national priorities. These goals are essential to our democracy and our economy, and inherently important to our citizens. Moreover, failure to achieve these goals is substantially inhibiting the growth of our most advanced, leading-edge industries, notably including e-commerce, that depend upon the integrity of network transactions. Establishing end-to-end trust among all parties to network transactions is the indispensable basis for success. A large percentage of the public are reluctant to engage in e-commerce or conduct other network transactions owing to a well-founded lack of confidence that the system will protect their privacy and prevent their identity from being stolen and misused. The misgivings of the public are reinforced by recent publicized cases of loss of personal privacy, fraudulent funds transfers, and outright theft and abuse of identity in network transactions.
Biometrics, an emerging set of technologies, promise an effective solution. Biometrics accurately identify or verify individuals based upon each person’s unique physical or behavioral characteristics. Biometrics work by unobtrusively matching patterns of live individuals in real time against enrolled records. Leading examples are biometric technologies that recognize and authenticate faces, hands, fingers, signatures, irises, voices, and fingerprints.
Biometrics is a high tech word for an old concept: how we go about recognizing one another. Biometric authentication uses automated methods based on physical characteristics or behavioral traits for human recognition. Examples of biometrics include iris and retina scanning, digitized fingerprints, hand geometry and speaker recognition. Biometric authentication offers advantages over current security practices. Unlike keys and tokens, biometrics are never lost or stolen. Unlike passwords and PINs, biometrics cannot be forgotten. Because of their security, speed, efficiency and convenience, biometric authentication systems might soon become the standard for access control. One area where biometrics can provide substantial help is in guarding against attempts to establish fraudulent multiple identities or prevent identity fraud. By searching through the stored references, individuals who appear to have previously enrolled using a different identity can be highlighted for further investigation. It is very difficult to perform this type of check without the use of biometrics.
Why are biometrics secure?
Unique: The various biometrics systems have been developed around unique characteristics of individuals. The probability of 2 people sharing the same biometric data is virtually nil.
Cannot be shared: Because a biometric property is an intrinsic property of an individual, it is extremely difficult to duplicate or share (you cannot give a copy of your face or your hand to someone!). Cannot be copied: Biometric characteristics are nearly impossible to forge or spoof, especially with new technologies ensuring that the biometric being identified is from a live person.
Cannot be lost: A biometric property of an individual can be lost only in case of serious accident.
What are biometric systems used for?
Reliable user authentication is essential. The consequences of insecure authentication in a banking or corporate environment can be catastrophic, with loss of confidential information, money, and compromised data integrity. Many applications in everyday life also require user authentication, including physical access control to offices or buildings, e-commerce, healthcare, immigration and border control, etc.
Currently, the prevailing techniques of user authentication are linked to passwords, user IDs, identification cards and PINs (personal identification numbers). These techniques suffer from several limitations: Passwords and PINs can be guessed, stolen or illicitly acquired by covert observation. In addition, there is no way to positively link the usage of the system or service to the actual user. A password can be shared, and there is no way for the system to know who the actual user is. A credit card transaction can only validate the credit card number and the PIN, not if the transaction is conducted by the rightful owner of the credit card.
Existing user authentication techniques include:
- Something you know, e.g. password or PIN. The issue is that many password are easy to guess, and can also be easily forgotten.
- Something you have, e.g. key or car. They can be lost, stolen or duplicated.
- Something you know and have, e.g. card + PIN
- Something you are, e.g. face, gait, fingerprint, voice. You cannot lose these, they are unique for each individual and are difficult to forge.