The Ins and Outs of Biometrics

What Are Biometrics?
Biometrics; made up of two words, bio meaning biological, and metrics meaning measurements. Biometrics are biological measurements. Biometrics are used mainly in the identification and access control due to the uniqueness of all these measurements. Fingerprints, facial measurements, vein patterns and much more are all characteristics that belong to you and ONLY you. In sciency/techy terms, biometrics is the measurement and statistical analysis of people’s physical and behavioural characteristics. There are two types of biometric identifiers:

Physiological Characteristics: The shape or composition of the body. Examples include; fingerprints; DNA; face, hand, retina or ear features; and odour.
Behavioural Characteristics: The behaviours of a person. Examples include; typing rhythm; Gait; gestures; and voice.

Other areas that are currently being explored in the quest to improve biometric authentication include brainwave signals, electronic tattoos, and a password pill that contains a microchip powered by the acid present in the stomach. Once swallowed it would create a unique ID radio signal that can be sensed from outside the skin, turning the body into a password. The difference between biometric authentication and biometric identification is that authorisation involves matching one submitted biometric feature to a specifically authorised template. Identification, rather than looking to issue a positive credential, the aim is to simply find a match within a database. For example, the police taking fingerprints in order to find criminals and those associated with criminals. Gaining/requesting access is biometric authentication whereas discovering something about a scanned individual is identification. One main thought people have about biometric systems is that they’re easily broken into (Just think back to James Bond breaking into a safe with a stolen fingerprint and fake retina contact lens), whereas in reality these feats are near impossible with decent well-made systems. If you buy cheap and not very well made systems then they are bound to have flaws and be easily broken into. So avoid buying cheaply made systems for your security! Check out one of the leading security experts in in Pretoria!


Contents

 

What Biometric Systems Are Available?

Main Uses/Applications Of Biometric Systems

How Do Biometric Systems Work?

How Accurate Are Biometric Systems?

Advantages of Biometric Systems

Quick History of Biometrics

Biometrics of The Future


Which Biometric Systems Are Available?

 

There are tons of biometric systems in use and development today! From visual biometrics like fingerprint recognition to behavioural biometrics like Gait; here’s a quick list of the various biometric systems you can find today and you might hear about in development:

 DNA Matching (Chemical Biometric): The identification of an individual using the analysis of segments from DNA.
 Ear (Visual Biometric): The identification of an individual using the shape of their ear.
 Retina Recognition (Visual Biometric): The use of pattern of veins in the back of the eye to accomplish recognition.
 Iris Recognition (Visual Biometric): A more accurate and advanced version of retina recognition, the use the features found in the iris to identify an individual.
 Facial Recognition (Visual Biometric): The analysis of facial features or pattern for the authentication or recognition of an individual’s identity.
 Fingerprint Recognition (Visual Biometric): The use of the ridges and valleys (minutiae) found on the surface tips of a human finger to identify an individual.
 Finger Geometry Recognition (Visual/Spatial Biometrics): The use of 3D geometry of the finger to determine identity.
 Gait (Behavioural Biometrics): The use of an individual’s walking style or gait to determine identity.
 Hand Geometry Recognition (Visual/Spatial Biometrics): The use of the geometric features of the hand such as the length of fingers and the width of the hand to identify an individual.
 Odour (Olfactory Biometrics): The use of an individuals odour to determine identity.
 Signature Recognition (Visual/Behavioural Biometrics): The authentication of an individual by the analysis of handwriting style; in particular the signature. “There are two key types of digital handwritten signature authentication; Static and Dynamic.
Static is most often a visual comparison between one scanned signature and another scanned signature, or a scanned signature against an ink signature. Technology is available to check           two scanned signatures using advanced algorithms.
Dynamic is becoming more popular as ceremony data is captured along with the X, Y, T and P Coordinates of the signor from the signing device. This data can be utilised in a court of           law using digital forensic examination tools, and to create a biometric template from which dynamic signatures can be authenticated either at the time of signing or post signing and as             triggers in workflow processes.”
 Typing Recognition (Behavioural Biometrics): The use of the unique characteristics of a person’s typing for establishing identity.
 Vein Recognition (Visual Biometrics): The use of vein patterns in a person’s finger or palm used to identify an individual.
 Speaker Authentication & Identification (Auditory Biometrics):
Speaker Authentication is the use of the voice as a method of determining the identity of a speaker for access control.
Speaker Identification is the task of determining an unknown speaker’s identity.

Note: There IS a difference between speaker recognition (recognising who is speaking) and speech recognition (recognising what is being said). Voice Recognition is also confused; voice recognition a synonym for speaker recognition.

 

Back To Contents


Main Uses/Applications of Biometric Systems

 

Biometrics are used for two things; Identification (Identifying an individual – Compares one to many in a database) and Authentication (Verification that an individual is who they say they are – Compares one to one). Biometric systems are slowly becoming part of our everyday lives, they’ve slowly found their way into many things we use and will continue to do so due to their accuracy in identification and authentication of individuals. Some of the main uses and applications of biometrics are as follows:

 Security: Older outdated security methods are now becoming too easily hacked and are no longer strong enough to protect what’s important to us. Biometric systems are now becoming more and more easily accessible and are finding applications in every role of security; protecting your phone with a fingerprint rather than pin/password, unlocking your doors at home, opening high-security gates and even opening your car! The security applications are almost endless.
 Border Control/Airports: Airports and Border control often come into contact with people who are not legally there. This can be in the form of security risks at airports to attempting to illegally cross a border. The application of biometric systems at the border is making crossing borders easier and more automated than ever. While eGates and kiosks are helping to make the international experience of travelling easier for passengers.
 Finance: The use of biometrics in finance is huge! Biometrics can hugely benefit financial transactions. Banking and finance are often the targets of major fraud plots, with people managing to access and complete transactions without much security stopping them other than a phone call from the bank. With the implication of biometrics in mobile and online payments, it’s now tougher for fraudsters and is obviously welcomed by the consumer when it comes to buying goods online and keeping their hard-earned cash safe.
 Fingerprint Locks: If you have something o protect then you usually put a lock on it, requiring a key, pass card or password to gain access; but, there’s a problem with that because keys, passwords and key cards are easily misplaced and lost! So with biometrics this is avoided because the key to your possessions is no longer what you have, it’s what you are! Your fingerprint is unique to you and can’t be lost or left behind on your desk at work.
 Mobiles: This application si simple and has been around for quite some time now, if you have the latest smartphone (iPhone 5s or Samsung S5 or later are the most common ones) you probably have a fingerprint lock set, this means that your unique fingerprint (or anyone who’s fingerprint you choose to set) is the only key to accessing your phone.
 Justice/Law/Forensics: The use of biometrics has been used in law for years. Fingerprints are kept by police, FBI and just about all law enforcement. All of these are kept in a database and known offenders can be easily identified using just their finger. Some law enforcement also keeps records of DNA and even voice clips. All of this plays a huge part in keeping the public safe and tracking down wanted persons.
 Time/Attendance: Possibly everyone least favourite use for biometrics is the tracking of time and attendance (Unless you’re the boss). Biometric time and attendance technology has been brought into many workplaces to keep track of people entering and leaving the building, punch cards were once the way to keep track of who was where and at what time but truant workers could always hand these to friends and make away with unearned wages. This also increased efficiency within the workplace because all time is recorded accurately and leave admins and managers to deal with more pressing matters than the 20 minutes extra someone took at lunch.

Back To Contents


How Do Biometric Systems Work?

 

The idea behind biometrics sounds more complicated than it really is, biometrics is essentially just a comparison. Whether the comparison is visible, invisible or behavioural, biometric authentication technology centers around the capture of a measurement and comparing it to a previously derived string of numbers called a template. A template isn’t a whole image but instead is a code that describes certain unique features of said image within the context of a specific biometric technology. When a biometric is initially scanned into a system, a template is derived and stored either on a server behind a firewall or on a secure element on a device (like a phone), this is known as “enrollment”. After enrollment, any time a biometric is scanned into a system in a request to gain access, the measurement of the presented biometric are compared to those already stored in the template. If there is a match, access is granted, if there isn’t then access is denied. It’s really that simple!

Back To Contents


How Accurate Are Biometric Systems?

 

The accuracy and cost of biometric systems have until recently been one of the limiting factors in the adoption of biometric authentication solutions but the presence of a high-quality camera, microphones and fingerprint reader in many of today’s mobile devices means biometrics is likely to become a considerably more common method of authenticating users. The quality of biometric readers is improving all the time, but they can still produce false negatives and false positives. One problem with fingerprint biometrics is that people inadvertently leave their fingerprints on many surfaces they touch (You and I are doing so right now…), and it’s fairly easy to copy them and create a replica in silicone (Although fooling the scanner is near impossible unless you have a cheap version). People also leave tons of DNA everywhere they go and someone’s voice is easily captured via a recording. Dynamic biometrics like gestures and facial expressions can change but they can be captured by an HD camera and copied. Vein Recognition is a fairly accurate and safe method due to your veins being contained internally and not being transferred to surfaces via touch or captured via camera or recording. Biometrics, however, are a much safer and better alternative to passwords. A recent study by Ars Technica found that password, no matter how ‘random’ can be broken quite easily. Ars Technica asked hackers to try and guess/break over 15,000 passwords, some of these were 16-characters (one was even as random as ‘qeadzcwrsfxv1331 – Which when you look at it and then your keyboard isn’t all that random). One hacker from the experiment was even able to crack 90% of 16,449 hashed passwords in under an hour!

Back To Contents


Advantages of Biometric Systems

 

Biometric systems are one of the safest and most secure identification and authentication methods available. This is a result of the many advantages they bring to everyday life, including security and ease of access (for those that should be gaining access). Some of the advantages of biometrics are:

 Security: Since biometric characteristics can’t be lost and are quite hard to steal and replicate, biometric systems offer a higher degree of security than typical authentication methods such as passwords and passcards. Also biometric systems allow you to install a two-step systems, these require two biometric characteristics to gain authorisation/access.
 Accountability: Since biometric characteristics can’t be shared with others, you can keep accurate logs of who has done what within a system etc, this is due to passwords being shareable and so the true identity of a user is not known whereas biometric characteristics are unique to each person.
 Convenience: Biometric systems are convenient in environments where access privileges are required. Traditionally, in many authentication environments, a user may have multiple passwords. In the case of using biometrics, all of these passwords can be forgotten and you can use one biometric method instead.
 Justifiable Costs: The costs of a biometric system are difficult to estimate – this is due to the basic differences between systems as well as the technologies of the property. Many companies offer customisation, scalability and enrollment management. If you still think the costs are too much, just think about the flaws in your current system. All it takes is someone to lose a key, card or just a slip of the tongue and someone else can gain access. All of this can be avoided with biometric systems.
 Privacy: Many people aren’t confident when it comes to enrolling in a biometric system because they’ve seen too many spy movies where the system is hacked in a matter of 2.5 seconds and then their fingerprints are there for the taking. But this is unrealistic and has already been disproven because biometric systems have been used in the military, high-security bases/prisons and government buildings without breaches or hacks.
 Identification Is Accurate: Unlike a lot of other security systems that rely on passwords and access cards, one of the greatest advantages is the accuracy that biometrics provide. With a correct set-up system, biological characteristics like fingerprints and retinal scans provide completely unique data sets that cannot be easily replicated. This means unauthorised personnel can’t gain access.
 Easy to Use: Biometric systems are – once set up – extremely easy to use, as well as this they are able to identify people very rapidly, uniformly and reliably! Minimum training is required to get a system working correct and so cuts costs on password administrators. The systems are also very low maintenance, further cutting costs.

Back To Contents


Quick History of Biometrics

 

Biometrics First Use: The first use of biometrics for identification and authorisation appeared in the 1800’s with a system of body measurements known as Bertillonage; named after an anthropologist and police desk clerk, Alphonse Bertillon. The system took eleven bodily measurements including standing height, sitting height (trunk and head), the distance between fingertips with arms outstretched, as well as the size of the head, right ear, left foot and digits and forearm. As well as this distinct personal features such as eye colour and scars were also recorded. The problem with this was that it soon became clear, ti was inaccurate because it was a system of measuring human physical traits and different people could get different measurements for various body parts as well as more than one person matching all measurements.

First Use of Fingerprinting: Fingerprints were first found to have been used in the 14th Century China but as a signature purpose rather than identification or authorisation. The first use in terms of biometric history did not develop until the 19th Century when Dr. Henry Faulds noticed fingerprints could help identify criminals. Around 1900’s Francis Glaton announced that no two fingerprints were the same. This announcement led to the creation of the Edward Henry fingerprint classification system.

DNA Analysis: One of the newer biometric methods, challenges of other biometrics from defence attorneys and critics lead to the development of DNA analysis to confirm the identity of a person, especially when it came down to criminal convictions. As the science of DNA analysis developed so were devices that allowed personal identification possible. The current possibility of two people sharing the same DNA profile is 1 in 100 Billion (World population is only 7.4 billion as of 2016…). One of the most recent breakthroughs in DNA analysis is the creation of a device by The University of Arizona that will perform DNa analysis in a matter of hours rather than weeks.

Iris Recognition: Iris recognition photographs the iris, and then scans the iris at a later date (when someone tried to access something protected by the scanner) and compares the two images to each other if they’re the same then the person is the same. Iris recognition has grown substantially due to the concerns over identity fraud and other abuses of the law. Iris recognition is one of the newest because developments in optical science technology had to come along before the companies could develop such a system. One company that has managed to create such systems is AOptix Technologies, which can scan an iris from more than 6 feet away from the subject.

India’s National ID Program: India isn’t the only country to start using biometric identifiers in personal identification, but their project – Known as Aadhaar – is possibly one of the most ambitious. Already the largest biometric database in the world, the goal is to secure cataloging of biometric data (fingerprints, iris scan, photo) as well as demographic area (name, address, mobile number, gender, age etc) for each of their 1.25 billion residents. Currently, 550-million people have enrolled and India has assigned 480-million Aadhaar numbers as of 2013 and aims to have everyone cataloged in the next several years.

Back To Contents


Biometric Systems of the Future

 

With technology advancing at such a substantial rate; new biometric systems are being developed and adapted, some of these include:

 Odour Recognition: In 2009, with the desire to improve “the ability to identify individuals who may intend harm to the nation”, the U.S. Department of Homeland Security looked into ways to use body odour as a method of uniquely identifying individuals. CHnages in odour could potentially be evidence of deception.
 Gait Recognition: Japanese researchers have found that using 3D imaging, they were able to identify a person gait (walking style) to correctly identify the individual 90% of the time. The use of gait and the analysis of the way barefoot interacts with the floor has been shown to correctly identify individuals as much as 99.6% of the time. The idea is still in development and no model is yet sufficiently accurate or marketable.
 Keystroke Recognition: The content of your password isn’t the only unique things about it – researchers found that analysing the speed and rhythm with which users type entry keys enhances reliable authentication.
 Nose Recognition: Iris scanners are one of the most accurate ways of using the human face as a method of identification, but a team of researchers at Bath University in the UK had an idea – what if they weren’t? They developed a program called PhotoFace to analyse the human nose and categorise them into six main types: Roman, Greek, Nubian, Hawk, Snub and Turn-Up. The upside to this is that the human nose is harder to conceal than the eyes, the downside is that it – unfortunately – is less accurate than iris scanners.
 Posterior Authentication: Another team of Japanese researchers developed a system that uses 400 sensors in a seat to identify the pressure points and contours of the human rear end. The “derriere authenticator”, is claimed to be 98% accurate and could be developed to increase car security.

Back To Contents