Biometrics

Biometrics

What is Biometrics?

• "Biometrics" means "life measurement" but the term is usually associated with the use of unique physiological characteristics to identify an individual.
• The application which most people associate with biometrics is security.
• However, biometrics identification has eventually a much broader relevance as computer interface becomes more natural.
•  Knowing the person with whom you are conversing is an important part of human interaction and one expects computers of the future to have the same capabilities.
• A number of biometric traits have been developed and are used to authenticate the person's identity.
•  The idea is to use the special characteristics of a person to identify him.
• By using special characteristics we mean the using the features such as face, iris, fingerprint, signature etc. 

Biometric technologies are thus defined as the "automated methods of identifying or authenticating the identity of a living person based on a physiological or behavioral characteristic".

A biometric system can be either an 'identification' system or a 'verification' (authentication) system, which are defined below.

Identification - One to Many: Biometrics can be used to determine a person's identity even without his knowledge or consent. For example, scanning a crowd with a camera and using face recognition technology, one can determine matches against a known database.

Verification - One to One: Biometrics can also be used to verify a person's identity. For example, one can grant physical access to a secure area in a building by using finger scans or can grant access to a bank account at an ATM by using retinal scan.

Biometric authentication requires to compare a registered or enrolled biometric sample (biometric template or identifier) against a newly captured biometric sample (for example, the one captured during a login). This is a three-step process (Capture, Process, Enroll) followed by a Verification or Identification process.

During Capture process, raw biometric is captured by a sensing device such as a fingerprint scanner or video camera.

The second phase of processing is to extract the distinguishing characteristics from the raw biometric sample and convert into a processed biometric identifier record (sometimes called biometric sample or biometric template).

Next phase does the process of enrollment. Here the processed sample (a mathematical representation of the biometric - not the original biometric sample) is stored / registered in a storage medium for future comparison during an authentication. In many commercial applications, there is a need to store the processed biometric sample only. The original biometric sample cannot be reconstructed from this identifier.

Biometric Characteristics

A number of  biometric characteristics may be captured in the first phase of processing. However, automated capturing and automated comparison with previously stored data requires that the biometric characteristics satisfy the following characteristics:

Universal: Every person must possess the characteristic/attribute. The attribute must be one that is universal and seldom lost to accident or disease.

Invariance of properties: They should be constant over a long period of time. The attribute should not be subject to significant differences based on age either episodic or chronic disease.

Measurability: The properties should be suitable for capture without waiting time and must be easy to gather the attribute data passively.

Singularity: Each expression of the attribute must be unique to the individual. The characteristics should have sufficient unique properties to distinguish one person from any other. Height, weight, hair and eye color are all attributes that are unique assuming a particularly precise measure, but do not offer enough points of differentiation to be useful for more than categorizing.

Acceptance: The capturing should be possible in a way acceptable to a large percentage of the population. Excluded are particularly invasive technologies, i.e. technologies which require a part of the human body to be taken or which (apparently) impair the human body.

Reducibility: The captured data should be capable of being reduced to a file which is easy to handle.

Reliability and tamper-resistance: The attribute should be impractical to mask or manipulate. The process should ensure high reliability and reproducibility.

Privacy: The process should not violate the privacy of the person.

Comparable: Should be able to reduce the attribute to a state that makes it digitally comparable to others. The less probabilistic the matching involved, the more authoritative the identification.

Inimitable: The attribute must be irreproducible by other means. The less reproducible the attribute, the more likely it will be authoritative.

Among the various biometric technologies being considered, the attributes which satisfy the above requirements are fingerprint, facial features, hand geometry, voice, iris, retina, vein patterns, palm print, DNA, keystroke dynamics, ear shape, odor, signature etc.

A biometric system can be classified into two modules- (i) Database Preparation Module and (ii) Verification Module. The Database Preparation Module consists of two sub-modules, and they are (a) Enroll Module and (b) Training Module while the other module, Verification module can be divided into two modules (a) Matching Module and (b) Decision Module.
 

Multimodal Biometric Systems

• Multimodal biometric systems are those that utilize more than one physiological or behavioral characteristic for enrollment, verification, or identification. 
• In applications such as border entry/exit, access control, civil identification, and network security, multi-modal biometric systems are looked to as a means of
• Reducing false non-match and false match rates,
• Providing a secondary means of enrollment, verification, and identification if sufficient data cannot be acquired from a given biometric sample, and
• Combating attempts to fool biometric systems through fraudulent data sources such as fake fingers.
• A multimodal biometric verification system can be considered as a classical information fusion problem i.e. can be thought to combine evidence provided by different biometrics to improve the overall decision accuracy. Generally, multiple evidences can be integrated at one of the following three levels.

Abstract level: The output from each module is only a set of possible labels without any confidence value associated with the labels; in this case a simple majority rule may be used to reach a more reliable decision.

Rank level: The output from each module is a set of possible labels ranked by decreasing confidence values, but the confidence values themselves are not specified.

Measurement level: the output from each module is a set of possible labels with associated confidence values; in this case, more accurate decisions can be made by integrating different confidence values.
 

The biggest issue in biometric implementation is user acceptance.

 If a user doesn’t like a particular system it will not be used properly and will not be effective, no matter how efficiently the system is implemented.

 Fingerprinting is one of the first methods that comes to mind when talking about using biometrics for security.

 These remind the user or the other main use of fingerprints, identifying and cataloging criminals. A more subtle approach is required for obtaining fingerprints. It exists in the form of a fingerprint reader built into a mouse.

 A mouse with a thumbprint scanner built into its side was demonstrated in the 1999 COMDEX exhibition. Such biometric mice are now widely available to the public.

Eye recognition is a frequently touted means of biometric identification, however one problem with early systems was that people are naturally very protective of their eyes and in the past have found this type of scan intrusive. However improvements in eye recognition technology enable a person’s iris to be scanned from up to twelve inches away. The scanning device no longer intrudes on a person’s personal space.

Voice recognition is another option for biometric security.

Voice recognition has problems in that a persons voice can be subject to more change than their fingerprint e.g. through sickness

Also somebody’s voice can be easily reproduced with a high quality recording.

Just because a persons voice is present doesn’t mean they are.

It does have the advantage of being probably the cheapest biometric security device at the low end of the market, as they require no special hardware.

Cost is considered to be another major factor in the implementation of biometrics. In the past this was more the case, as biometrics was an emergent unproven technology but as biometrics have gained more industry support the cost has fallen.