Biometrics

Biometrics comes from the words bio and metric.  Bio means life while metric means to measure.

The biometric system links an event to one individual, while other ID forms, like the personal identification number (PIN), may be used by anyone.

Types of Biometrics

• Physiological identifiers – associated with the structure of the user is confirmed and include the following:
  • Facial recognition
  • Fingerprints
  • Finger geometry
  • Iris recognition
  • Vein recognition
  • Retina scanning
  • Voice recognition
  • DNA matching
• Behavioral identifiers – consist of the exceptional ways in which individuals act, including identification of typing patterns, gait, and other gestures.  Some of these behavioral identifiers can be utilised for constant validation.

How Biometrics Function

Biometric authentication has become popular in different areas like security systems for both corporate and public sectors, electronic devices and POS (point-of-sale) applications.  Aside from security, biometric verification has become popular due to convenience.  No need to remember a password nor bring along security tokens.  Determining a person’s gait can even work without direct interaction with the person.

Components of Biometric Devices

• A reader or scanning device to record the biometric factor being authenticated
• Software to translate the scanned biometric data into a standardized digital format and to compare match points of the observed data with saved data
• A database to securely save biometric data for comparison

Biometric data may be kept in a centralized database, although modern biometric implementations often depend on collecting biometric data locally and then cryptographically hashing it so that authentication can be done without direct access to the biometric data itself.

Biometric System Components and Features

• Sensor – grabs data and translates it into a usable, digital format via software.
• Biometric template – is compared to the data storage.  Data is encrypted for security measures.
• Decision process – makes use of matching outputs.

Challenges of Biometrics

Biometric identifiers are dependent on the distinctiveness of the physical or behavioural feature being measured.  Fingerprints are commonly regarded to be very specific to each person.  Fingerprint recognition is the first biometric authentication factor that is widely used.

Other biometric factors have not become popular since there is little assurance in the distinctiveness of the identifiers or because the factors can be easily faked.

Permanency of the biometric factor is also vital to the reception of the factor.  Fingerprints are permanent and do not vary over a lifetime, but facial appearance can transform dramatically with factors like age and illness as well as through medical intervention.

A risky privacy issue of utilising biometric authentication is that physiological features like fingerprints and retinal blood vessel patterns are permanent and cannot be changed.  This is in distinction to nonbiometric factors like passwords and tokens which can be changed if they are breached or otherwise compromised.

The increasing pervasiveness of high-quality cameras, microphones and fingerprint readers in many of today’s mobile devices means biometrics will continue to become a more common way of authenticating users.

While the quality of biometric readers keeps on improving, they can still result in false negatives – where an authorized user is not recognized and false positives – when an unauthorized user is authenticated.

Biometric Exposures

High-tech cameras and other devices support usage of biometrics, but they can also be used by attackers.  People do not cover or hide their physical and behavioral features, therefore, attacks can happen by simply capturing biometric data from people without their permission or knowledge.

Further Readings:

• Biometrics