In the world of information technology, the term “biometrics” (also referred to as “biometric authentication”) is the automated method of recognizing a person based on their unique physiological or behavioral traits. Common examples of human biometric markers are fingerprints, finger and palm veins, iris and facial recognition, even one’s voice print.
According to Microsoft’s chairman and chief software architect, Bill Gates, “Biometrics is one of the keys to providing “a more transparent, secure and manageable security on a mass scale.”
Need for a stronger user authentication
In this computer-driven era, identity theft and the loss or disclosure of sensitive data and related intellectual property are growing rapidly. Currently, options available for user authentication fall within three categories – those that require what you know (e.g. passwords), those that require what you have (e.g. smart cards) and those that verify who you are (e.g. biometric characteristics).
Long, complex and unmemorable alphanumeric passwords are hard to remember but recommended by system administrators. Smart cards provide higher assurance levels for authentication over passwords but there’s the issue of lost or stolen cards. Since physically having a smart card is required for authentication, what does an employer do if an employee loses or leaves his or her card at a public location?
Among all three authentication techniques, biometrics are the most advanced form of identification and verification. The events of September 11, 2001, have spurred a great deal of interest in further enhancement or refinement of this technology.
Biometrics provide strong security
Passwords have been the standard means of user authentication for decades on our home and office computers. However, as users are required to remember more, longer, and constantly changing passwords, it is evident that a more convenient and secure solution to user authentication is necessary.
Biometric authentication techniques are exceptionally reliable for a positive identity match. A false acceptance or false rejection is rare, although possible, depending on the accuracy of the biometric systems and sensor characteristics. Incorporation of a liveness detection technique makes an attack against the biometric system more difficult. Our Enterprise Biometrics Suite™ , is an enterprise ready biometric-based Single Sign On (SSO) solution that provides an air-tight mechanism to authenticate users requesting access to network resources.
Different biometric systems provide different levels of security as measured by false acceptance rate (FAR) and false rejection rate (FRR) scores. For example, iris biometrics and vascular (finger vein and palm vein) biometrics usually offer lower FAR and FRR rates than non-contact technologies such as facial or voice recognition. However, before rejecting any biometric type on the grounds of its FAR and FRR scores, it is important to consider what level of security you need a biometric system to provide.
It’s also important to take into account the environment a biometric authentication system will be used in. For example, fingerprint readers do not work well in environments where users’ fingers are likely to be dirty. Similarly, voice recognition systems are not a good match for excessively noisy environments. Thus, the best biometrics is the combination of two or more biometric modalities.
M2SYS’ Hybrid Biometric Platform supports fingerprint, finger vein, palm vein, and iris recognition using a range of hardware such as the M2-EasyScan™ fingerprint reader, M2-PalmVein™ palm vein reader, M2-AutoTilt™ iris recognition camera and M2-FuseID™ SMART (fingerprint and finger vein) dual purpose reader. It also supplies biometric middleware to enable the integration of its biometric platform into Windows and web software, and a product called Bio-Plugin™ which allows its biometric authentication to be integrated to any Windows or web based application.
Biometric technology is a very promising way of authenticating users. Users may be authenticated by their personal computers or by workstations during login, by their finger vein patters to confirm a bank transaction, or by a palm access control system to open a door. All of these cases are typical and correct places to deploy a biometric identification management system. Biometrics provide secure protection from cryptographic functions as well as when biometric matching, feature extraction, and the biometric sensor are all integrated in one device.