FAR

 <  Day Day Up  >  

Definition

The FAR is defined as the probability that a user making a false claim about his/her identity will be verified as that false identity. For example, if Matt types Chris' user ID into the biometric login for Chris' PC, Matt has just made a false claim that he is Chris. Matt presents his biometric measurement for verification. If the biometric system matches Matt to Chris, then there is a false acceptance. This could happen because the matching threshold is set too high, or it could be that Matt's biometric feature is very similar to Chris'. Either way, a false acceptance has occurred.

The Simple Math

When the FAR is calculated by a biometrics vendor, it is generally very straightforward. Using our example, it is equal to the number of times that Matt has successfully authenticated as Chris divided by his total number of attempts. In this case, Chris is referred to as the "MatchUser" and Matt as the "NonMatchUser." The simple math formula for this looks like the following, where n represents a number to uniquely identify each user:

n = enrolleduser

n

value

1

Chris

2

Matt

NonMatchUser'(n) = NumberofNonMatchUserSuccessfulAuthentications

NonMatchUser(n) = NumberofNonMatchUserAttemptsToFalselyAuthenticate

FAR (n) = NonMatchUser'(n)/NonMatchUser(n)

n = 1

FAR (Chris) / Matt (Chris)

This gives us the basis for Matt and Chris. What if we have another user, David? We could say that Matt and Chris are representative of our user population and just assume that the FAR will be the same for David. Statistically, the more times something is done, the greater the confidence in the result. Thus, to ensure a high probability that the FAR we calculate is statistically significant, we would need to do this for every combination of users we have. We would need to take all the calculated FARs for each user's attempt to falsely authenticate as another, sum them up, and divide by the total number of users. For example, we could take the above formulas and do them over again for each user. We would eventually get something that looks like the following:

FAR (Chris) = (Matt'(Chris) / Matt(Chris) + David'(Chris) / David(Chris)) / 2

If we generalize the formula, we get:

n = enrolleduser

N = totalenrolleduserpopulation

NonMatchUser'(n) = NumberOfNonMatchUsersuccessfulAuthentication

NonMatchUser(n) = Numberof NonMatchUserAttemptsToFalselyAuthenticate

n

value

1

Chris

2

Matt

3

David

4

Craig

5

Peter

.

.

N

Victoria

FAR (n) = NonMatchUser'(n) / NonMatchUser(n)

graphics/10inf01.gif


Why Is This Important?

The importance of the FAR is the strength of the matching algorithm. The stronger the algorithm, the less likely that a false authentication will happen. Matt has a greater chance of falsely authenticating as Chris at 1:500 than he does at 1:10,000. An example of this would be playing a ring-toss game. In this game, the object is to throw a ring on to a particular peg. The ring represents Matt's false authentication attempt. The number of pegs represents the strength of the biometric algorithm. The gameboard itself represents Chris' biometric enrollment. In the first case, there are 500 pegs on which to throw the ring. The peg that needs to be ringed for a winner is not marked . Thus, Matt has a 1 in 500 chance of hitting the right peg. Now, if Matt is playing the same game, but this time there are 10,000 pegs in the same area, Matt now has a 1 in 10,000 chance of hitting the right peg.

Carrying this example further, Chris now needs to authenticate. He knows the layout of the board and what ring to toss his peg onto. He knows this because he is really who he says he is. In the first game, he is faced with 500 pegs. Chris knows what peg to toss his ring onto in order to get authenticated. There is a chance he could miss , which is very low. If at any time Chris does not hit his peg, then he is falsely rejected. That is to say, he has not been authenticated as himself, even though he is Chris.

 <  Day Day Up  >  


Biometrics for Network Security
Biometrics for Network Security (Prentice Hall Series in Computer Networking and Distributed)
ISBN: 0131015494
EAN: 2147483647
Year: 2003
Pages: 123
Authors: Paul Reid

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net