Biometrics

Identify Vs. Verify

It's important to distinguish whether a biometrics system is used to verify or identify a person. These are separate goals, and some biometrics systems are more appropriate for one than the other, though no biometric system is limited to one or the other. The needs of the environment will dictate which system is chosen .

The most common use of biometrics is verification. As the name suggests, the biometric system verifies the user based on information provided by the user. For example, when Alice enters her user name and password, the biometric system then fetches the template for Alice. If there's a match, the system verifies that the user is in fact Alice.

Identification seeks to determine who the subject is without information from, or participation of, the subject. For instance, face recognition systems are commonly used for identification; a device captures an image of the subject's face and looks for a match in its database. Identification is complicated and resource- intensive because the system must perform a one-to-many comparison of images, rather than a one-to-one comparison performed by a verification system.

Biometric Errors

All biometrics systems suffer from two forms of error: false acceptance and false rejection. False acceptance happens when the biometric system authenticates an impostor . False rejection means that the system has rejected a valid user. A biometric system's accuracy is determined by combining the rates of false acceptance and rejection .

Each error presents a unique administrative challenge. For instance, if you're protecting sensitive data with a biometric system, you may want to tune the system to reduce the number of false acceptances. However, a system that's highly calibrated to reduce false acceptances may also increase false rejections, resulting in more help desk calls and administrator intervention. Therefore, administrators must clearly understand the value of the information or systems to be protected, and then find a balance between acceptance and rejection rates appropriate to that value.

A poorly created enrollment template can compound false acceptance and rejection. For example, if a user enrolls in the system with dirt on his finger, it may create an inaccurate template that doesn't match a clean print. Natural changes in a user's physical traits may also lead to errors.

Biometric Types

Finger Scan

Fingerprint scanning is the most common biometric system used today. The human fingerprint is made up of ridges that take the shape of loops , arches, and whorls. Rather than scan each ridge, fingerprint-based biometrics look for minutia, which are the points on a fingerprint where a ridge ends or splits into two. An algorithm extracts the most promising minutia points from an image and then creates a template, usually between 250 to 1,000 bytes in size .

Most fingerprint scanners use an optical reader or silicon-based scanner to acquire the image. Optical systems are the most mature and widely deployed. Optical fingerprint readers are durable, inexpensive, and proven. On the downside, they're larger than silicon devices and susceptible to latent prints-remnants of previous prints left on the plate. In addition, the coating on the plate can wear away, which may affect the image.

In silicon chip-based scanners, a coated chip measures skin capacitance to discover the ridge pattern in the fingerprint. Silicon devices are smaller than optical devices but can generally produce a higher-quality image. Their size also allows them to be more easily integrated into peripherals, desktops, and even smart cards. However, the oils and salt on fingers may degrade the chip's performance over time.

Besides hardware problems, fingerprints themselves can change. Daily wear on fingertips can affect ridge patterns and minutia points. Dirt, sweat, and scars can also distort a print, leading to scanning errors.

Anyone planning a fingerprint scanner deployment should also be aware of recent experiments by Tsutomu Matsumoto, a Japanese researcher at Yokohama National University. According to a paper published by Matsumoto, he used a fake finger made of gelatin to fool numerous commercially available fingerprint readers-both optical and silicon.

In one experiment, Matsumoto made plastic molds of volunteers' fingers, then filled the molds with gelatin available in grocery stores. The print lifted from the mold was sufficient to fool fingerprint readers up to 80 percent of the time. In a second experiment, Matsumoto captured latent prints left on a glass and made gelatin fingers that also fooled fingerprint scanners.

The uproar that followed the paper was predictable: Some security experts touted Matsumoto's results as a death blow to fingerprint scanners. Vendors of the devices decried the results and insisted on their products's security.

Matsumoto's experiments are interesting, but they aren't cause to abandon fingerprint scanners just yet. To their credit, finger scanning devices are relatively inexpensive (for a biometric system), easily coupled to desktops, and fairly unobtrusive to users. However, his results help underline the fact that no security strategy is 100 percent foolproof, and that layered defenses are necessary for robust protection.

Hand Geometry

Hand scanners use an optical device to measure biometric data such as the length, width, thickness , and surface area of a person's hand and fingers. While accurate, hand scanners don't gather as much biometric data as a fingerprint or eye scan. They aren't suitable for identification (as opposed to verification) because similarities among hands don't allow for a one-to-many database search. Hand injuries may also result in false rejections.

That said, hand scanners are easy for subjects to use, and a hand image is difficult to fake. The template of a hand scan is also much smaller than other biometrics, perhaps 20 bytes or less, allowing for more images to be stored.

Iris and Retina

The iris is the colored ring that surrounds the pupil . A camera using visible and infrared light scans the iris and creates a 512-byte biometric template based on characteristics of the iris tissue , such as rings, furrows, and freckles.

Iris scanning is remarkably accurate, making it suitable for both identification and verification. Peripheral cameras are available for desktop-based network authentication, but iris scanning has traditionally been used for physical access to secure locations.

The retina is a nerve in the back of the eye that senses light. A retina scan creates a template from blood vessels in the retina, the patterns of which are unique to each person. Unlike other biometric characteristics, a person's retinal blood vessel pattern changes very little throughout a person's lifetime (except in cases of severe head trauma or degenerative eye disease), making retina scanning a robust solution. A retina scan is also highly accurate.

Many users find a retina scan to be intrusive . That's because the capture device for a retina scan must be within half an inch from the subject's eye. For an iris scan, the capture device can be as far away as three feet. In addition, glasses may interfere with a proper retina scan, but not an iris scan.

Face Scan

Facial scans capture physical characteristics such as the upper outlines of the eye sockets, the areas around the cheekbones, and the sides of the mouth. Face scanning is appropriate for both identification and verification. For network authentication, PC video cameras are sufficient, but higher quality cameras are necessary for capturing images from greater distances (say in the lobby of a building) and in more variable lighting conditions.

Face recognition systems are becoming popular surveillance methods , in part because they can operate without a subject's knowledge.

Voice and Signature

Voice scanning captures characteristics such as the pitch, tone, and frequency of a subject's voice. Voice biometrics may win a role in network authentication because many PCs include a microphone or can be easily fitted with one. However, background noise or poor-quality microphones can interfere with authentication.

Signature scans capture both the image of the signature and the physical characteristics of the signer, such as the speed and pressure he or she exerts. Signature scanning requires a specialized tablet to capture the biometric data.

At this point, voice and signature biometrics aren't widely deployed, though they may be successful in certain niches , such as point-of-sale transactions. On the positive side, user resistance to these biometrics is low because of their ease of use and familiarity .

Issues And Standards

Administrators must keep several points in mind when considering a biometric solution. Aside from scanner hardware and software, a biometric system has other costs, including the template repository. This repository must be at least as well secured as a password database. Administrators must also consider availability, backup, and general maintenance costs.

Biometric enrollment-when the subject first creates a template-must be handled carefully . A poor enrollment scan can lead to false rejection rates later on. Users also need to be properly trained in the use of the biometric system to prevent unnecessary rejections. Users may also have privacy concerns that will need to be addressed.

Finally, biometric systems traditionally required their own backend systems. Vendors are now introducing products that integrate biometrics into a company's overall backend systems, directories, and Single Sign-On (SSO). These products can also integrate different biometric systems, such as fingerprint scanners and iris scanners, into one system.

Several standards are being developed to help integrate diverse biometric technologies. The BioAPI Consortium's (www.bioapi.org) goal is to promote application integration across numerous biometric systems. Version 1.1 of the consortium's specification for a biometric API is available at the Web site.

The National Institute of Science and Technology (NIST) is promoting the Common Biometric Exchange File Format (CBEFF) standard. Its goal is to develop a common format for exchanging templates among biometric systems. More information is available at www.itl.nist.gov/div895/isis/bc/cbeff/.

Further CBEFF development may take place under the Biometric Interoperability, Performance, and Assurance Working Group, at www.itl.nist.gov/div895/isis/bc/bcwg/. This group promotes interoperability and performance metrics within the biometric community.

Resources

The Biometrics Consortium, At Www. Biometrics.Org, Is A Government-Sponsored Site For The Research, Testing, And Evaluation Of Biometric Technology.

The International Biometric Group provides a host of good information on biometric technology and biometrics vendors. A long- term market analysis of biometrics is available on the site for a fee. Go to www.biometricgroup.com.

Network Magazine's article "Biometric Devices: The Next Wave" (October 2001, page 48) provides a great overview of the biometric market and the major vendors in each area of biometrics. Go to www.networkmagazine.com/article/NMG20011003S0009.

This tutorial, number 168, by Andrew Conry-Murray, was originally published in the July 2002 issue of Network Magazine.