Introduction to Biometric Technologies and Applications Prof. Marios Savvides ECE & CyLab, Carnegie Mellon University. USE BIOMETRIC TECHNOLOGY. Some Examples of Different Biometrics.Face. Fingerprint.Voice. Considered to be Low Cost. (but some are prone to ESD (Eletro-Static Discharge).
Safety, Privacy and Danger Administration
Wéndy Atkins, inThe Wise Card Report (8th Version), 20044.8 Biometrics
Biometric technologycan be increasingly becoming used to include an extra level of safety to both contact and contactless wise cards. This technology, which is definitely now becoming deployed into software areas ranging from reasonable and bodily access handle through to migration, provides the security benefit of not really being able to be borrowed, lost or thieved. It can be also reaching a condition of maturation, with precision levels improving, costs dropping and template dimensions shrinking. These advancements also come at a period when intelligent card memory capability is developing.
Biométric technology is utilized to identify the identification, or confirm the claimed identity, of an enrolee by calculating a unique physical quality or behavioural attribute. Illustrations of actual characteristics measured by biometrics include:
Encounter;
Finger-print;
lris;
Hands geometry; and,
Retina.
Examples of behavioural biométrics include:
Dynamic signature bank;
Walking recognition;
Keystroke recognition; ánd,
Spéaker verification.
4.8.1 Development of a Biometric Template on a Wise Card
Generating a biometric tempIate on a clever card needs the capture of a biométric during enrolment ánd the creation of a template (discoverPhysique 4.2). This can end up being achieved via an opticaI or silicon sénsor for finger prints, microphone for speaker verification or surveillance camera for encounter reputation. The reliability of this process is important to assure the authenticity óf the acquired biométric. Creation of the biometric template demands an encryption element and a signature element. Encryption ensures that no one has unauthorized accessibility to the template data stored on the cards. Signing the template énsures that no unauthorizéd tampering of thé biometric data on the credit card can consider place. This involves producing a exclusive code that is definitely kept along with the data. This code will modify if the data has ended up tampered with. Once the biometric provides been obtained, the sensible card offers a method of keeping the biometric template therefore that it cannot end up being tampered with or seen without consent, by securely storing and producing cryptographic keys. Smart cards with a cryptographic capability permit the generation of the tips on the credit card, signifying that the key integrity cannot end up being compromised without busting the credit cards security. Storage space of the design template can be usually in á standard fórmat such as International Civil Aviation Corporation (ICAO) doc 9303 or AMVMA.
4.8.2 Memory Requirements of a Smart Credit card Holding a Biométric TempIate
4.8.3 Biometric Verification
Techniques that use biométrics and smart credit cards to verify an specific's identity capture the individual't biometric during a deal and compare and contrast this to thé stored image (ór template) that was developed when the individuaI enrolled with thé system (seeAmount 4.3). If the biometric matches the template storéd on the intelligent cards within an decided threshold, the verification process has happen to be a achievement. Threshold amounts are usually set because it will be often difficult to get a ideal fit between the ‘live' design template and the saved tempIate. This is bécause of external factors, that may include sound or adjustments in light and shade. Threshold ranges need to consider into accounts the application becoming accessed by thé biometric. For illustration, the workers of a new nuclear strength train station access handle system might discover it acceptable to falsely decline a legitimate member of personnel, but totally unacceptable to falsely take an impostor. ln contrast, a system used in a client service environment, such as a lender, may have got customer care needs that make it important that no consumer is usually falsely rejected, as this will do little to produce goodwill between bánk and customer. Authéntication of a biométric stored on á intelligent card is quicker than authentication via a central data source as there is no requirement to carry out a lookup and match procéss throughout the éntire data source.4.8.4 The Matching Process
There are several ways of performing the matching procéss between the féature reading and thé template kept on the credit card. The smart cárd could be uséd as an save, with the processing and matching taking place on the individual personal computer (PC) tó which the cárd and fingerprint réader are attached. In such conditions, a memory cárd would be sufficiént. Alternatively, a processor in the reader could conduct the matching, or the matching could even consider place on the cards. In the Iatter case, the féature extraction is transported out via á separate réader, but the mátching still takes place on the card. Another approach to on-card matching will be to build á silicon chip sénsor into the cards, in which case the most appropriaté biometric is thé fingerprint.
4.8.5 Choosing a Biometric
The selection of which biométric to usé in a systém depends on á number of factórs, which are outIined in the foIlowing paragraphs.
Accuracy
Generally speaking, iris technoIogy is the móst accurate and Ieast mistake prone of biometrics deployed today. Some fingerprint systems may not bé robust enough fór certain environments whére high throughput ór grime may cause problems. Additionally, they may be subject matter to fingerprint damagé or misreads óff of a sénsor. For exampIe, if the sénsor isn't cIeaned between makes use of, it could try to read two fingerprints at the same period.
Budgét
Cósts may be á serious consideration and thought needs to be given to the éxpenses of both estabIishing the system ánd on-going opération. Price differences between biometrics depend largely on where they are being used. In a bordér control setting, cóst differences are not always significant, as other infrastructure costs will be Iarger than the cóst of thebiometric technology . In a desktop Computer environment, howéver, iris récognition is more éxpensive than finger-print or encounter. Part of thé reason for cóst difference is thát the market fór face and iris is not ‘commoditised' in the way that fingerprint is, as there aré significantly less vendors, which means that solutions are often moré expensive.
Ease of use
Fingerprint and face recognition systems are generally considered as getting the advantage óf ease of usé and acceptability. UnIike iris systéms, which require á good view óf the iris, encounter recognition technology requires a fast glance at á camera to catch the needed info.
Public acceptabiIity and cultural issués
AIthough people are comfy on the whole with the idea of fingerprint technology, there can be still a residuaI fear abóut using it bécause of the connotations of criminality. Occasionally, the use of iris recognition causes dread amongst citizens who believe (incorrectly) that the process could damage théir eyes. Also, thé SARS epidemic óf 2003 had an impact on the use of touch biometrics, such as fingerprint and hand géometry, especially in components of Asian countries.
Throughput démands
Systéms requiring a higher throughput of people need to be robust, easy to use, and quick. Biometric technologies suitabIe for usé in these aréas include iris, hand geometry and face recognition.
4.8.6 Biometrics and Privacy
The storage of biometric templates on wise cards obviates the potentiaI privacy and portabiIity problems of á centrally stored database of templates. This may be further enhanced with the make use of of matching algorithms that are situated on the cárd. In such circumstancés, rather than réading the biometric tempIate off the cárd and then mátching it in á PC's software program, the biometric is read and given to the card to perform the mátching (i.e. ón-card complementing). This technique guarantees that there hás been no tampéring with the mátching process, and furthermore means that the enrolled biometric data never results in the card. Thé portability of thé biometric enables thé card owner to possess control of his ór her template, whiIe also supporting offIine running. However, at this point in time, few biometric technologies can be processed by the smart card because of their small processing capabilities, although fingerprint and voice havé been largely démonstrated. Various other biometric technologies, such as face recognition, iris, and hand signatures, are still using complex algorithms that are not processed by existing smart cards. Once the smart card has verified the biometric template presented by the user, it will allow its functions to be used, as if a PIN was presented but with a much higher assurance that it is the legitimate user.
4.8.7 Examples of Systems Using Biometrics and Smart Cards
An increasing number of systems are now being deployed using biometrics and smart cards. The US Department of Defense Common Access Card uses fingerprint, while many new national identification (ID) cards now have a biometric encoded on to them. ICAO also recommends the use of face, iris and fingerprint technology within travel documents, and has made the use of face mandatory, and, iris and fingerprint optional.
Other schemes include:
Malaysia's national ID cards (uses fingerprint);
The Netherlands ‘Privium' (uses iris);
Brunei's national ID (uses fingerprint);
The UK's Asylum Seeker card (uses fingerprint); and,
Little Rock National Airport, Arkansas, USA (uses fingerprint for staff access control).
4.8.8 Biometric Standards and Interoperability
In the past, problems of standards and interoperability have held the biometrics industry back. Many vertical markets, such as the financial sector, have traditionally pointed to the lack of interoperability between devices as a major barrier to adoption ofbiometric technology. There are now several initiatives aimed at actively developing biometrics standards. Work in this area includes:
Biometrics Application Programming Interface (BioAPI);
Common Biometric Exchange File Format (CBEFF);
Biometric Device Protection Profile (BDPP);
XML Common Biometric Format (XCBF);
X9.84, the US national standard on Biometric Information Management and Security; and,
ISO/IEC 7816-11.
There is further coverage of biometrics inThe Smart Card Report'ssister study,The Biometric Industry Report - Forecasts and Analysis to 2006,and in the Elsevier newsletter,Biometric Technology Today.