|
 |
|
The modern rapid advancements in
networking, communication and mobility increased the need of
reliable ways to verify the identity of any person. Nowadays
identity verification is mainly performed in two ways: |
|
|
possession-based:
the whole security is based on a "token" the
user has (such as a credit card or a document). If it
is lost, somebody else might use it to falsify his identity |
|
knowledge-based using
a password. Even if we use the best encrypting algorithm,
the whole security is based on the key. If it is too short,
it is simple to guess it or crack it making several attempts,
but if it is too complicated it can't be remembered and
the common user will keep it written somewhere, so it
can be lost or stolen |
|
|
Those weaknesses of standard validation
systems can be avoided if our own body becomes our key. Particular
characteristics of the body or habits are much more complicated
to forge than a string of text, even if it is very long. Reliability
of biometric systems will be discussed later, but it is evident
that using biometrics adds a complexity to identification systems
that would be hard to reach with a standard password-based approach.
The main advantages of biometrics over a standard system are:
|
|
|
biometric traits cannot
be forgotten or mislaid, and can be lost only through
trauma (whereas passwords can be forgotten and tokens
easily lost or mislaid) |
|
biometric traits are relatively
difficult to copy, share and distribute (passwords can
be announced in crackers' websites) |
|
pace the previous point,
biometric traits require the person being authenticated
to be present at the time and point of authentication
|
|
|
Moreover biometric systems can
be used in conjunction with passwords or tokens, thus improving
the security of existing systems without replacing them. |
|
Common biometric characteristics
|
 |
|
Classification of some biometric
traits: |
Biometric characteristics can be divided in two
main classes, as represented in the figure: |
|
|
physiological are related
to the shape of the body. The oldest traits, that have
been used for more than 100 years, are fingerprints. Other
examples are face recognition, hand geometry and iris
recognition. |
|
behavioral are related to
the behavior of a person. The first characteristic to
be used, still widely used today, is the signature. More
modern approaches are the study of keystroke dynamics
and of voice. |
|
|
Strictly speaking, voice is also
a physiological trait because every person has a different pitch,
but voice recognition is mainly based on the study of the way
a person speaks, which is why it is commonly classified as behavioral.
|
|
There are many other biometric
strategies being developed such as those based on gait (way
of walking), retina, hand veins, ear recognition, facial thermo
gram, DNA, odor and palm prints. |
|
It is possible to understand if
a human characteristic can be used for biometrics in terms of
the following parameters |
|
|
Universality describes how
commonly a biometric is found in each individual. |
|
Uniqueness is how well the
biometric separates one individual from another. |
|
Permanence measures how
well a biometric resists aging. |
|
Collect ability explains
how easy it is to acquire a biometric for measurement.
|
|
Performance indicates the
accuracy, speed, and robustness of the system capturing
the biometric. |
|
Acceptability indicates
the degree of approval of a technology by the public in
everyday life. |
|
Circumvention is how hard
it is to fool the authentication system. |
|
|
The following table shows a comparison
of existing biometric systems in terms of those parameters: |
|
 |
|
 |
|
The basic block diagram of a biometric
system
The diagram on right shows a simple block diagram of a biometric
system. The main operations a system can perform are enrollment
and test. During the enrollment biometric information of an
individual are stored, during the test biometric information
are detected and compared with the stored ones. The first
block (sensor) is the interface between the real world and
our system; it has to acquire all the necessary data. Most
of the times it is an image acquisition system, but it can
change according to the characteristics we want to consider.
The second block performs all the necessary pre-processing:
it has to remove artifacts from the sensor, to enhance the
input (e.g. removing some noise), to use some kind of normalization,
etc. In the third block we have to extract the features we
need. This step is really important: we have to choose which
features to extract and how. Moreover we have to do it with
a certain efficiency (it can't take hours!). After that, we
can have a vector of numbers or an image with particular properties:
all those data are used to create a template. A template is
a synthesis of all the characteristics we could extract from
the source, it has to be as short as possible (to improve
efficiency) but we can't discard too many details, thus losing
discrimination ability. Then the behavior of the system changes
according to what was requested.
Then, if it is performing enrollment, then the template is
simply stored somewhere (it can be in on a card or within
a database). If it is performing the matching phase, the obtained
template is passed to a matcher that compares it with other
existing templates, estimating the distance between them using
any algorithm (e.g. Hamming distance). The decision that the
matcher has taken is sent as output, so that it can be used
for any purpose (e.g. it can allow a purchase or the entrance
in a restricted area).
|
|
Functions
A biometric system can provide the following three functions.
|
|
|
Verification is he
the person he claims to be? Somebody claims to be a person
whose biometric info are already known (e.g. they were
stored on a card or in a database). We want to extract
new biometric info from the person and check if those
are matching with the ones we have. This way we can verify
the identity of a person. In other words, it's a 1:1 match
verification. |
|
Identification who
is he? we extract biometric info from a person and we
compare them with our database. It is a much more difficult
task than verification because we have to compare those
info with all people in the database. |
|
|
Performance measurement |
|
|
false accept rate (FAR)
or false match rate (FMR): the probability that the system
incorrectly declares a successful match between the input
pattern and a non-matching pattern in the database. It
measures the percent of invalid matches. These systems
are critical since they are commonly used to forbid certain
actions by non-allowed people. |
|
false reject rate (FRR)
or false non-match rate (FNMR): the probability that the
system incorrectly declares failure of match between the
input pattern and the matching template in the database.
It measures the percent of valid users who are rejected
as impostors. |
|
receiver (or relative) operating
characteristic (ROC): In general, the matching algorithm
performs a decision using some parameters (e.g. a threshold).
In real-world biometric systems the FAR and FRR can typically
be traded off against each other by changing those parameters.
We obtain the ROC plot by graphing the values of FAR and
FRR, changing the variables implicitly. A common variation
is the Detection error trade-off (DET), which is obtained
using normal deviate scales on both axes. This more linear
graph illuminates the differences for higher performances
(rarer errors). |
|
Cequal error rate (EER):
the rate at which both accept and reject errors are equal.
The best way to show the performance of a biometric system
is by using a ROC or DET plot because they show clearly
how FAR and FRR can be changed. However, if we want to
quickly compare two systems, the ERR is commonly used.
It can be obtained from the ROC plot by taking the point
where FAR and FRR have the same value. The lower the EER,
the more accurate the system is considered to be. |
|
failure to enroll rate (FTE
or FER): the percentage of people who fail to enroll in
the system. Failure to enroll happens when the data obtained
by the sensor are considered invalid. |
|
failure to capture rate
(FTC): Within automatic systems, the probability that
the system fails to detect a biometric characteristic
if it is presented to it correctly. |
|
template capacity: the maximum
number of people it is possible to discriminate. If we
use a template of n bits and if we choose the features
so that each individual generates a different template,
then we could ideally discriminate 2n individuals. Unfortunately,
we can't find such ideal features and we have to consider
noise and a certain range of uncertainty, so the actual
template capacity will be much smaller than 2n. |
|
|
 |
|
One simple but artificial way
to judge a system is by EER, but not all the authors provided
it. Moreover, there are two particular values of FAR and FRR
to show how one parameter can change depending on the other.
For fingerprint there are two different results, the one from
2003 is older but it was performed on a huge set of people,
while in 2004 much less people were involved but stricter conditions
have been applied. For iris, both references belong to the same
year, but one was performed on more people, the other one is
the result of a competition between several universities so,
even if the sample is much smaller, it could reflect better
the state of art of the field. |
|
Issues and concerns |
|
As with many interesting and powerful
developments of technology, there are concerns about biometrics.
The biggest concern is the fact that once a fingerprint or other
biometric source has been compromised it is compromised for
life, because users can never change their fingerprints. A theoretical
example is a debit card with a personal Identification Number
(PIN) or a biometric. Some argue that if a person's biometric
data is stolen it might allow someone else to access personal
information or financial accounts, in which case the damage
could be irreversible. However, this argument ignores a key
operational factor intrinsic to all biometrics-based security
solutions: biometric solutions are based on matching, at the
point of transaction, the information obtained by the scan of
a "live" biometric sample to a pre-stored, static
"match template" created when the user originally
enrolled in the security system. Most of the commercially available
biometric systems address the issues of ensuring that the static
enrollment sample has not been tampered with (for example, by
using hash codes and encryption), so the problem is effectively
limited to cases where the scanned "live" biometric
data is hacked. Even then, most competently designed solutions
contain anti-hacking routines.
For example, the scanned "live" image is virtually
never the same from scan to scan owing to the inherent plasticity
of biometrics; so, ironically, a "replay" attack
using the stored biometric is easily detected because it is
too perfect a match.
The television program Myth busters attempted to break into
a commercial security door equipped with biometric authentication
as well as a personal laptop so equipped. While the laptop's
system proved more difficult to bypass, the advanced commercial
security door with "live" sensing was fooled with
a printed scan of a fingerprint after it had been licked.
Assuming the tested security door is representative of the
current typical state of biometric authentication, that it
was so easily bypassed suggests biometrics may not yet be
reliable as a strong form of authentication.
|
|
Use of biometrics in schools |
|
Starting in the early 2000s, the
use of biometrics in schools has become widespread, particularly
in the UK and USA. A number of justifications are given for
such practices, including struggling against truancy, and replacing
library cards or meal cards by fingerprinting systems. Opponents
of school biometrics have raised privacy concerns against the
creation of databases that would progressively include the entire
population.
|
|
Sociological concerns |
|
As technology advances, and time
goes on, more and more private companies and public utilities
will use biometrics for safe, accurate identification. However,
these advances will raise many concerns throughout society,
where many may not be educated on the methods. Here are some
examples of concerns society has with biometrics:
|
|
|
Physical - Some believe
this technology can cause physical harm to an individual
using the methods, or that instruments used are unsanitary.
For example, there are concerns that retina scanners might
not always be clean. |
|
Personal Information - There
are concerns whether our personal information taken through
biometric methods can be misused, tampered with, or sold,
e.g. by criminals stealing, rearranging or copying the
biometric data. Also, the data obtained using biometrics
can be used in unauthorized ways without the individual's
consent. |
|
|
Danger to owners of secured items
|
|
When thieves cannot get access
to secure properties, there is a chance that the thieves will
stalk and assault the property owner to gain access. If the
item is secured with a biometric device, the damage to the owner
could be irreversible, and potentially cost more than the secured
property. In 2005, Malaysian car thieves cut off the finger
of a Mercedes-Benz S-Class owner when attempting to steal the
car.
|
|
Uses and initiatives
Brazil
|
|
Since the beginning of the 20th
century, Brazilian citizens have user ID cards. The decision
by the Brazilian government to adopt fingerprint-based biometrics
was spearheaded by Dr. Felix Pacheco at Rio de Janeiro, at that
time capital of the Federative Republic. Dr. Pacheco was a friend
of Dr. Juan Vucetich, who invented one of the most complete
tenprint classification systems in existence. The Vucetich system
was adopted not only in Brazil, but also by most of the other
South American countries. The oldest and most traditional ID
Institute in Brazil (Instituto de Identificação
Félix Pacheco) was integrated at DETRAN (Brazilian equivalent
to DMV) into the civil and criminal AFIS system in 1999.
Each state in Brazil is allowed to print its own ID card,
but the layout and data are the same for all of them. The
ID cards printed in Rio de Janeiro are fully digitized using
a 2D bar code with information which can be matched against
its owner off-line. The 2D bar code encodes a color photo,
a signature, two fingerprints, and other citizen data. This
technology was developed in 2000 in order to enhance the safety
of the Brazilian ID cards.
By the end of 2005, the Brazilian government started the
development of its new passport. The new documents started
to be released by the beginning of 2007, at Brasilia-DC. The
new passport included several security features, like Laser
perforation, UV hidden symbols, security layer over variable
data and etc.. Brazilian citizens will have their signature,
photo, and 10 rolled fingerprints collected during passport
requests. All of the data is planned to be stored in ICAO
E-passport standard. This allows for contact less electronic
reading of the passport content and Citizens ID verification
since fingerprint templates and token facial images will be
available for automatic recognition.
|
|
United States |
|
The United States government has
become a strong advocate of biometrics with the increase in
security concerns in recent years, since September 11, 2001.
Starting in 2005, US passports with facial (image-based) biometric
data were scheduled to be produced. Privacy activists in many
countries have criticized the technology's use for the potential
harm to civil liberties, privacy, and the risk of identity theft.
Currently, there is some apprehension in the United States (and
the European Union) that the information can be "skimmed"
and identify people's citizenship remotely for criminal intent,
such as kidnapping. There also are technical difficulties currently
delaying biometric integration into passports in the United
States, the United Kingdom, and the rest of the EU. These difficulties
include compatibility of reading devices, information formatting,
and nature of content (e.g. the US currently expect to use only
image data, whereas the EU intends to use fingerprint and image
data in their passport RFID biometric chip(s)).
The speech made by President Bush on May 15, 2006, live from
the Oval Office, was very clear: from now on, anyone willing
to go legally in the United States in order to work there
will be card-indexed and will have to communicate his fingerprints
while entering the country. Many foreigners will have to subject
themselves to these procedures, formerly only imposed to criminals
and to spies, not to immigrants and visitors, and even less
to citizens.
"A key part of that system [for verifying documents
and work eligibility of aliens] should be a new identification
card for every legal foreign worker. This card should use
biometric technology, such as digital fingerprints, to make
it tamper-proof." President George W Bush (Addresses
on Immigration Reform, May 15, 2006)
The US Department of Defense (DoD) Common Access Card, is
an ID card issued to all US Service personnel and contractors
on US Military sites. This card contains biometric data and
digitized photographs. It also has laser-etched photographs
and holograms to add security and reduce the risk of falsification.
There have been over 10 million of these cards issued.
According to Jim Wayman, director of the National Biometric
Test Center at San Jose State University, Walt Disney World
is the nation's largest single commercial application of biometrics.
However, the US Visit program will very soon surpass Walt
Disney World for biometrics deployment.
|
|
Germany |
|
The biometrics market in Germany
will experience enormous growth until 2009. The market
size will increase from approximately 12 million € (2004)
to 377 million € (2009). The federal government
will be a major contributor to this development. In particular,
the biometric procedures of fingerprint and facial recognition
can profit from the government project. In May 2005 the German
Upper House of Parliament approved the implementation of the
ePass, a passport issued to all German citizens which contain
biometric technology. The ePass has been in circulation since
November 2005, and contains a chip that initially will hold
a digital photo of the holder's face. Starting in March
2007, fingerprints also will be stored on the chips one
from each hand. A third biometric identifier
iris scans could be added at a later stage. An
increase in the prevalence of biometric technology in Germany
is an effort to not only keep citizens safe within German borders
but also to comply with the current US deadline for visa-waiver
countries to introduce biometric passports. In addition to producing
biometric passports for German citizens, the German government
has put in place new requirements for visitors for apply for
visas within the country. Only applicants for long-term
visas, which allow more than three months' residence, will be
affected by the planned biometric registration program. The
new work visas will also include fingerprinting, iris scanning,
and digital photos.
Germany is also one of the first countries to implement biometric
technology at the Olympic Games to protect German athletes.
The Olympic Games is always a diplomatically tense affair
and previous events have been rocked by terrorist attacks
- most notably when Germany last held the Games in Munich
in 1972 and 11 Israeli athletes were killed.
Biometric technology was first used at the Olympic Summer
Games in Athens, Greece in 2004. On registering with
the scheme, accredited visitors will receive an ID card containing
their fingerprint biometrics data that will enable them to
access the 'German House'. Accredited visitors will include
athletes, coaching staff, team management and members of the
media.
|
|
Australia |
|
Visitors intending to visit Australia
may soon have to submit to biometric authentication as part
of the Smartgate system, linking individuals to their visas
and passports. Biometric data are already collected from some
visa applicants by Immigration. Other applications include authentication
of gym users etc.
|
|
Israel |
|
Biometrics have been used extensively
in Israel for several years. The border crossing points from
Israel to the Gaza Strip and West Bank are controlled by gates
through which authorized Palestinians may pass. Thousands of
Palestinians (upwards of 90,000) pass through the turnstiles
every day to work in Israel, and each of them has an ID card
which has been issued by the Israeli Military at the registration
centers. At peak periods more than 15,000 people an hour pass
through the gates. The ID card is a smartcard with stored biometrics
of fingerprints, facial geometry and hand geometry. In addition
there is a photograph printed on the card and a digital version
stored on the smartcard chip.
Tel Aviv Ben Gurion Airport has a frequent flyer's fast check-in
system which is based on the use of a smartcard which holds
information relating to the holders hand geometry and fingerprints.
For a traveller to pass through the fast path using the smartcard
system takes less than 10 seconds.
The Immigration Police at Tel Aviv Airport use a system of
registration for foreign workers that utilises fingerprint,
photograph and facial geometry which is stored against the
Passport details of the individual. There is a mobile version
of this which allows the police to check on an individual's
credentials at any time.
|
|
Iraq |
|
Biometrics are being used extensively
in Iraq to catalogue as many Iraqis as possible providing Iraqis
with a verifiable identification card, immune to forgery. During
account creation, the collected biometrics information is logged
into a central database which then allows a user profile to
be created. Even if an Iraqi has lost their ID card, their identification
can be found and verified by using their unique biometric information.
Additional information can also be added to each account record,
such as individual personal history. This can help American
forces determine whether someone has been causing trouble in
the past. One major system in use in Iraq is called BISA. This
system uses a smartcard and a users biometrics (fingerpint,
iris, and face photos) to ensure they are authorized access
to a base or facility.
|
|
Japan |
|
Several banks in Japan have adopted
palm vein authentication technology on their ATMs. This technology
which was developed by Fujitsu, among other companies, proved
to have low false rejection rate (around 0.01%) and a very low
false acceptance rate (less than 0.00008%). |
|
|
 |
|
|
|