Biometric device
A Biometric device is a security identification and authentication device. Such devices use automated methods of verifying or recognising the identity of a living person based on a physiological or behavioural characteristic. These characteristics include fingerprints, facial images, Iris prints and voice recognition.[1]
Origins of biometric devices
Biometric devices have been used by man over a long period of time. Non-automated biometric devices have been used since 500 BC [2] as it was seen that Babylonian business transactions were recorded on clay tablets that included fingerprints. Automation in Biometric devices was first seen in the 1960s.[3] The FBI in the 1960s, introduced the Indentimat, which started checking for fingerprints to maintain criminal records. The first systems measured the shape of the hand and the length of the fingers. Although discontinued in the 1980s, this system set a precedent for future Biometric Devices.
Subgroups of biometric devices
The characteristic of the human body are used to access information by the users. According to these characteristics, the sub-divided groups are:
- Chemical biometric devices
Analyses the segments of the DNA to grant access to the users.
- Visual biometric devices
Analyses the visual features of the humans to grant access which includes IRIS recognition, Face recognition, Finger recognition and Retina Recognition.
- Behavioural biometric devices
Analyses the Walking Ability and Signatures (velocity of sign, width of sign, pressure of sign) distinct to every human.
- Olfactory biometric devices
Analyses the odour to distinguish between varied users.
- Auditory biometric devices
Analyses the voice to determine the identity of a speaker for accessing control.
Uses of biometric devices
Workplace
Biometrics are being used to establish better and accessible records of the hours employee's work. With the increase in "Buddy Punching"[4]( a case where employees clocked out coworkers and fraudulently inflated their work hours) employers have looked towards new technology like fingerprint recognition to reduce such fraud. Additionally, employers are also faced with the task of proper collection of data such as entry and exit times. Biometric devices make for largely foul proof and reliable ways of enabling to collect data as employees have to be present to enter biometric details which are unique to them.
Immigration
As the demand for air travel grows and more people travel, modern day airports have to implement technology in such a way that there are no long queues. Biometrics are being implemented in more and more airports as they enable quick recognition of passengers and hence lead to lower volume of people standing in queue's. One such example is of the Dubai International Airport which plans to make immigration counters a relic of the past as they implement IRIS on the move technology (IOM) which will help the seamless departures and arrivals of passengers at the airport within seconds.[5]
Handheld and personal devices
Thumbprint recognition become accessible to millions with the iPhone 5S. The fingerprint sensor, also called Touch ID is used to unlock the phone, authorise payments and buy app store applications. The biometric protection added another layer of security, removing the ability of people to look over the shoulders of others and read.[6] Since then, all major phone manufacturers like Samsung, Sony and Huawei have implemented similar technology to enhance phone security and enhance user experience.
Present day biometric devices
Personal signature verification systems
This is one of the most highly recognised[7] and acceptable biometric in corporate surroundings. This verification has been taken one step further by capturing the signature while taking into account many parameters revolving around this like the pressure applied while signing, the speed of the hand movement and the angle made between the surface and the pen used to make the signature. This system also has the ability to learn from users as signature styles vary for the same user. Hence by taking a sample of data, this system is able to increase its own accuracy.
Iris recognition system
Iris recognition involves the device scanning the retina of the subject and then cross referencing that to data stored on the database. It is one of the most accurate forms of authentication as while fingerprints can be left behind on surfaces, iris prints are extremely hard to be stolen. Iris recognition is widely applied by organisations dealing with the masses, one being the aadhar identification carried out by the Indian government to keep records of its population. The reason for this is that Iris system make use of iris prints of humans which hardly evolve during ones lifetime and are extremely stable.
Problems with present day biometric devices
Biometric spoofing
Biometric spoofing is a method of fooling[8] a biometric identification management system, where a counterfeit mold is presented in front of the biometric scanner. This counterfeit mold emulates the unique biometric attributes of an individual so as to confuse the system between the artifact and the real biological target and gain access to sensitive data/materials.
One such high profile case of Biometric spoofing came to the limelight when it was found that German Defence Minister, Ursula von der Leyen's fingerprint had been successfully replicated [9] by the Chaos Computer Club Group. The group used high quality camera lenses and shot images from 6 feet away. They used a professional finger software and mapped the contours of the Ministers thumbprint. Although progress has been made to stop spoofing. Using the principle of pulse oximetry[10]- the liveliness of the test subject is taken into account by measure of blood oxygenation and the heart rate. This reduces attacks like the one's mentioned above, although these methods arent commercially applicable as costs of implementation are high. This reduces their real world application and hence makes biometrics insecure until these methods are commercially viable.
Accuracy
Accuracy is a major issue with Biometric Devices and a major reason why corporations and people are hesitant to implement them deeper into their working. Passwords are still extremely popular because a password is static in nature while Biometric Data can be subject to change (persons voice becoming heavier due to puberty, accidents to the face could lead to improper reading of facial scan data). When testing voice recognition as a substitute to pin based systems,Barclays reported [11] that their voice recognition system is 95 percent accurate- this statistic means that many of its customers voice might still not be recognised even when correct. This uncertanity revolving around the system could lead to slower adoption of biometric devices and continue reliance on traditional password based methods.
Benefits of biometric devices over traditional methods of authentication
- Biometric data cannot be lent and hacking of Biometric data is complicated [12] hence it makes it safer to use than traditional methods of authentication like passwords which can be lent and shared. Passwords don't have the ability to judge the user but rely only on the data provided by the user, which can easily be stolen while Biometrics work on the uniqueness of each individual.
- Passwords can be forgotten and recovering them can take time, whereas Biometric devices rely on biometric data which tends to be unique to a person, hence there is no risk of forgetting the authentication data. A study conducted among Yahoo users found that at least 1.5 percent [13] of Yahoo users forgot their passwords every month, hence this makes accessing services more lengthy for consumers as the process of recovering passwords is lengthy. These shortcomings make Biometric devices more efficient and reduces effort for the end user.
Future of biometric devices
Researchers are now targeting the drawbacks of present-day biometric devices and developing to reduce problems like biometric spoofing and inaccurate intake of data. Technologies which are being developed are-
- The United States Military academy are developing an algorithm [14] that allows identification through the ways each individual interacts with their own computers; this algorithm considers unique traits like typing speed, rhythm of writing and common spelling mistakes. This data allows the algorithm to create a unique profile for each user by combining their multiple behavioural and stylometric information. This can be very difficult to replicate collectively.
- A group of Japanese Researchers have created a system [15] which uses 400 sensors in a chair to identify the contours and unique pressure points of a person. This derrière authenticator, still undergoing massive improvements and modifications, is claimed to be 98 percent accurate and is seen to have application in anti theft device mechanisms in cars.
References
- ↑ Wayman, James; Jain, Anil.; Maltonie, Davide.; Maio, Dario (2005). An Introduction to Biometric Authentication Systems. Boston, MA: Springer London. pp. 1–20. ISBN 978-1-85233-596-0.
- ↑ Mayhew, Stephen. biometricupdate.com http://www.biometricupdate.com/201501/history-of-biometrics. Retrieved 24 October 2015. Missing or empty
|title=
(help) - ↑ Zhang, David. Automated Biometrics: Technologies and Systems. Springer Science & Business Media. p. 7. ISBN 9781461545194.
- ↑ R, Josphineleela; Ramakrishnan, Dr.M. (March 2012). "An Efficient Automatic Attendance System Using Fingerprint Reconstruction Technique" (PDF). International Journal of Computer Science and Information Security 10 (3): 1. Retrieved 26 October 2015.
- ↑ Basit, Abdul (20 October 2015). "Dubai Airport without immigration counters?". Khaleej Times. Retrieved 28 October 2015.
- ↑ Kingsley-Hughes, Adrian. "iPhone 5s with Touch ID is a big win for BYOD security". ZDnet. Retrieved 28 October 2015.
- ↑ M.M Fahmy, Maged (5 November 2010). "Online handwritten signature verification system based on DWT features extraction and neural network classification" (PDF). Ain Shams Engineering Journal 1 (1): 59–70. doi:10.1016/j.asej.2010.09.007. Retrieved 4 November 2015.
- ↑ Trader, John. "Liveness Detection to Fight Biometric Spoofing". http://blog.m2sys.com/. Retrieved 4 November 2015. External link in
|website=
(help) - ↑ "German minister fingered as hacker 'steals' her thumbprint from a PHOTO". The Register. 29 Dec 2014. Retrieved 21 October 2015.
- ↑ Reddy, P.V; Kumar, A; Rahman, S; Mundra, T.S. "A New Antispoofing Approach for Biometric Devices". EEE TRANSACTIONS ON BIOMEDICAL CIRCUITS AND SYSTEMS 2 (4): 328–337. doi:10.1109/tbcas.2008.2003432. Retrieved 23 October 2015.
- ↑ "Say goodbye to the pin: voice recognition takes over at Barclays Wealth". The Telegraph. Retrieved 22 October 2015.
- ↑ O’Gorman, Lawrence. "Comparing Passwords, Tokens, and Biometrics for User Authentication". Proceedings of the IEEE 91 (12): 2021–2040. doi:10.1109/jproc.2003.819611. Retrieved 30 October 2015.
- ↑ Florencio, Dinei; Herley, Cormac. "A Large-Scale Study of Web Password Habits". WWW 2007 / Track: Security, Privacy, Reliability, and Ethics: 657. doi:10.1145/1242572.1242661.
- ↑ Funk, Wolfgang; Arnold, Michael; Busch, Christoph; Munde, Axel. "Evaluation of Image Compression Algorithms for Fingerprint and Face Recognition Systems". 2005 IEEE Information Assurance Workshop.
- ↑ Malenkovich, Serge. "10 Biometric Security Codes of the Future". kaspersky.com. Retrieved 28 October 2015.