Biometric device explained

A biometric device is a security identification and authentication device. Such devices use automated methods of verifying or recognising the identity of a living person based on a physiological or behavioral characteristic. These characteristics include fingerprints, facial images, iris and voice recognition.[1]

History

Biometric devices have been in use for thousands of years. Non-automated biometric devices have in use since 500 BC,[2] when ancient Babylonians would sign their business transactions by pressing their fingertips into clay tablets.

Automation in biometric devices was first seen in the 1960s.[3] The Federal Bureau of Investigation (FBI) in the 1960s, introduced the Indentimat, which started checking for fingerprints to maintain criminal records. The first systems measured the shape of the hand and the length of the fingers. Although discontinued in the 1980s, the system set a precedent for future Biometric Devices.

Types of biometric devices

There are two categories of biometric devices,

  1. Contact Devices - These types of devices need contact of body part of live persons. They are mainly fingerprint scanners, either single fingerprint, dual fingerprint or slap (4+4+2) fingerprint scanners, and hand geometry scanners.
  2. Contactless Devices - These devices don't need any type of contact. The main examples of these are face, iris, retina and palm vein scanners and voice identification devices.

Subgroups

The characteristic of the human body is used to access information by the users. According to these characteristics, the sub-divided groups are

Uses

Workplace

Biometrics are being used to establish better and accessible records of the hour's employee's work. With the increase in "Buddy Punching"[4] (a case where employees clocked out coworkers and fraudulently inflated their work hours) employers have looked towards new technology like fingerprint recognition to reduce such fraud. Additionally, employers are also faced with the task of proper collection of data such as entry and exit times. Biometric devices make for largely fool proof and reliable ways of enabling to collect data as employees have to be present to enter biometric details which are unique to them.

Immigration

As the demand for air travel grows and more people travel, modern-day airports have to implement technology in such a way that there are no long queues. Biometrics are being implemented in more and more airports as they enable quick recognition of passengers and hence lead to lower volume of people standing in queues. One such example is of the Dubai International Airport which plans to make immigration counters a relic of the past as they implement IRIS on the move technology (IOM) which should help the seamless departures and arrivals of passengers at the airport.[5]

Handheld and personal devices

Fingerprint sensors can be found on mobile devices. The fingerprint sensor is used to unlock the device and authorize actions, like money and file transfers, for example. It can be used to prevent a device from being used by an unauthorized person. It is also used in attendance in number of colleges and universities.

Present day biometric devices

Personal signature verification systems

This is one of the most highly recognised[6] and acceptable biometrics in corporate surroundings. This verification has been taken one step further by capturing the signature while taking into account many parameters revolving around this like the pressure applied while signing, the speed of the hand movement and the angle made between the surface and the pen used to make the signature. This system also has the ability to learn from users as signature styles vary for the same user. Hence by taking a sample of data, this system is able to increase its own accuracy.

Iris recognition system

Iris recognition involves the device scanning the pupil of the subject and then cross referencing that to data stored on the database. It is one of the most secure forms of authentication, as while fingerprints can be left behind on surfaces, iris prints are extremely hard to be stolen. Iris recognition is widely applied by organisations dealing with the masses, one being the Aadhaar identification carried out by the Government of India to keep records of its population. The reason for this is that iris recognition makes use of iris prints of humans, which hardly evolve during one's lifetime and are extremely stable.

Problems with present day biometric devices

Biometric spoofing

Biometric spoofing is a method of fooling[7] a biometric identification management system, where a counterfeit mold is presented in front of the biometric scanner. This counterfeit mold emulates the unique biometric attributes of an individual so as to confuse the system between the artifact and the real biological target and gain access to sensitive data/materials.

One such high-profile case of Biometric spoofing came to the limelight when it was found that German Defence Minister, Ursula von der Leyen's fingerprint had been successfully replicated[8] by Chaos Computer Club. The group used high quality camera lenses and shot images from 6 feet away. They used a professional finger software and mapped the contours of the Ministers thumbprint. Although progress has been made to stop spoofing. Using the principle of pulse oximetry[9] — the liveliness of the test subject is taken into account by measure of blood oxygenation and the heart rate. This reduces attacks like the ones mentioned above, although these methods aren't commercially applicable as costs of implementation are high. This reduces their real world application and hence makes biometrics insecure until these methods are commercially viable.

Accuracy

Accuracy is a major issue with biometric recognition. Passwords are still extremely popular, because a password is static in nature, while biometric data can be subject to change (such as one's voice becoming heavier due to puberty, or an accident to the face, which could lead to improper reading of facial scan data). When testing voice recognition as a substitute to PIN-based systems, Barclays reported[10] that their voice recognition system is 95 percent accurate. This statistic means that many of its customers' voices might still not be recognised even when correct. This uncertainty revolving around the system could lead to slower adoption of biometric devices, continuing the reliance of traditional password-based methods.

Benefits of biometric devices over traditional methods of authentication

Future

Researchers are targeting the drawbacks of present-day biometric devices and developing to reduce problems like biometric spoofing and inaccurate intake of data. Technologies which are being developed are-

Notes and References

  1. Book: Wayman, James . Jain, Anil. . Maltonie, Davide. . Maio, Dario. An Introduction to Biometric Authentication Systems. Springer London. 2005. Boston, MA. 1–20. 978-1-85233-596-0.
  2. Web site: Mayhew. Stephen. History of Biometrics. biometricupdate.com. 24 October 2015. 14 January 2015. https://web.archive.org/web/20151214145147/http://www.biometricupdate.com/201501/history-of-biometrics. 14 December 2015. live.
  3. Book: Zhang. David. Automated Biometrics: Technologies and Systems. Springer Science & Business Media. 9781461545194. 7. 2013-11-11.
  4. Web site: What is Buddy Punching? How to Prevent it [Updated 2021] ]. 2023-08-29 . quickbooks.intuit.com . en.
  5. News: Basit. Abdul. Dubai Airport without immigration counters?. 28 October 2015. Khaleej Times. 20 October 2015.
  6. M.M. Fahmy. Maged. Online handwritten signature verification system based on DWT features extraction and neural network classification. Ain Shams Engineering Journal. 5 November 2010. 1. 1. 59–70. 10.1016/j.asej.2010.09.007. free.
  7. Web site: Trader. John. Liveness Detection to Fight Biometric Spoofing. 4 November 2015. 2014-07-22.
  8. News: German minister fingered as hacker 'steals' her thumbprint from a PHOTO. 21 October 2015. The Register. 29 Dec 2014.
  9. Reddy. P.V. Kumar. A. Rahman. S. Mundra. T.S. A New Antispoofing Approach for Biometric Devices. IEEE Transactions on Biomedical Circuits and Systems. 2. 4. 328–337. 10.1109/tbcas.2008.2003432. 23853135. 2008. 10.1.1.141.6902. 8908501.
  10. News: Say goodbye to the pin: voice recognition takes over at Barclays Wealth. The Telegraph. 22 October 2015. 2013-05-08. Warman. Matt.
  11. O’Gorman. Lawrence. Comparing Passwords, Tokens, and Biometrics for User Authentication. Proceedings of the IEEE. 91. 12. 2021–2040. 10.1109/jproc.2003.819611. 2003. 11397126.
  12. Book: Florencio. Dinei. Herley. Cormac . A large-scale study of web password habits. Proceedings of the 16th international conference on World Wide Web - WWW '07. 657. 10.1145/1242572.1242661 . 2007. 9781595936547. 10.1.1.75.8414. 10648989.
  13. Funk. Wolfgang. Arnold. Michael. Busch. Christoph. Munde. Axel. Evaluation of Image Compression Algorithms for Fingerprint and Face Recognition Systems. 2005 IEEE Information Assurance Workshop.
  14. K. U. Okereafor, C. Onime and O. E. Osuagwu, "Multi-biometric Liveness Detection - A New Perspective," West African Journal of Industrial and Academic Research, vol. 16, no. 1, pp. 26 - 37, 2016 (https://www.ajol.info/index.php/wajiar/article/view/145878)
  15. K. U. Okereafor, C. Onime and O. E. Osuagwu, "Enhancing Biometric Liveness Detection Using Trait Randomization Technique," 2017 UKSim-AMSS 19th International Conference on Modelling & Simulation, University of Cambridge, Conference Proceedings, pp. 28 – 33, 2017 (http://uksim.info/uksim2017/CD/data/2735a028.pdf)
  16. Web site: Malenkovich. Serge. 10 Biometric Security Codes of the Future. kaspersky.com. 24 December 2012 . 28 October 2015.