Biometrics involves the identification of an individual based on their physical or behavioral characteristics. This idea is very different from conventional ways of accessing information. Biometrics requires that specific person to be present in order to be granted access.Biometrics is broken down into two sub groups. Although both are used for the same purpose, they involve different technologies. The first group, physiological biometrics includes iris, fingerprint, hand and face scans. Physiological biometrics, work by sending a scan of the required body part through a numeric encryption. This process of encryption is called an algorithm. For example, for a fingerprint scan every part of the print would go through a numeric computer encryption, meaning that the ridges, dots and pressure points of the print would be reviewed. Next it is broken down into a digital template. Then the computer determines if the print is already in the database. If the print is in the system then access will be granted, if not then access is denied. Physiological biometrics proves to be more reliable due to the fact that physical traits do not normally change. The other type of biometrics deals with behavioral traits or patterns. Behavioral biometrics includes voice, signature and key strokes. Although these patterns and traits are stored and used almost the same way as the physiological biometrics, behavioral are updated more frequently. Also, these algorithms must be aware that the user’s voice may be different depending on the weather and illness. Determining which is more useful or appropriate depends on the situation.
Types of biometrics:
Finger Geometry Recognition
Hand Geometry Recognition
Problems and Concerns
Biometrics can have many benefits to us, but many drawbacks at the same time. A place where biometrics can flourish would greatly benefit our society. For example, instead of paying cash at the grocery store, you could simply have the clerk scan your iris or fingerprint to pay right onto your account. Almost like you wouldn't even need to carry a driver's license or credit cards of any kind. There would be no more counting of ballots in elections, instead a digital voting mechanism could be implemented. Results would then be a lot more accurate and precise.
However, there is a downside to all of this biometric talk. One of the main problems facing the growth of biometrics is that the cost of identification devices are currently very high, and that people are very hesitant to trust giving a peice of themselves to a machine. Another issue is that biometrics has always been used in cases with criminals and when we then would start using these identification technologies on every day citizens, it could give innocent civilians guilt or presents them with a lot of uncertainty. Perhaps then the strongest agrument against the implementation of biometrics is that people would have to enter their personal information into machines, and there's a big chance they could enter the wrong information. All of your information could be miss-entered into the system then you would not be able to scan your retina or scan your fingerprint at the grocery story. Employees at stores would become greatly frustrated along with customers. The fact of the matter is that with biometrics, comes a lot of risks.
A world of biometric saturation, as in a world of extreme surveillance, may not allow us to breathe and be ourselves. We may go through the whole day knowing that the only place that we can truly live, is at home. Corporation will undoubtedly fight for the right to use biometrics to same money and increase security, but will the employees stand for it. These questions will be answered soon enough.
A major concern with the implimentation of biometrics is a concern for privacy. There are several aspects of privacy that may be affected. First, there is privacy of an actual person. Obtaining biometric information is not simply data about a person but very unique information of a person. It is information that can only be referenced to only that particular individual. Obtaining this data can often be viewed as intrusive, with participants often unaware data is being captured. Certain types, such as faces, fingerprints, or voices can be easily taken without knowledge.
Another imortant aspect is the storage and use of the information once it is obtained. Biometrics involves personal and valuable data that many individuals do not want compromised in any way. Once the information is out there, people expect to continue to have control over it, keeping it available to only certain people and protecting it from unauthorized use. Individuals want to be aware of privacy protection and trustworthy of the database's security. This information should not be accessible to any third party without consent.
Another concern about the use of biometrics is sanitation. There are worries that scanners will not be cleaned properly and will spread germs, perhaps even disease. In one case noted by Cecelia McCarthy, official for the Organization of Staff Analysts, there were worker complaints after another colleague was asked to remove bandages and place a wounded finger on a hand scanner.
A counter argument that is being made for the sanitation issue is that after you place your finger or hand on a scanner you are opening the door or touching other objects that are just as much of a threat to sanitation.
There are several instances in which information collected may not be reliable or usable. There are various reasons for these errors. Problems could occur in the acquisition of the information. This could involve inadequate instruments used to obtain information, environmental states during which the data is obtained, unavailable features, inconistent measures of a feature, or the person for whom the data obtained is associated with is not correct. These implications can result in inaccurate results.
Certain things can be done to reduce risks of inaccuracy, such as obtaining several samples to store. Most biometric systems include countermeasures. These help to protect against common fraudulent attempts, such as an artificial fingerprint.
All biometric systems have a tolerance range that allows for inaccuracies. This produces both false negatives, in which the correct person is denied, and false positives, in which the wrong person is verified. The tolerance level of a particular system influences the number of false positives and negatives. If a system has low tolerance it will most likely produce more false negatives, whereas a system with a more relaxed tolerance will produce more false positives.
Biometrics provides you with a password that no one can share with you. In the work force today, passwords can sometimes be easily obtained from other employees. However, what's great about biometrics, is that it serves as a password that cannot be obtained from those around you. For example, biometrics uses retna scans, fingerprint scans, and so forth. They are items found only on your own body, and no one elses.
But as we all know - any password can be cracked. To make user authentication more secure, user should be identified not by "what he/she knows" but by "who he/she is"-a unique identifier, which cannot be easily hacked and cannot be passed to another user. Biometrics makes this technology possible.
Biometrics is a field of technology which has been and is being used in the identification of individuals based on some physical attribute. As funding for research has permitted there has been an effort by several tech companies to develop standards for hardware and software that would be used throughout the industry in further development within this area. The purpose of this paper will be to look at the use of biometrics technology to determine how secure it might be in authenticating users, and how the users job function or role would impact the authentication.
As a professional "pro", biometrics can improve many aspects of a business. It is more cost effective in the long run because ID cards or other forms of identification do not have to be created. As well as fast and efficient entrance and exits in work areas. Also, the impact on marketing is extreme. Through biometric useage, marketers will be able to identify the specific and frequent needs of individuals and categorize them into groups. These groups can then be recommended to other products that are similar or are often bought in conjunction with their original products. More needs can be met and prices can be lowered because stores would already know what and how much u buy of certain products.
According to Phil Libin, there is always a catch for every type of biometric: "A small minority of people have fingerprints that are very difficult to enroll. Certain serious deiseases of the eye make eye recognition impossible. Some disable individuals do not have the necessary use of their hands or voice to perform hand geometry or voice pattern matching. These natural limitations mean that biometric systems covering large populations, no matter how accurately tuned must usually be installed with backup authentication methods."
This is to say, until the technological kinks have been worked out and all users can be served most biometrics will be used in tandem with conventional access keys (PINs, passwords, metal keys, and the like) to double-check one's identity.
- In December 2004, The French Civil Aviation Authority ran a six month analysis of fingerprint, iris, and facial-recognition data collected from several airports from October - December 2004. This was done to discern which type of biometric technology was most reliable for each airport and to let them choose which technologies to implement.
- A number of French organizations have campaigned against compulsory biometric ID card which would contain a photograph and fingerprints, as well as data such as civil status.
- Japanese banks have recently implemented ATMs that scan the unique vein patterns in the palm. The scanner is contactless, meaning any sanitation concerns would be eliminated.
- London's Heathrow airport began using iris scanning in March 2006. The technology has since expanded to Birmingham, Manchester, and Gatwick airports.
- Perhaps the most well known use of biometrics in America is in Disney World in the form of fingerprint scans. January 2, 2005 marked the beginning of widespread use of fingerprint scans at Disney World in order to track visitors entering the theme park. The scans have since been updated from the two-finger finger geometry scan to the newer one-finger scan. The implementation of biometrics at theme parks bring up the issues of proportionality: whether or not the type and amount of information collected equals the level of security an organization is looking for.
- On June 14, 2004 President Bush signed H. R. 4417, the Visa Waiver Program (VWP) which requires countries to include biometrics in passports. On July 22, 2004 H.R. 4417 was also signed by the Senate. This requires that all passports be machine readable, have two digital index finger scans and a digital photograph.
Abernathy, William and Lee Tien. "Who's Watching You?" Biometrics. Electronic Frontier Foundation. 2 Apr 2007 <http://www.eff.org/Privacy/Surveillence/biometrics>.
Baker, A. Duffy. "Pentagon Endorses Biometrics To Enhance Computer Security." National Defense- NDIA's Business & Technology Magazine June 2001 2 Feb 2007 <http://www.nationaldefensemagazine.org/issues/2001/Jun/Pentagon_Endorses.htm>.
Chan, Sewell. "New Scanners for Tracking City Workers." The New York Times 23 Jan 2007 6 Feb 2007 <http://www.nytimes.com/2007/01/23/nyregion.html>.
Clarke, Roger. "Biometrics' Inadequacies and Threats, and the Need for Regulation." April 15, 2002. 2 Apr 2007 <http://www.anu.edu.au/people/Roger.Clarke/DV/BiomThreats.html>.
Ereli, Adam. "Extention of Requirement for Biometric Passport Issuance by Visa Waiver Program Countries." U.S. Department of State 10 Aug 2004 20 Feb 2007 <http://www.state.gov/r/pa/prs/ps/2004/35066.htm>.
"Fujitsu Palm Vein Technology." 09 Apr 2007. Fujitsu. 10 Apr 2007 <http://www.fujitsu.com/global/about/rd/200506palm-vein.html>.
Harmel, Karen. "Walt Disney World: The Government's Tomorrowland?." Data Dilemma: Privacy in an Age of Security. 01 Sep 2006. Newsinitiative.org. 4 Apr 2007 <http://newsinitiative.org/story/2006/09/01/walt_disney_world_the_governments>.
Libin, Phil. "A Practical summary of the advantages and drawbacks of today's biometric systems for mainstream consumers." ASSA ABLOY. 2005. 10 Apr 2007 <http://www.assaabloyfuturelab.com/399.epibrw>.
Marzouki, Meryem. "French campaign against biometric ID card." Digital Civil Rights in Europe. 02 June 2005. European Digital Rights. 08 Apr 2007 <http://www.edri.org/edrigram/number3.11/biometrics>.
Simpson, Gemma. "UK airport launches biometric security." ZDNet Australia. 07 Feb 2007. 05 Apr 2007 <http://www.zdnet.com.au/news/security/soa/UK_airport_launches_biometric_security/0,130061744,339273467,00.htm>.
Social and Industrial Aspects. 13 February 2001. Penn State University, 13 February 2001. http://www.cs.indiana.edu/~zmcmahon/biometrics-history.htm
"Theme Parks and Your Privacy." Theme Parks and Surveillance Technology. 12 Oct 2005. Electronic Privacy Information Center. 9 Apr 2007 <http://www.epic.org/privacy/themepark/>.
"Types of Biometrics." Biometrics Institute, Ltd. 5 Apr 2005. Biometric Institute. 4 Apr 2007 <http://www.biometricsinstitute.org/>
Zimmerman, Michael. "Biometrics" 3/24/04. SecurityDocs.com www.securitydocs.com/biometrics