Biometrics: Authentication and Identification Methods
What is Biometrics?
Biometrics is the observation of characteristics of the human body for the purpose of identification (recognition). It involves the automated recognition of individuals based on their behavioral (function of the body) and biological (structure of the body) characteristics.
Authentication Methods
Authentication can be achieved by:
- Something you know: Password, PIN, or other secret
- Something you own: SmartCard, USB token, or key
- Something you are: Body characteristics
Why Biometric Authentication is Better Than PINs
The entropy of a 4 or 6-digit PIN is very limited (less than 20 bits), whereas the entropy for different biometric characteristics is significantly higher:
- Fingerprints: 84 bits
- Iris: 249 bits
- Face: 56 bits
- Voice: 127 bits
Biometric authentication enables non-repudiation of transactions, as PINs can be delegated in violation of the security policy.
Biometric Characteristics
Biological
- Fingerprint recognition
- Face recognition
- Retina recognition
- Iris recognition
- Hand geometry recognition
- Vein recognition
- DNA recognition
- Ear / Inner ear acoustic recognition
Behavioral
- Keystroke recognition
- Signature recognition
- Voice recognition
- Body movement recognition (Gait or Lips movements)
- Body odor recognition
Biometric Workflow
Enrollment: An analog or digital representation (biometric sample) of a biometric characteristic of the data subject is recorded and stored for reference.
Recognition: The biometric characteristic is recorded again and compared with the stored reference. If the comparison score exceeds a defined threshold, the captured subject is authenticated.
Security: Background processes check whether the presented biometric characteristic is alive (Presentation Attack Detection or PAD).
Verification vs. Identification
Verification refers to a 1:1 comparison of a biometric characteristic with a stored reference to validate a biometric claim.
Identification refers to a 1:n search for the possible matches of a biometric characteristic of an unknown identity among all references.
Subsystems of a General Biometric System
- Data Capture: Presentation of biometric characteristics and sensor for capture.
- Signal Processing: Quality control, feature extraction, and segmentation. Reference creation can start on the retrieved features.
- Data Storage: Provides an enrollment database for the storage of all references.
- Comparison: Takes a biometric claim and compares it to a reference.
- Decision: Based on comparison scores, decides the verification/identification outcome of the biometric system.
Properties of Biometric Characteristics
- Universality: Every individual should have it.
- Uniqueness: The characteristic is distinctive such that any two individuals are sufficiently different.
- Permanence: The characteristic should be invariant over time.
- Performance: Primarily associated with accuracy (low errors) and not with throughput time.
- Collectability: The characteristic is measurable, and the quantitative result is reproducible.
- Acceptability: Convenient measurement at low cost and unobtrusive for data subjects.
- Circumvention: Hard to collect and replicate a fake biometric characteristic (Security).
Origins of a Biometric Characteristic
- Epigenetic: Biometric characteristics are influenced by one’s parents’ genes and can thus be partly inherited.
- Randotypical: Biometric characteristics are created during pregnancy (early fetal life), remain constant for a lifespan, and are to a large extent the result of a random process.
- Conditioned: Biometric characteristics represent the pattern of one’s behavior and thus can be partly trained and changed.
Biometric Vocabulary
Biometric characteristic: Biological and behavioral characteristic of an individual from which distinguishing, repeatable biometric features can be extracted for the purpose of biometric recognition.
Biometric sample: Analog or digital representation of biometric characteristics prior to biometric feature extraction.
Biometric feature: Numbers or labels extracted from biometric samples and used for comparison.
Comparison score: Numerical value (or set of values) resulting from a comparison.
Biometric template: Set of stored biometric features comparable directly to probe biometric features.
Biometric model: Stored function generated from biometric data.
Probe: Biometric sample or biometric feature set input to an algorithm for use as the subject of biometric comparison to a biometric reference(s).
Comparison: Estimation, calculation, or measurement of similarity or dissimilarity between biometric probe(s) and biometric reference(s).