In the age of Biometric Security taking over the traditional security features, this is a small intro to the Biometric features one can use to enhance the security. The various modalities have been explained.
2. Contents
1. Introduction
2. Basic Components and Working of a Biometric System
3. Biometric Modalities
4. Multimodal Biometric Systems
5. Performance Measurements
6. Biometric System Security
7. Application
3. 1. Introduction
A. What is Biometrics?
Bio + Metrics
B. What is a biometric system?
Technology which takes an individual’s physiological,
behavioral, or both traits as inputs, analyzes it, and then
identifies the individual as a genuine or malicious user.
4. C. Shortcomings of the Conventional Security Aids
Includes ID cards, Personal Identification Numbers(PINs),
passwords.
● Aim to recognize some code set by person rather than the person
itself.
● Easily forgotten, lost or stolen.
● Can be easily bypassed.
● Not precise means of security.
System security is thus threatened and in cases which require high level
of reliable protection, biometrics comes up to the rescue by making the
security more oriented to individual.
5. 2. Basic Components of a Biometric System
A. Input Interface (Sensors)
Eg: Optical sensor for fingerprint systems
A. Processing Unit (Microprocessor, DSPs)
Feature Extraction, Comparing sample to the samples in
database
A. Database Store (Enrolled Sample)
For verification, removable storage element like smart card.
A. Output Interface
Communicates decision of biometric system.
7. 3. Biometric Modalities
A biometric modality is the category of a biometric system depending
upon the type of human trait it takes in as the input.
The biometrics is largely statistical. The more the data available from the
samples, the more the system is likely to be unique and reliable.
There are various traits present in humans, which can be used as
biometrics modalities. The biometric modalities fall under three types:
● Physiological
● Behavioral
● Combination of Physiological and Behavioral Modality
8. A. Physiological Modalities
There are some physical traits that remain unaltered throughout a
person’s life. This modality is based on direct measurement of parts of
human body such as iris, fingerprint, shape and position of fingers, etc.
a. Fingerprint Recognition System
b. Facial Recognition System
c. Iris Recognition System
d. Hand Geometry Recognition System
e. Retinal Scanning System
f. DNA Recognition System
10. Pattern based Matching : Compare the basic fingerprints
patterns such as arch, whorl and loops between a stored
template and a candidate fingerprint.
11. Merits : Economical, contemporary, reliable, secure,
easy to use, swift, less memory space.
Demerits : Wax, physical contact with the system
leaves identity behind them, cuts and scars.
Applications : Mobiles, Access control in
organisations, authentications.
12. B. Behavioral Modalities
Pertains to the behavior exhibited by the people or the manner in which
people perform tasks such as walking, signing, and typing on the
keyboard.
Have higher variations as they primarily depend upon the external
factors such as fatigue, mood, etc. This causes higher variation as
compared to physiological biometrics.
● Gait Recognition System
● Signature Recognition System
● Keystroke Recognition System
13. a. Gait Recognition System
● Manner of person’s walking.
● People show different traits while walking such as body posture,
distance between two feet while walking, swaying, etc. which
help to recognize them uniquely.
● Video of the candidate’s walk cycle is recorded and analyzed for
position of joints such as knees and ankles, and the angles made
between them while walking.
● A respective mathematical model is created for every candidate
and stored in the database.
14. At the time of verification, this model is compared with the live
sample of the candidate walk to determine its identity.
15. Merits : Non invasive, no cooperation of the candidate needed, used
for determining medical disorders by spotting changes in walking
pattern.
Demerits : No model yet developed with complete accuracy, not
reliable as other established biometric techniques.
Application : Suited for identifying criminals, medical purposes to
record appreciation or depreciation in health.
16. C. Physiological + Behavioral Modality
Voice recognition biometric modality is an example of such a
modality.
● Physiological Component: Physical health, shape and size
of a person’s vocal cord, and lips, teeth, tongue and mouth
cavity.
● Behavioral Component: Emotional status of the person
while speaking, accents, tone, pitch, pace of talking, etc.
17. Working
● Also known as Speaker Recognition.
● To acquire a speech sample of the candidate, the user
needs to speak a word or phrase into a microphone.
● Electrical signal from the microphone is converted into a
digital signal using the Analog to Digital Converter (ADC).
● It is recorded into the computer memory as a digitised
sample.
● Computer then compares and attempts to match the
input voice of candidate with the stored digitized voice
sample and identifies the candidate.
18.
19. Difference between Voice and Speech
Recognition
Voice Recognition is also called Speaker Recognition.
Voice Recognition and Speech Recognition are two entirely different
technologies.
20. Merits: Easy to implement, easy to use.
Demerits: Susceptible to quality of microphone, factors
affecting the input need to be controlled, otherwise they can
decrease performance.
Applications: Telephone transactions, applying audio
signatures, entertainment industry, online education systems.
21. 4. Multimodal Biometric Systems
Here, the biometric system works on accepting information from two
or more biometric inputs.
This increases the scope and variety of input information the system
takes from the users for authentication.
Availability of multiple traits makes the multimodal system more
reliable.
Increases security and secrecy of user data.
22. Multimodal system has all the conventional modules of a unimodal
system:
● Capturing Module
● Feature Extraction Module
● Comparison Module
● Decision Making Module
In addition, it has a fusion technique to integrate the information
from two different authentication systems. The fusion can be done at
any of the following levels:
● During feature extraction
● During comparison of live samples with stored biometric
templates
● During Decision Making
23.
24. Multimodal systems that integrate the information at the initial
stage are considered to be more effective. Reason is that the early
stage contains more accurate information than the matching scores
of the comparison modules.
25. 5. Performance Measurements
● FRR (Type-I Error) : False Reject Rate states the likelihood of a
legitimate user being rejected by the system.
● FAR (Type-II Error) : False Accept Rate states the likelihood of a
false identity claim being accepted by the system.
● Ideal biometric system must give zero value for both FAR and
FRR.
● The performance of the current biometric techniques is far from
ideal and thus system developers need to pay attention to these
two factors for various system requirements.
26. 6. Biometric System Security
The operations of biometric devices are highly dependent on the
input devices that are subject to operational limitation. This makes
the system unreliable and vulnerable.
The more vulnerable to attacks a system is, the more insecure it
remains.
27. Biometric System Vulnerability
2 major causes :
● System Failures:
a. Intrinsic failures : Failures such as non-working sensors,failure of
feature extraction, matching, or decision making modules, etc.
b. Failures due to attacks : Due to loopholes in the system design,
availability to the attackers of any computations, etc.
● Non-secure Infrastructure : System can be accessible to
malicious users if its hardware, software and user data are not
safeguarded.
28. Risks with Biometric System Security
1. Risk of User Data Being Stolen : If the biometric system is
vulnerable, the hacker can breach the security of it and collect
the user data recorded in the database. Creates more hazards to
the privacy.
2. Risk of User Data Getting Compromised : After acquiring the
biometric sample, the hacker can present a fake sample to the
system. The data remains compromised forever as user has only
a limited number of biometrics which cant be changed like PINs
or passwords.
29. To address the biometric security issues, a number of solutions are
proposed. Biometric templates are never stored in the raw form.
They are encrypted, sometimes even twice.
In the case of biometrics, there are various resources involved such
as humans, entities and biometric data. The security requirements of
confidentiality, integrity, authenticity and availability are essential i
biometrics too.
30. 7. Applications
● Controlling workplace access.
● Applying access controls to sensitive information and systems.
● Identifying criminals by forensics.
● Online E-commerce transactions.
● Identity establishment of people for authentic citizenship and
immigration systems.