Security Control Systems: Biometrics Essay Example
Security Control Systems: Biometrics
Security concerns are very high today. People and organisations are very much worried of their security amid the rising levels of security threats, such as terrorism. Besides, organisations today require people to authenticate their identity in order to get services, such as mortgage application, or even entering an office/building. Traditionally people were only required to reveal basic identities such as their place and date of birth or produce documents like identity card or passport. By and large, identity is needed so as to steer clear of illegal/harmful actions (Anil & Arun, 2008).
However, in the past few decades, there have been intense developments is technology, geographic boundaries have been washed away as globalisation has linked people from all regions of the globe. The use of computer networks in providing security continues to be widely accepted and developed. One area that has come to be accepted as a key part in cascading the security threats is the use of biometrics. Biometrics have been widely embraced by governments and businesses as a way of countering fake identity among other security breaches. This is because they are based on “what we are” and “how we behave” (Miller et al. 2010).
By definition, biometrics refers to the scientific use of personal physical, chemical or behavioural attributes to establish the identity of an individual. Examples of these attributes include DNA, fingerprints, odour, eyes (retinas), irises, gait, faces, hand geometry, signature, voice, vein and gait. The attributes are captured using sensors and the copy is stored in a database or on a ‘stored template’, such as a smart card, and are later used by biometric systems, automated or semi-automated, to ascertain the identity of a person. The systems mainly uses a matching algorithm to generate a match score of 0 per cent to 100 per cent (Anil & Arun, 2008). The match score shows the similarity level between the two templates being matched: a higher score indicates that the two templates fit to the same person.
Biometrics can be used in various ways. However it commonly involves four processes, including;
Enrolment: initial biometric data collection.
The biometric facets of a user are connected to the identity stated in the credentials document to certify that the reference template is associated to the correct identity.
Verification: confirming that an individual is who they claim to be through a match score.
This is to approve that a person is actually who he or she claims to be.
The actual input is matched with the stowed template to define whether or not there is a match through a “one-to-one” matching.
Identification: defining who a person is from the biometric database
This is considered to be a “one-to-many” matching. A sample template is matched against the stored reference templates of all people registered in the system. The identification may be positive (the individual is enrolled in the system) or negative (the individual is not enrolled in the system).
Screening: determining if an individual belongs to a ‘watch list’ of identities.
This is a “many to many” matching, where the result of this step is a verdict where it reports X individuals out of the N numbers are ascertains.
Biometrics has largely been used by governments in law-enforcement, military and national security with the exception of photo ID passes. But the as the technology has evolved. Also the required financial and computational resources are now much more widely available. As a result, the use of biometric systems has found way into the commercial and consumer-centred applications. The growth has been accompanied with a shift in their disposition by the state, which creates a safe environment that is envisioned for the future (Mansfield & Wayman, 2002).
Biometrics have come to be preferred because they provide the security that other traditional methods, such as PINs and passwords cannot provide. The outstanding benefits of biometrics is that it provides enhanced security, and eases the verification process for a user. Besides, biometrics cannot be lost or forgotten given that they require a person to be present at the time of identification. Biometrics are also difficult to forge, copy or share. On the contrary, biometric systems do not give results that are 100 per cent certain due to verification errors. The systems are also vulnerable and usability issues exist, for example the recent Snowden case. Also, the industrial sector is faced with difficulties in guaranteeing the quality of a biometric system (Fatimath & Andrew 2010). There are issues around the privacy and the modalities to be used (discussed later in the paper).
The Future of Biometrics
Biometrics is considered as a promising solution to security among other traditional methods. According to the UK Parliament Report (2015), the over-all biometrics market is projected to grow from $8.7 billion in 2013 to about $27.5 billion by 2019. The market is expected to grow at a five-year compound growth rate of 19.8 per cent for the period between 2014 and 2019. The projected growth in the biometrics market will mainly be driven by new areas that will enhance the use of biometrics as a security measure.
The technology also promises to produce a person’s identity using a single device that can distinctively validate a person’s identity. Also mobile devices promise to be a great biometric tool that is projected to help in the use of an unsupervised biometric systems, accessed via sensors on mobile devices. The Biometrics Institute indicated in 2014 that mobility provides a key development in biometric systems given that it allows for the adoption of mobile payments. It paves way for the development of biometric applications that can be used for mobile devices that would enable biometric usage in advanced ways (Poh et al. 2010). This also presents a possible paradigm shift whereby biometrics would come to be a daily rather than a special method of establishing identity.
Also, with the emerging business areas in e-commerce as well as e-government processes, criminals have advanced their technology to counter reputable security processes. They are also working hard to hide their evil acts making them tougher to track and contain. Today’s criminal acts are based around the theft of data. For instance, recently eBay was attacked and thousands of credit card information was compromised. Therefore, more developments in biometric technology is anticipated to play a key role in countering such crimes (Miller et al. 2010).
Usual biometric technology, such as fingerprints, have numerous ambiguities. A case in point is where dummy fingers with copied fingerprints can go through a biometric system undetected. An area that is expected to counter this is the use of finger vein recognition technology. Through this technology, an individual will be recognised by the blood vessel arrangement under their skin. Veins are unique to each person. Using this technology, an individual’s fingers will be scanned using an infrared sensor and a charge-coupled device that shows the veins as dark lines and keeps their exclusive pattern in a biometric database (Poh et al. 2010). The technology cannot be duplicated because it requires the vascular pattern of a person who is alive. This is expected to be of major benefit to commercial banks for automated teller machines, credit card authentication, employee attendance tracking and automobile security. For instance, Barclays PLC publicised its intention to start using a biometric reader (that will scan a finger and identify unique vein patterns) to access accounts for its corporate clients, instead of using a password or PIN.
Banks will also be able to enhance their mobile banking services through a new biometrics area of facial recognition technology. Through facial recognition, banks will be able to check mobile banking transactions. At present 2D face recognition is mainly used. However, this is expected to be replaced by 3D face recognition technology that uses sensors to find distinctive features of the face, such as the shape, chin, contours of the eye sockets and nose. 3D face recognition technology promises to better the performance of biometric systems. The technology is also expected to provide a resourceful solution to spot type-1 fakes. This has attracted interest from prominent agencies including the US government and some intelligence agencies are in the process of setting up the world’s biggest database of face-recognition data that will in the end identify each person in the country. Besides, facial recognition can also facilitate covert identification of people. This can be used to identify people remotely without their knowledge. As such, biometric systems will be used to identify a stranger and establish who they are. The ‘stranger’ may be unaware that this type of identification is taking place.
Another promising area in biometrics that is also gaining popularity among governments is the use of voice printing technology. This is expected to be of major use in dealing with kidnappings among other illegal activities. For instance if a kidnapper calls to demand for a ransom, it can be possible to establish the person’s identity through a voice print. Millions of voice prints are produced and stored by means of frequency estimation, neural networks, pattern matching algorithms, hidden Markov models and Gaussian mixture models.
The use of biometrics technology is also anticipated to extend to the use of people’s heartbeats for identification. This is evidenced by a company in Canada which has developed a wearable wrist band that uses heartbeat verification to make payments. The watch can be worn around the wrist and checks for a person’s exclusive electrocardiograph, which makes it very hard to falsify.
In coming times, biometrics will form a component of collecting big data through connecting together different data points. Government sand industry will, therefore, have a rich and contextualised vision that will enable the organisations to provide a sound evidence base to enlighten research and development (Woodard et al. 2010). Also, through the use of cutting-edge algorithmic analytics, biometric data will be seen as a simple collection of data points in a big data world. This provides a signal for potential incorporation of biometric data into a much larger and quickly developing collection of digital big data that would facilitate production of profiles or interactive maps of people and groups.
Challenges Facing the Implementation of Biometric Systems
Despite the various advantages of biometrics, the implementation of the technology is impeded by a number of factors. One key limiting factor is the effect of intra-class variations. Biometrics may show differences between two templates of the same trait, from the same user, captured at different times. This arises from the effect of multiple sources, such as sensors get grimy, body parts age, lighting conditions change. These can introduce differences between the same user’s biometric templates. Even as biometric systems need to stand this degree of erraticism which practically elevates the scene of false accept, and false reject, miscalculations (Poh et al. 2010).
Public attitudes also impede the use of biometrics. People remain largely unreceptive to the technology due to the distrust of biometrics, which is rampant in many countries. Indeed biometrics are perceived as the most contentious and distressing of all means of verification. Owing to the lack of public faith and trust, governments and industry find it hard to develop and implement biometric systems. For instance, in the United States, the biometric industry has been weighed down with platforms that recognised the technology but were withdrawn because of public uproars against the ill use of biometrics (Mansfield & Wayman, 2002).
The public’s reservations are largely connected to the perceived invasions into their ‘physical privacy’ as well as the ‘informational privacy’. Besides, the public concern has been associated with three other reasons including state control and surveillance with jitters about losing control over personal data that can then disappear or be abused, strong cultural associations and worries about whether personal data was collected and kept safely (Fatimath & Andrew 2010).
There is also concern regarding the nature of the data collected and its integral link to the person. Biometric data is seen to be more valued than a PIN or password code due to its utter tie to the physical features of people. According to, a person’s security and identity is a thing that most people value dearly because it is the depiction of self.
The concerns also extend to the data is stored and its safety. This arises from the recent «Snowden incident» that shows how there can be a breaches of security on biometric data. As a result, the public has turned to be more and more cynical as regards people who have access to their biometric data and whether it is stored well. Therefore, instituting public confidence in «the storage and access arrangements around their biometric data» is vital in guaranteeing greater public reception of biometrics. If a person’s biometric data is stolen it becomes a complete security headache for the person because they cannot access the data to validate themselves for the rest of their lives since the data cannot easily be retracted or reproduced (Woodard et al. 2010).
Another key concerns regards the proportionality of biometric data. Guaranteeing a proportionate biometric system that balances the society’s need for the biometric system vis-à-vis a person’s privacy rights is a dire issue and a task that the government and the industry should address. It is important to ensure whether the biometric system is necessary for filling that need as opposed to being the most convenient or cost effective way. Also, the resulting loss of privacy ought to balance any expected benefit. If the benefit is somewhat minor, such as an increase in expediency or a slight cost saving, at that juncture the loss of privacy is not considered proportionate (Miller et al. 2010).
Anil K J and Arun R. (2008). Introduction to Biometrics in Handbook of Biometrics. New York.
Fatimath S. Ali D. and Andrew.P.S. (2010), “A review of Vulnerabilities in Identity Management using Biometrics”, IEEE.
Mansfield, A. J. and Wayman, J.L (2002). Best Practices in Testing and Reporting Performance of Biometric Devices, NPL Report CMSC14/02, August 2002
Miller, P. E., Rawls, A. W., Pundlik, S. J., and Woodard, D. L. (2010). Personal identification using periocular skin texture. Proceedings of the 2010 ACM Symposium on Applied Computing (SAC’10). ACM, New York, NY, USA, 1496-1500.
Poh, N. Kittler, J.V. and Bourlai, T. (2010). Quality-based score normalization with device qualitative information for multimodal biometric fusion. IEEE Transactions on Systems, Man, and Cybernetics, 40:539–554, 2010.
Woodard, D., Pundlik, S., Lyle, J., and Miller, P. (2010). Periocular region appearance cues for biometric identification. CVPR Workshop on Biometrics. San Francisco, CA,162-169.
More Important Things