Expectations from Biometrics Technologies

eSSL Security

Increasing requirements for security in many sectors of our society have generated a tremendous interest in biometrics. This has also raised expectations from Biometric Technologies. These expectations can be summarized into five categories:

Performance - The recognition performance achievable from a biometric system is of utmost interest in the deployment of biometric systems. A biometric system is prone to numerous errors; failure to enroll (FTE), false accept rate (FAR), and false reject rate (FRR). The system performance is further characterized in terms of transaction time or throughput. The accuracy of a biometric system is not static, but it is data dependent and influenced by several factors:

• Biometric quality, which is related to the quality of sensed signal/image.
• Composition of target user population (e.g., gender, race, age, and profession).
• Size of database (i.e., number of subjects enrolled in the system).
• Time interval between enrolment and verification data.
• Variations in the operating environment (e.g., temperature, humidity, and illumination).
• Distinctiveness of biometric modality.
• Robustness of employed algorithms (namely, segmentation, feature extraction, and matching algorithms).

A biometrics authentication system can make two types of errors: a false match, in which the matcher declares a match between images from two different fingers, and a false non-match, in which it does not identify images from the same finger as a match. A system’s false match rate (FMR) and false non-match rate (FNMR) depend on the operating threshold; a large threshold score leads to a small FMR at the expense of a high FNMR. For a given biometrics system, it is not possible to reduce both these errors simultaneously.

Cost - The cost of deploying a biometric system is often estimated from its direct and indirect components. The direct component includes hardware components (sensor, processor, memory) and the software modules (GUI and matcher). The sensor should be low cost and it should be easy to embed it in the existing security infrastructure. There are multifaceted components that constitute the indirect cost in the usage of biometric system. These include system installation, training/maintenance requirements, and most importantly, user acceptance. In the end, return on investment or the cost-benefit analysis is critical for making a case for biometric systems in most applications.

Interoperability - As biometrics systems are being increasingly deployed in a wide range of applications, it is necessary that the system be interoperable among different biometrics technologies (sensors/algorithms/vendors). A biometric system can no longer operate under the assumption that the same sensor, same algorithms, or same operating conditions will always be available during its lifetime. The biometric system should be highly interoperable to authenticate individuals using sensors from different vendors and on varying hardware/software platforms. The system should employ usage/development/deployment of common data exchange facilities and the formats to exchange the biometric data/features between different vendors, from different geographical locations. This would significantly reduce the need for additional software development and bring all the associated advantages (cost savings and efficiency).

User Convenience - A biometrics system should be user friendly. Any perceived health or hygienic concerns with the continuous usage of biometric sensors can influence user acceptance. Hygiene as well as security has been one of the motivations for developing touchless fingerprint sensors. Some biometric modalities are easier to acquire than others and require less user cooperation during data acquisition. Human factors and ergonomic issues will continue to play a major role in widespread deployment of biometric systems in non-government applications (such as physical and logical access control).

Security - Biometric systems are vulnerable to potential security breaches from spoof and malicious attacks. These systems should therefore offer a high degree of protection to various vulnerabilities resulting from intrinsic failures and adversary attacks. One of the major system security concerns deals with biometric template security. The access protocols and the storage of biometric and other user specific data should be provided the highest level of security.

Based on the above considerations, the second generation biometric systems should be easy to use, have low cost, be easy to embed and integrate in the target security application and be robust, secure, and highly accurate in their matching performance.