Ask the Expert

This month’s expert looks at biometrics and its real-world implementations

  • By Skip Sampson
  • May 01, 2007

THE word biometrics comes from ancient Greek words bios, meaning life, and metron, meaning measure. And life measure would be an apt description for the variety of technologies used to accurately identify people through voice, fingerprint or some other unique body characteristic.

To date, identities have been confirmed by two factors: what we have and what we know. What we have is comprised of cards or documents such as driver licenses, ID cards, passports or birth certificates. What we know typically consists of passwords or PINs. But as documents get counterfeited, passports are stolen and passwords are shared or forgotten, we can no longer validate an individual’s identity with any accuracy. And as a result, security—buildings, finances, computer systems, even borders—is compromised.

To solve this challenge, identities are becoming more frequently confirmed by a third component: what we are. Biometric technology helps measure what we are.

Recent advances in microprocessors have helped increase accuracy and reduce the cost of biometric systems, bringing the systems within the reach of government facilities, banks, hospitals, colleges and universities—virtually anyplace that requires a higher level of security.

In a typical biometric system, a person’s biometric measurement (a fingerprint, face or iris patterns) is scanned, this information is processed by a numerical algorithm and then stored in a database. Later, when that person attempts to enter a door or access a computer, he or she presents the selected biometric to a reader. The reader processes the information into a digital template. If the template matches the information in the database, access is granted.

One advantage of a biometric system is that it can free the user from having to remember PINs, usernames and passwords—all of which can be stolen or given others.

ISSUE: Biometrics seems to be a viable options of authentication. Which industry is most receptive to the technology?

SOLUTION: Private industry is catching on to biometrics, but the biggest user is—and for the foreseeable future will be—the federal government. HSPD-12 called for all 5 million federal employees and an additional 2 million contractors to carry identification cards, including embedded fingerprints, for access to federal buildings and IT networks. The deadline for program implementation was last fall. Due to the scope of the project, total implementation likely remains months away.

A common, interoperable system used to verify identity of individuals, both within and across agencies, is a significant step in enhancing security and reducing identity fraud.

The federal government also is looking at biometrics to help identify port workers and passport owners. Ultimately, methods and standards being set by federal agencies will come to be used by state and local governments and private industry.

Standards are critical to the successful implementation of biometric systems. To that end, a number of organizations, both public and private, are working to ensure that components from one biometric vendor will work with those from another provider. Industry standards also will make it easier for end users to compare factors, such as price and performance, when reviewing systems or components from rival vendors.

ISSUE: What are some biometric measurement techniques?

SOLUTION: Currently, a number of techniques are available for biometric measurement, including the analysis of the iris, retina, fingerprints, face, voice, hand geometry and vein patterns.

Fingerprints are by far the most commonly used biometric technique. But a test several years ago by a national standards laboratory in the United Kingdom found the most accurate measurement to be iris scanning. The iris scan system never accepted a false identity. The false rejection rate was lower than two percent on the first attempt and fell to less than 0.2 percent when the subject tried as many as three times to gain access.

And for those who argue that biometrics pose an invasion of privacy, a fingerprint or iris scan reveals far less about a person than other regularly collected identification data, such as phone numbers, addresses and credit card and Social Security numbers.

Biometric technology is no longer the technology of spy movies. It has arrived and will soon be used in one form or another as a safe, accurate means of identification.

READER QUESTION: I work with a small, but growing company. Our employees wear badges and we have access readers on all entrances. During an average day, we have 10 or more vendors moving about our offices. Currently, we have them sign in and fill out an adhesive name label, but we would like to have a better and more accurate record of who comes and goes. Do you have any suggestions?

SOLUTION: Paper guest books have been around for a very long time. They are easy to use and very inexpensive. Unfortunately, most companies find the data collected is usually incomplete, often difficult to read and impossible to analyze. And perhaps more importantly, confidential information about who has recently visited your facility is out in the open and readily available to anyone who wants to flip through the book’s pages.

We have seen a recent trend at many organizations of all shapes and sizes to replace outdated paper logs and adhesive name labels with electronic visitor management systems.

These systems can improve security and help enforce a company’s visitor policies and procedures. Visit times can be limited, and visitors can be associated with the company’s host employee. Log books are eliminated and visitor privacy is maintained.

A scanner is used to provide positive identification for visitors, capturing information from a business card, driver’s license, passport or other official credential. An inexpensive USB camera can photograph and capture the visitor’s picture. Printed, professional-looking badges with pertinent visitor information, including visit expiration time and date, and clearance levels are printed.

The visitor management system software provides an audit trail and a utility can generate a variety of reports from the captured information. Watch lists can be generated to prevent visits from undesirable individuals.

Systems are available from manufacturers such as EasyLobby or Honeywell’s LobbyWorks. The systems use standard, off-the-shelf PCs and printers while all peripherals are USB.

Featured

  • Ransomware Attacks Rise for the First Time in Six Months

    Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

Most   Popular

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.