Biometrics

Access Control
An Overview of
Biometrics
Contents Biometric Systems
1. Introduction
2. Biometric identifiers
3. Classification of biometrics methods
4. Biometric system architecture
5. Performance evaluation
2
SECURITY INNOVATION 2003
Contents Biometric Systems
6. Signature recognition
7. Voice recognition
8. Retinal scan
9. Iris scan
10. Face-scan and facial thermograph
11. Hand geometry
3
Personal Identification
Association of an individual with an identity:
Verification (or authentication): confirms or denies a

claimed identity.
Identification (or recognition): establishes the identity
of a subject (usually from a set of enrolled persons).
4
Personal Identification Objects
Token-based:
something that you have
Knowledge-based:
something that you know
Biometrics-based:
something that you are
5
Biometrics
Bio + metrics:
The statistical measurement of biological data.
Biometric Consortium definition:
Automatically recognizing a person using
distinguishing traits.
6
Application Domains (I)
Access control
to devices
cellular phones
logging into a computer, laptop, or PDA
cars
guns
to local services
money from a ATM machine
logging in to computer
accessing data on smartcard
to remote services
e-commerce
e-business
7
Application Domains (II)
Physical access control

to high security areas
to public buildings or areas
Time & attendance control
Identification
forensic person investigation
social services applications, e.g. immigration or
prevention of welfare fraud
personal documents, e.g. electronic drivers license
or ID card
8
Biometric Identifiers
Ideal Properties Considerations

Universality Performance
Uniqueness Acceptability
Stability Forge resistance
Quantitative
9
Biometric Technologies
Covered in ISO/IEC 27N2949:

recognition of signatures,
fingerprint analysis,
speaker recognition,
retinal scan,
iris scan,
face recognition,
hand geometry.
10
Other Biometric Methods
Found in the literature:

vein recognition (hand),
keystroke dynamics,
palm print,
gait recognition,
ear shape.
11
Classification of Biometric
Methods
Static: Dynamic:
fingerprint signature recognition
retinal scan speaker recognition
iris scan
hand geometry
12
Biometric System Architecture
Basic modules of a biometric system:

Data acquisition
Feature extraction
Matching
Decision
Storage
13
Biometric System Model
Raw data Extracted template

Data features
collection Signal matching storage
processing
score
Application decision
Authentication decision
14
Data Acquisition Module
Reads the biometric info from the user.

Examples: video camera, fingerprint
scanner/sensor, microphone, etc.
All sensors in a given system must be similar
to ensure recognition at any location.
Environmental conditions may affect their
performance.
15
Feature Extraction Module
Discriminating features extracted from the

raw biometric data.
Raw data transformed into small set of bytes
storage and matching.
Various ways of extracting the features.
Pre-processing of raw data usually necessary.
16
Matching Module
The core of the biometric system.

Measures the similarity of the claimants
sample with a reference template.
Typical methods: distance metrics,
probabilistic measures, neural networks, etc.
The result: a number known as match score.
17
Decision Module
Interprets the match score from the matching

module.
Typically a binary decision: yes or no.
May require more than one submitted
samples to reach a decision: 1 out of 3.
May reject a legitimate claimant or accept an
impostor.
18
Storage Module
Maintains the templates for enrolled users.

One or more templates for each user.
The templates may be stored in:
a special component in the biometric device,
conventional computer database,
portable memories such as smartcards.
19
Enrolment
Capturing, processing and storing of the

biometric template.
Crucial for the system performance.
Requirements for enrolment:
secure enrolment procedure,
check of template quality and matchability,
binding of the biometric template to the person
being enrolled.
20
Possible Decision Outcomes
A genuine individual is accepted.

A genuine individual is rejected (error).
An impostor is rejected.
An impostor is accepted (error).
21
Errors
Balance needed between 2 types of error:

Type I: system fails to recognize valid user (false
non-match or false rejection).
Type II: system accepts impostor (false match or
false acceptance).
Application dependent trade-off between two
error types.
22
Tolerance Threshold
Error tolerance threshold is crucial and
application dependent.
Tolerance too large gives Type II error (admit
impostors).
Tolerance too small gives Type I errors (reject
legitimate users).
Equal error rate for comparison: false non-
match equal to false match.
23
Biometric Technologies
Signature recognition
Voice recognition
Retinal scan
Iris scan
Face biometrics
Hand geometry
24
Signature Recognition
Signatures in wide use for many years.

Signature generating process a trained reflex -
imitation difficult especially in real time.
Automatic signature recognition measures the
dynamics of the signing process.
25
Dynamic Signature Recognition
Variety of characteristics can be used:

angle of the pen,
pressure of the pen,
total signing time,
velocity and acceleration,
geometry.
26
Dynamic Signature Verification
(I)
Electronic pen [LCI-SmartPen]
27
Dynamic Signature Verification
(II)
Digitising tablet by Digitising tablet [Hesy Signature Pad

Wacom Technologies by BS Biometric Systems GmbH]
28
Signature Recognition:
Advantages / Disadvantages
Advantages:
Resistance to forgery
Widely accepted
Non-intrusive
No record of the signature
Disadvantages:
Signature inconsistencies
Difficult to use
Large templates (1K to 3K)
29
Fingerprint Recognition
Ridge patterns on fingers uniquely identify
people.
Classification scheme devised in 1890s.
Major features: arch, loop, whorl.
Each fingerprint has at least one of the major
features and many small features.
30
Features of Fingerprints
31
Fingerprint Recognition (cont.)
In a machine system, reader must minimize

image rotation.
Look for minutiae and compare.
Minor injuries a problem.
Automatic systems can not be defrauded by
detached real fingers.
32
Fingerprint Authentication
Basic steps for fingerprint authentication:
Image acquisition,
Noise reduction,
Image enhancement,
Feature extraction,
Matching.
33
Fingerprint Processing
a b
a) Original
b) Orientation
c d
c) Binarised
d) Thinned
e f e) Minutiae
f) Minutia graph
34
Fingerprint Recognition
Sensors
optical sensors
ultrasound sensors
chip-based sensors
thermal sensors
Integrated products
for identification AFIS systems
for verification
35
Fingerprint Recognition:
Sensors (I)
Electro-optical sensor
[DELSY CMOS sensor modul]
Optical fingerprint sensor
[Fingerprint Identification Unit
FIU-001/500 by Sony]
Capacitive sensor
[FingerTIP by Infineon]
36
Sensors (II)
Thermal sensor
[FingerChip by ATMEL
(was: Thomson CSF)]
E-Field Sensor
[FingerLoc by Authentec]
37
Integrated Systems (I)
[BioMouse Plus by American Biometric Company]
Physical Access Control System

[BioGate Tower by Bergdata]
[ID Mouse by Siemens]
38
Integrated Systems (II)
Keyboard [G 81-12000
by Cherry]
[TravelMate 740 by Compaq und Acer]

System including
fingerprint sensor,
smartcard reader and
display by DELSY
39
Advantages:
Mature technology
Easy to use/non-intrusive
High accuracy
Long-term stability
Ability to enrol multiple fingers
Disadvantages:
Inability to enrol some users
Affected by skin condition
Association with forensic applications
40
Speech Recognition
Linguistic and speaker dependent acoustic

patterns.
Speakers patterns reflect:
anatomy (size and shape of mouth and throat),
behavioral (voice pitch, speaking style).
Heavy signal processing involved (spectral
analysis, periodicity, etc)
41
Speaker Recognition Systems
Text-dependent: predetermined set of phrases

for enrolment and identification.
Text-prompted: fixed set of words, but user
prompted to avoid recorded attacks.
Text-independent: free speech, more difficult
to accomplish.
42
Speaker Recognition:
Advantages/ Disadvantages
Advantages:
Use of existing telephony infrastructure
Easy to use/non-intrusive/hands free
No negative association
Disadvantages:
Pre-recorded attack
Variability of the voice
Affected by noise
Large template (5K to 10K)
43
Eye Biometric
Retina:
back inside of the eye ball.
pattern of blood vessels used for identification
Iris:
colored portion of the eye surrounding the pupil.
complex iris pattern used for identification.
44
Retinal Pattern
Accurate biometric measure.

Genetically independent: identical twins have
different retinal pattern.
Highly protected, internal organ of the eye.
May change during the life of a person.
45
Retinal Recognition
Retinal recognition system [Icam 2001 by Eyedentify]
46
Retinal Scan:
Advantages:
High accuracy
Long-term stability
Fast verification
Disadvantages:
Difficult to use
Intrusive
Limited applications
47
Iris Properties
Iris pattern possesses a high degree of randomness:

extremely accurate biometric.
Genetically independent: identical twins have
different iris pattern.
Stable throughout life.
Highly protected, internal organ of the eye.
Patterns can be acquired from a distance (1m).
Patterns can be encoded into 256 bytes.
48
Iris Recognition
Iris code developed by John Daugman at Cambridge.

Extremely low error rates.
Fast processing.
Monitoring of pupils oscillation to prevent fraud.
Monitoring of reflections from the moist cornea of
the living eye.
49
The Iris Code
50
Iris Recognition
System for passive iris recognition by Sensar
System for active iris recognition by

IrisScan
51
Iris Recognition:
Advantages:
High accuracy
Long term stability
Nearly non-intrusive
Fast processing
Disadvantages:
Not exactly easy to use
High false non-match rates
High cost
52
Face-scan and Facial
Thermographs
Static controlled or dynamic uncontrolled

shots.
Visible spectrum or infrared (thermographs).
Non-invasive, hands-free, and widely
accepted.
Questionable discriminatory capability.
53
Face Recognition
Visible spectrum: inexpensive.
Most popular approaches:
eigen faces,
Local feature analysis.
Affected by pose, expression, hairstyle, make-
up, lighting, eyeglasses.
Not a reliable biometric measure.
54
Face Recognition
Face recognition system

[TrueFace Engine by Miros]

[One-to-One by Biometric Access Corporation]
55
Face Recognition:
Advantages:
Non-intrusive
Low cost
Ability to operate covertly
Disadvantages:
Affected by appearance/environment
High false non-match rates
Identical twins attack
Potential for privacy abuse
56
Facial Thermograph
Captures the heat emission patterns derived

from the blood vessels under the skin.
Infrared camera: unaffected by external
changes (even plastic surgery!) or lighting.
Unique but accuracy questionable.
Affected by emotional and health state.
57
Facial Thermograph:
Advantages:
Non-intrusive
Stable
Not affected by external changes
Identical twins resistant
Ability to operate covertly
Disadvantages:
High cost (infrared camera)
New technology
Potential for privacy abuse
58
Hand Geometry
Features: dimensions and shape of the hand,

fingers, and knuckles as well as their relative
locations.
Two images taken: one from the top and one
from the side.
59
Hand Geometry Reading
Hand geometry reader by Recognition Systems
Hand geometry reader for

two finger recognition by BioMet Partners
60
Hand Geometry:
Advantages:
Not affected by environment
Mature technology
Non-intrusive
Relatively stable
Disadvantages:
Low accuracy
High cost
Relatively large readers
Difficult to use for some users (arthritis, missing
fingers or large hands)
61
Multimodal Biometric Systems
Combination of biometric technologies

Fingerprint and face recognition
Face recognition and lip movement
Fingerprint recognition and dynamic signature
verification
Increase the level of security achieved by the
system
Enlarge the user base
62
How good are biometric
products?
How can we find out, how good a biometric
product is?
Empirical tests of the product
There have been independent tests on a series
of biometric products
in Japan
in Germany
63
Different Threat Scenarios
1. Regular biometric
sensor using
artificially generated
biometric data
2. Replay attack of
eavesdropped
biometric data
3. Manipulation of
stored biometric
reference data
64
Japanese Test
Tsutomu Matsumoto, a Japanese
cryptographer working at Yokohama
National University
11 state-of-the-art fingerprint sensors
2 different processes to make gummy fingers
from live finger
from latent fingerprint
Gummy fingers fooled fingerprint sensors

80% of the time
65
Test in Germany (I)
11 biometric sensors
9 fingerprint sensors,
1 face recognition system, and
1 iris scanner
Fingerprint sensors
reactivate latent fingerprints (optical and capacitive sensors)
apply latex finger (thermal sensor)
down- (up-) load biometric reference data from (to) hard disk
no or only weak life detection
66
Test in Germany (II)
Iris recognition
picture of iris of enrolled person with cut-out
pupil, where a real pupil is displayed
All tested biometric systems could be

fooled, but the effort differed
considerably
67
Choosing the Biometrics
Does the application need identification or

authentication?
Is the collection point attended or
unattended?
Are the users used to the biometrics?
Is the application covert or overt?
68
Choosing the Biometrics (cont.)
Are the subjects cooperative or non-

cooperative?
What are the storage requirement constraints?
How strict are the performance requirements?
What types of biometrics are acceptable to the
users?
69
Conclusions
Biometric technology has great potential

There are many biometric products around,
regarding the different biometric technologies
Shortcomings of biometric systems due to
manufacturers ignorance of security concerns
lack of quality control
standardisation problems
Biometric technology is very promising
Manufacturers have to take security concerns
serious
70

Biometrics

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Biometrics

Uploaded by

Copyright:

Available Formats

Access Control

Association of an individual with an identity:

Verification (or authentication): confirms or denies a

Physical access control

Ideal Properties Considerations

Covered in ISO/IEC 27N2949:

Found in the literature:

Basic modules of a biometric system:

Raw data Extracted template

Reads the biometric info from the user.

Discriminating features extracted from the

The core of the biometric system.

Interprets the match score from the matching

Maintains the templates for enrolled users.

Capturing, processing and storing of the

A genuine individual is accepted.

Balance needed between 2 types of error:

Signatures in wide use for many years.

Variety of characteristics can be used:

Electronic pen [LCI-SmartPen]

Digitising tablet by Digitising tablet [Hesy Signature Pad

In a machine system, reader must minimize

[BioMouse Plus by American Biometric Company]

Physical Access Control System

[TravelMate 740 by Compaq und Acer]

Linguistic and speaker dependent acoustic

Text-dependent: predetermined set of phrases

Accurate biometric measure.

Retinal recognition system [Icam 2001 by Eyedentify]

Iris pattern possesses a high degree of randomness:

Iris code developed by John Daugman at Cambridge.

System for passive iris recognition by Sensar

System for active iris recognition by

Static controlled or dynamic uncontrolled

Face recognition system

Face recognition system

Captures the heat emission patterns derived

Features: dimensions and shape of the hand,

Hand geometry reader by Recognition Systems

Hand geometry reader for

Combination of biometric technologies

Gummy fingers fooled fingerprint sensors

All tested biometric systems could be

Does the application need identification or

Are the subjects cooperative or non-

Biometric technology has great potential

You might also like