Keywords
Citation
Rudall, B.H. (2001), "Biometric technology", Kybernetes, Vol. 30 No. 2. https://doi.org/10.1108/k.2001.06730baa.004
Publisher
:Emerald Group Publishing Limited
Copyright © 2001, MCB UP Limited
Biometric technology
Biometric technology
Backgound to biometric technology
Over the last decades biometric technology has provided the information technology (IT) field with a number of innovative systems. Many have been solely concerned with system security and a number have been discussed and reported upon in these pages.
Biometrics is concerned with the use of machines to recognise humans by means of their physical or behavioural features. It soon became apparent that system security was becoming one of the major concerns of IT providers to business and industry, and indeed to anyone who wished a secure environment or "system". System here can mean anything from a credit card company's facilities to a computer used on any application or operation. The result has been an enormous demand for efficient and usable security. The technology has to embrace a wide range of practical uses that range from protecting sensitive information to the physical control of welfare payments.
Examples of the range of these applications were given in Biometric Technology Today which has reported the use of face and fingerprint recognition systems to weed out troublemakers at Netherlands night clubs; iris patterns were used for security at the Olympic games in Australia; and Korean telephone manufacturers are using fingerprint technology to enable secure e-commerce via mobile phones. In addition, other emerging areas involve providing secure access to company intranets for remote staff needing access to sensitive information and in e-commerce, where consumers need systems they can trust.
In an article in The Computer Bulletin(September, 2000, pp. 20-2) Mark Lockie asks the question: "Why is this technology coming to the fore?" He suggests that currently there are too many security layers. He gives the example of the three-level security system which starts at level 1 with a PIN number, at level 2, a plastic card or a key, and at Level 3, which is something more sophisticated, and will involve biometrics. All are to be linked to the person who wishes access, maybe something to be known, something you have, something you are or a combination of them. We are all familiar with the deficiences of these security levels. It is to biometrics that we now turn for a system that may give "absolute verification" of a system user. It offers the highest security level because it relies on our unique physical or behavioural characteristics.
Some current developments
The development of smartcards appeared to solve many of the problems of security but, of course, there is no guarantee that the person using the card is indeed the authorised user. Like the ISO standard card, now some 40 years old, it is not impossible to copy or change even the most sophisticated card. Biometrics therefore offers the opportunity of using some unique physical or behavioural characteristic of the human, and one that can be checked automatically. Since such characteristics can vary, biometric systems are designed to allow the accuracy to vary, often in relation to the level of security required. That means that in an office involved with financial matters 95 per cent accuracy will suffice, but in a defence establishment some 99 per cent may be a requirement. Some of the physical attributes at present used or being developed include:
- •
Fingerprint– already used extensively.
- •
Facial characteristics– computers can now recognise faces. Using the eye, the pattern of veins at the back of the eye and the iris are currently used.
- •
Hand– the shape of the bones in the hand have been found to be unique.
- •
Veins– patterns of the veins, particularly on the back of the hand, are also used.
Other physical characteristics are also being investigated. It would seem, however, that behavioural biometics may also prove fruitful. Behavioural biometrics allows identity to be checked using dynamic processes. Traditionally this has been the person's signature, but now also includes the way we type. Signature verification was one of the first projects for many of the first computer scientists who regarded it as "something of a challenge". Some fine algorithms have been constructed for this purpose, many of the current ones taking into account variation in time so that the template for a behavioural reference has a changing template for reference.
Requirements listed for investigation
Mark Locki, who is the editor of Biometric Technology Today lists at least five requirements that should be investigated to find out how a particular biometric suits a particular application; they are:
- •
Public acceptability– how readily the biometric will be accepted by those who will use it.
- •
Work and environmental factors– users cleanliness, age, diseases they may suffer from, their profession and even gender can affect performance.
- •
Ease of use– this is extremely important in consumer applications because if customers find a biometric device intrusive or difficult to use they will take their custom elsewhere.
- •
Verification performance– this examines the biometric system's accuracy in comparing the latest reading with the user' s template.
- •
Template memory size– one biometric system needs only nine bytes of data, which could easily be stored on a magnetic stripe card; others need the storage potential of a smartcard or a computer.
One other debate currently in progress is how the performance of these systems should be assessed. What, for example is the "error rate" of the system? How robust is it? How does the system integrate with other systems? These and many other questions are asked of the manufacturers of such systems.
Future initiatives
We are told that the development of a general biometrics application programming interface (API) was required if such systems were to be adopted. In 2000 an industry-wide BioAPI was released. Unfortunately matters are not as easily resolved in the software world and the situation became very confused when some companies went their own way. We are told, however, that all is not lost and "the prospect of having a uniform operating system and integrtated biometric API still seems possible". We are also told that the systems are "very affordable", with the average price per access point being just under $500(£310) in 1999 compared with $6,000 (£3,700) six years ago.
No one can doubt the importance of biometrics technology and its place in the future of the more advanced security systems. In particular, cyberneticians and systemists will regard many of the newly implemented systems as the results of their own pioneering efforts. We are, of course, reporting on systems that are being used in the real world and about new initiatives such as the development of cash machines that use iris recognition for identifications, as well as many other pioneering initiatives using biometric technology.