What is biometric technology, how can it help secure the City of London today, and what does the future hold?
Author – UKB International Ltd Operations Director Shaun Oakes is responsible for product development and logistics. A security systems expert and published author on biometric security, Shaun has addressed international security seminars and is a regular contributor to UK and international security industry publications.
What is biometrics?
The word biometrics derives from the Greek bios, meaning "life" and metron, to "measure". It is the study of automated methods for recognising people based upon physical traits.
Biometric recognition systems can be divided in two main classes;
Behavioral biometrics is related to the behavior of a person. The first and still most widely used characteristic is the signature. Research is currently underway into keystroke and voice recognition systems.
Physiological biometrics is related to the shape of the body. The oldest system is that used by police for over 100 years to uniquely identify an individual by recording their fingerprints. Other examples are face recognition, hand geometry and iris recognition.
The most common and commercially viable biometric systems use the human fingerprint as the unique characteristic for recognition. The uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points. Since the fingerprint is not stored in its entirety, concerns over personal data are easily overcome. Nobody can reconstruct a fingerprint from the data held on a modern biometric system.
The science of biometrics today
Although biometrics has been around for centuries in the form of signatures and fingerprint identification it was the advent of electronics which transformed the industry. With scanning equipment, fingerprints could be rendered into electronic data then the data encrypted and stored for future comparison. Initially the technology was expensive so typically it was the Military and Government who pioneered biometric access and identity verification.
Around ten years ago biometric equipment began to be mass produced in response to perceived market opportunities. The hardware, scanners, enclosures and processors were produced primarily in the Far East and the USA. These early devices would effectively operate as an on-off switch, verifying identity or denying it. Early technology relied upon a prefect scan of a fingerprint to verify the person presenting was the person registered. But a biometric access system is a security system, so if the system was in any doubt, it would reject the transaction and refuse to open the door or switch.
The cause of this rejection could be as simple as water, grease or paint on the fingerprint, a cut finger or abrasion on the fingertip. As a result, unacceptably high ‘error readings’ were common, that is, the right person was presenting but the system did not recognise them.
Today we have moved into ‘second generation’ biometrics with the advent of high definition, ‘sub dermal’ biometric readers.
This technology has allowed for the development of robust biometric readers with virtually zero error rates. Multispectral imaging technology simultaneously reads the surface and subsurface of fingerprints to capture clear, clean images every time, even when surface features are absent or hard to distinguish.
Today, readers are so robust they will operate in any weather conditions, can be power-hosed and even operate underwater. Readers are available that can scan one million stored data sets in one second, thus making them suitable for use in high volume, high security applications.
Biometric technology is moving so fast that myths abound even among security experts. A principal myth is that biometric systems store fingerprints and thus are open to ID theft. Modern systems store encrypted data which, even if decrypted would not allow for the reconstruction of a fingerprint.
Another myth involves the question “What if someone cuts off my finger?” In the event of this grisly scenario, a modern biometric reader would recognise that no blood was pumping through the veins and so, deny access. Similarly claims recently made by German hacker group Chaos Computer Club that they had obtained the fingerprints of Interior Minister Wolfgang Schauble and would use them to produce a latex ‘spoof’ fingerprint are simply a publicity stunt. One multispectral biometric reader on the market has been tested with over 20,000 spoof attempts, ranging from the crude to the highly sophisticated. To date, none have succeeded.
Biometric identification – Absolute security.
Any security system is only as robust as its weakest link, and all too often the weakest link is the key used to access a door or switch. Swipe cards, keys, proximity fobs or PINs can be lost, stolen, copied, hacked or ‘Buddied’, that is, passed to an unauthorised person. Only biometric security offers the certainty that the person accessing a lock or switch is the person registered to do so. Further, a biometric system provides an exact forensic trace of who has accessed a door, and when. For this reason a number of UK police forces are trialling biometric locks on custody suites and evidence rooms.
In terms of disaster planning and Health & Safety, biometric security saves time, money and potentially lives. If a biometric system says there were 200 people in a building, and 197 are counted at the muster point, emergency services can be sure there are three people unaccounted for. If 200 people are counted, the services can be sure nobody is left in the building.
‘Anti Passback’ requires individuals to scan in, and out of a building. This prevents an unauthorised person ‘tailgating’, or following an authorised person through an open door. Anybody who has not scanned into a building cannot scan out, and security is alerted when they try.
Security is not the only application for biometrics in the commercial environment. Biometric Time & Attendance systems are claimed by their users to save tens of thousands of pounds a year by preventing fraud and providing for a ‘Pay Per Minute’ system which automatically feeds into payroll systems.
Biometrics in the future
Biometric technology is advancing at an exponential pace. Every major security exhibition in the world will host the launch of a technological advance, or a new application for existing technology. From super yachts to city banks, biometrics is providing management and security bosses with the tools needed to achieve maximum security.
And the industry shows no sign of slowing down with millions of pounds poured into R&D worldwide. One of the most exciting avenues of research is in Face and Gait recognition which looks set to emerge as the first non-interventionist biometric technology.
Currently a subject must present a fingerprint, iris or signature to access a biometric system. Face and Gait compares minute points on the face such as position of ears, nose, eyes and mouth, and physical characteristics such as height and position of shoulders to hands. These measurements are then added to the subjects style of walking to provide an accurate assessment of the individuals identity. As the subject gets closer to the camera the system automatically reassesses its conclusion, so that by the time the subject is within five metres of the camera, the system is 100% certain that the subject should be allowed access, or not. This multiple recognition of many biometric features means the wearing of a hat, bulky clothes or a disguise would not spoof the biometric system.
While technological advances are always exciting, the real future of biometrics will be determined by applications. Every time someone asks the question “Why are we using keys, fobs, swipe cards or PINs here?” a new application for biometric technology is identified.
No comments:
Post a Comment