adam's notes

Biometric Authentication

Biometric authentication is an authentication mechanism that allows a user to perform a biometric scan to operate an entry or access system.

  • Physical characteristics stored as a digital data template can be used to authenticate a user
  • Typical features used include:
    • facial pattern, iris, retina, fingerprint pattern, and signature recognition
  • fingerprint recognition
    • most widely implemented
    • relatively inexpensive and the process quite straightforward
    • usually implemented as a small capacitive cell or optical camera that can detect the unique pattern of ridges making up the pattern
    • nonintrusive and relatively simple to use
      • moisture or dirt can prevent readings
  • facial recognition
    • records multiple indicators about the size and shape of the face
      • distance between the eyes or the width and length of the nose
    • scan usually uses optical and infrared cameras or sensors
      • to defeat spoofing attempts that substitute a photo for a real face

Setting Up Biometric Authentication

  • First step is enrollment:
    1. A sensor module acquires the biometric sample from the target
    2. A feature extraction module creates a template
      • template is a mathematical representation of the parts of the sample that uniquely identify the target
  • when the user wants to access a resource,
    • they are re-scanned
    • scan is compared to the template
    • If they match to within a defined degree of tolerance,
      • access is granted

Biometric Metrics

  • False rejection rate (FRR)
    • is where a legitimate user is not recognized
    • referred to as a Type I error or false non-match rate (FNMR)
    • measured as a percentage
    • causes inconvenience
  • False acceptance rate (FAR)
    • an interloper is accepted
    • aka Type II error or false match rate (FMR)
    • measured as a percentage
    • can cause security breaches
    • most important metric
  • Crossover error rate (CER)
    • the point at which FRR and FAR meet
    • aka equal error rate (ERR)
    • lower the CER, the more efficient and reliable the technology
    • Errors are reduced over time by tuning the system
      • accomplished by adjusting the sensitivity of the system until CER is reached
  • Throughput (speed)
    • the time required to create a template for each user and the time required to authenticate
    • major consideration for high-traffic access points
  • Failure to enroll rate (FER)
    • incidents in which a template cannot be created and matched for a user during enrollment
  • Cost/implementation
    • how expensive it is
    • how easy/hard it is to implement
  • Psychological acceptability
    • are users willing to accept this method
    • can find it intrusive and threatening to privacy
    • can be discriminatory or inaccessible to those with disabilities

Graph View

Backlinks