Biometrics: More than a helping hand

Personal computers generally have been a boon to agency and departmental staff, but they can be a nightmare for those responsible for security. With users accessing networks remotely, transmitting data via the Internet and carrying around laptops containing sensitive data, ensuring security is an increasingly complex challenge. At least one thing is clear: Passwords are not enough.

Personal computers generally have been a boon to agency and departmental

staff, but they can be a nightmare for those responsible for security. With

users accessing networks remotely, transmitting data via the Internet and

carrying around laptops containing sensitive data, ensuring security is

an increasingly complex challenge. At least one thing is clear: Passwords

are not enough.

An increasing number of agencies and departments are turning to biometrics

to achieve a higher level of security. Biometric devices measure a person's

physical or behavioral characteristics, such as iris patterns, hand measurements,

voice patterns and fingerprints, to ensure that the person accessing a device

or location is who he or she claims to be. Biometric traits, unlike passwords

and personal identification numbers (PINs), cannot be lost, stolen or easily

duplicated.

Security concerns, of course, apply not only to computers and networks

but also to physical access to facilities. And biometrics can be used to

authenticate people for both applications.

The government is taking notice. In fact, the National Security Policy

Board, through the Facilities Protection Committee, has chartered a Biometric

Consortium to help develop, test and evaluate biometric devices on behalf

of the Defense Department.

To get an idea of how well current leading biometric technologies work,

we reviewed a sampling of five types of biometric authentication methods:

hand geometry, fingerprint recognition, iris recognition, voice verification

and face verification.

Several factors play a part in deciding what kind of biometric security

to implement. One factor is infrastructure: How easily can biometric authentication

integrate with the existing network? Does the existing network use technology

that supports certain types of biometric authentication methods?

For example, if all PCs on a network have cameras attached to them,

the infrastructure for face recognition is already in place. Similarly,

PCs with microphones are easily outfitted for voice-recognition technology.

If your department's computers have no cameras or microphones, you may be

more inclined to use stand-alone fingerprint scanners. Buyers should also

consider future security needs and whether the system they are considering

can meet those needs.

Next, environmental factors are important to weigh. Dim lighting can impair

face recognition, a noisy background can hamper voice recognition, and a

scratched or dry finger can affect fingerprint recognition.

Human factors may play a role as well. Some people are nervous about

using their fingerprints and prefer a method such as hand geometry, which

measures the shape and outline of the hand. Other methods are perceived

to be extremely intrusive, such as retinal scanning.

To increase security and help compensate for environmental factors,

several vendors advocate "layered" bio- metrics, which is the use of more

than one biometric technique or device to verify a person. For example,

a user might need to provide a faceprint and voice verification to gain

access to a system. Passwords, smart cards, digital certificates and PINs

can also be combined with biometric authentication for a layered security

solution.

Keyware Technologies Inc., a provider of biometric identification solutions,

is one company that offers layered biometrics. Keyware's LBV Framework

(for layered biometric verification) is an open architecture solution for

biometric verification that includes a middleware application, biometric

engine plug-ins for use with different kinds of biometric technologies,

development tools and application toolkits. Keyware provides data, network,

telephony and physical access security for several markets, including the

federal government.

Another vendor answering the call for layered biometrics is BioNetrix

Systems Corp. The company offers management software called the BioNetrix

Authentication Suite. The suite enables administrators to manage all authentication

systems on a network — whether they are biometric or nonbiometric, such

as passwords — from one console.

The Lineup

For this review, we reviewed a hand reader from Recognition Systems

Inc., currently the only manufacturer of hand geometry products. We chose

fingerprint-scanning technology from SecuGen Corp. because it offers products

we hadn't seen before: a keyboard and mouse with embedded fingerprint scanners.

Only one company holds the worldwide patent for iris recognition technology,

IriScan Inc. IriScan licenses its technology to Sensar Inc., which develops

and markets iris recognition systems. We reviewed one of these systems,

Sensar's SecureCam.

We looked at voice verification from Veritel Corp. and face verification

from Visionics Corp. Each is a leading vendor in its field. Both companies

license their technology to partners and integrators, so we reviewed them

within the BioNetrix Authentication Suite. Visionics does not sell its product

directly to end users; rather, it licenses its technology to other companies

that develop and sell products to end users. Veritel does make a product

called Voicecrypt, which we ordered from the company but never received.

The industry consensus is that iris scanning is the most accurate and

secure biometric. After DNA, irises are the most individualized feature

of the human body. Even identical twins have different irises. Furthermore,

every person's two irises differ from each other. Irises also have many

more minutiae points (IriScan systems measure 266) than fingerprints, so

more encrypted templates can be created from them. Finally, irises are less

susceptible to wear and injury than many other parts of the body.

Second to iris scanning in accuracy is fingerprint scanning. Fingerprints

contain approximately 35 to 46 minutiae points and are a stable, reliable

biometric. However, injury, dry skin and dirt can affect performance.

There is not yet enough reliable data to provide accuracy rates of one-to-many

identification with facial scans, but according to the International Biometric

Group (IBG), a New York-based in-tegration and consulting firm, anecdotal

evidence suggests that facial scan technology is capable of very accurate

performance.

According to IBG, voice verification is considered to be the least accurate

of the five technologies we reviewed.

However, in choosing a biometric technology, more than security needs

to be considered. The ideal biometric will vary for different applications.

Security needs to be balanced against environment, cost, the effort required

to use the biometric solution and the perceived intrusiveness of the device.

For example, voice verification might be a poor choice for someone who

travels often and must authenticate in airports and other noisy environments,

but it might work well for a user who wears gloves at work and cannot conveniently

use a fingerprint-recognition system. As noted above, facial scanning would

not be a good choice for environments with dim lighting, and iris scanning

might be overkill for applications requiring only low levels of security.

Bear in mind that we are rating the technologies and not the products.

The products have been chosen as being representative of each technology.

NEXT STORY: Agarwal takes post at NIC

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.