September 2002 Mfg.Trust

Mfg.Trust is a monthly feature of the
            NCMS InfraGard Manufacturing Industry Association
                        Infrastructure assurance for manufacturers
                                    Powered by NCMS.

This month – Biometrics

Your Face is not a Bar Code

Accompanying Resource Page for this Story 

Editor's Preface:

Although biometric verification techniques are slow to gain acceptance in general business use, the use of biometric identification for public and quasi-public security purposes is rapidly expanding (you’ll see why below). Since each use of the technologies has a different implication for your privacy and protection, and the topic is broad, we will cover biometrics in two issues. This month we will address biometrics as used in business, and review each common type of biometric. Next month we’ll take on the more controversial issue of biometrics and your privacy.

The resource pages accompanying these feature articles are especially rich. There is a wealth of information referenced there from the US, Europe and Australia. Be sure to visit http://trust.ncms.org and check under “Publications Index.” For those who wish to learn more, Prof. Anil Jain of Michigan State University, a collaborator on these articles, has produced a fact-filled and expert online course entitled “Introduction to Biometric Authentication” available at http://products.ncms.org/classes.htm. Biometrics using fingerprints, face, hand, iris, and voice recognition are demonstrated in that course.

John Sheridan (johns@ncms.org )

BIOMETRICS

Introduction

Biometrics is the term for any method that can be used to identify a person, using a measurable physiological and/or behavioral characteristic, such as fingerprints, voice, retina scanning or hand-written signatures. The use of such techniques is not new. What is new is the application of computers and development of devices to *automatically* identify a person based on biological metrics. What is very new is the availability of powerful tools for doing so without a person’s knowledge or consent. This is the point where uses of biometrics quickly divide into two cases: the “ordinary” use of business tools and surveillance.

A second point about biometrics is important. Identification can be either ‘positive’ to prevent multiple people from using a single identity, or ‘negative’ preventing one person from using multiple identities. Positive identification does not require biometrics. You can prove your identity by supplying forms, such as a birth certificate, driver’s license, utility bill, or through a shared secret password. However, only biometric based identity management provides for negative authentication. Documents or passwords cannot establish that a person does not have multiple identities. Therefore, biometric identification is the most practical alternative for applications requiring negative identification, such as social services, driver licensing, and some surveillance tasks.

Verification

Verification for business use is a fairly straightforward topic, or at least it was until e-commerce came along. In the traditional case, your employer already knows who you are and biometrics may be used for verification prior to access. Positive identification is the only issue. Verification is one-to-one matching. (e.g.: “Does this fingerprint belong to Jane Doe?”) Further, you know that your employer has already registered some of your biometric features, and you consent to such use. In a very secure environment you may carry your biometric features with you, encrypted on a smart card (see resources page). In addition to providing multi-factor authentication (you have the card and the thumb print or iris scan), this approach does not require that your data be kept in a central database, where it is a juicy target for theft. (However, be aware that the answer to “I left my token at home” is “Go home and get it!”)

Since a verification match is made against a small population, detection thresholds can be adjusted to give acceptable false alarm and missed detection rates. Biometric identification can be a real convenience while contributing to overall security. What should keep your employer awake at night is the possibility that your biometric identity can be stolen.

Identification

Identification is one-to-many matching (e.g.: Who does this face belong to?). The identification problem is much more difficult than verification. Generally, both positive and negative identification are required by the user. Registration may be simple and consensual, or complex and even covert. Further, in security situations the implications of both false alarms and missed detections can be very serious. Here, system implementers must carefully plan (usually multi-factor) identification approaches.

When subjects are not consensually pre-registered there are opportunities for invasions of privacy and civil liberties. When data is collected without knowledge or consent, there are opportunities for abuse. This topic has deservedly received much press attention, and we’ll return to it next month.

What Biometrics Are in Use? What Works?

In 2000, companies spent $127 million on biometric devices, with fingerprint scanners accounting for about 44% of the sales, according to Meridien. Face recognition made up 14% of overall sales, hand geometry 13%, voice recognition 10% and iris scans 8%. By 2004, the financial services market will spend about $1.8 billion annually on biometric technology, according to IDC in Framingham, Mass. The impact of events on 11 September on security applications will boost the value of the biometrics market to $2.05 billion in 2006, according to a report from analyst Frost & Sullivan.

Fingerprints

As shown above, fingerprint scanners are gaining popularity, frequently as verification devices on computers. In this limited role (see above) they work well, but there are limitations. Issues such as cuts and bruises on fingers, and dry or oily fingers are obvious. But according to Dr. Jain, wear and tear of sensors is a major issue, frequently a fingerprint impression is often left on the sensor, and no proven contact-less fingerprint sensor technology is available. Further, about 4% of fingerprints are not of “good” quality, and fingerprint sensors require user habituation for good performance.

Facial Recognition

Face images are the most common biometric characteristic used by humans. We even recognize cartoons of people’s faces. However, machine driven facial recognition only became possible with the advent of high performance computers and much research (ever heard of ‘eigen faces’?) in the past few decades. There are limitations of facial recognition which arise from the environment which could be dynamic, uncontrolled face identification in a cluttered background. Here different three dimensional head poses, and different illumination conditions cause errors. However, even in a controlled (static, mug-shot verification) environment, facial expression, aging effects, and facial accessories reduce the effectiveness of facial recognition.

Hand Geometry

Hand geometry is a distinguishing biometric. Although it is not unique, it is useful for verification, because it is non-intrusive, simple to use, and involves a simple and inexpensive acquisition procedure. Only shape/geometric features are used, which makes hand geometry robust to environmental factors. Hand geometry is largely used for border control (INSPASS system), and time & attendance monitoring. Because the acquisition device is not small, it is not used for computer access.

Voice Recognition

Voice capture is unobtrusive and voiceprint is an acceptable biometric. Speaker recognition/verification (not speech recognition) can be cooperative (Speaker says a predetermined phrase.) or not. Voice recognition is good for surveillance application because it does not require user cooperation. Speaker recognition can be language independent.

The limitations of voice recognition are that voice is a behavioral biometric and is affected by a person’s health (e.g., cold), stress, and emotions. Some people seem to be extraordinarily skilled in mimicking others. The voice signal available for authentication is typically degraded in quality by the microphone, communication channel, and digitizer characteristics. An earlier recorded voice can be used to circumvent a voice authentication system in the remote, unattended applications.

Iris Scans

Field trials show that the error rate using iris recognition technology is very small. (Even identical twins have different irises!) Capturing an iris image involves cooperation from the user. The user must stand at a predetermined distance and position in front of the camera. The cost of an iris-based system is relatively high, so these systems are usually reserved for high security applications.

Summary: Pro and Con

Biometrics as a method of identification is preferred over traditional methods because:

- The person to be identified is usually required to be physically present at the point-of-identification;

- Identification based on biometrics eliminates the need to remember a password or carry a token.

Weaknesses of biometrics:

- Once a biometric technique is compromised, it is compromised forever. You can get a new password, but not a new iris.

- Some (not all) biometric techniques store identifying characteristics in a central database. This poses two problems: the database itself is a rich target; and you must have reliable access to the database to authenticate a customer.

LINKS:

Michigan State University Biometrics Consortium
http://biometrics.cse.msu.edu/ 

Enterprises and Employees: The Growth of Distrust http://security1.gartner.com/story.php.id.12.s.1.jsp 

Define Proper Use For Different Kinds of Data http://security1.gartner.com/story.php.id.18.s.1.jsp 

If you liked Mfg.Trust, please forward it to a colleague in your company!

For questions, comments, or for NCMS Alliance Partners to request their own FREE subscription to Mfg.Trust, send e-mail to johns@ncms.org 

To unsubscribe please send a blank e-mail message to listmanager@ncms.org with the subject line "unsubscribe mfgtrust".