Banking on biometrics
With this emerging field of technology, there’s nothing to remember and nothing to hide, says Nikita Singh
“Biometrics” or “Biometry” is the science and technology of measuring and statistically analysing biological data. It refers to the automatic identification of a person based on his/her physiological or behavioral characteristics like retinal or iris scanning, fingerprints, voice or face recognition and hand measurements. The beauty of a biometric trait is that it is as unique as the individual from whom it was created. Unlike a password or Pin, a biometric trait cannot be lost, stolen, or recreated.
Traditional means of identification using personal identification numbers or security-access cards has a major drawback. They recognise the Pin but not the person who has provided it. Biometrics ensures that the individual trying to log on is actually the authorised person and not just someone who maliciously found a card or cracked a password.
Modern biometrics actually got their start in the mid-1970s. Early installations were expensive and therefore limited to very high security applications such as nuclear facilities. In recent years, inexpensive microprocessors and advanced imaging electronics have greatly reduced the cost of biometric devices, while increasing their accuracy.Today, thousands of businesses use biometrics for their access control needs.
K. Venkatesh, National Head, SSI Education, a leading provider of education in emerging IT technologies, explained, “Identification based on biometric techniques obviates the need to remember a password or carry a token.” Biometric devices make use of a software that converts the scanned information into digital form. There is a database which stores the biometric data and compares it with the new data. Most biometric technology systems use the same basic principles of operation. First, a person must be registered on the biometric system. This enrollment is accomplished through the sampling and storage of unique biometric characteristics. The sampling is normally processed through a mathematical algorithm that converts the characteristics to a digital mathematical representation. This representation is referred to as a template or profile, and is used to as a basis of comparison when the registered person needs to be authenticated. Biometric technology companies typically treat these algorithms as proprietary, well-guarded secrets.
Popular biometric technologies include:
Fingerprint Recognition: Fingerprint scanners are too tough to crack, and are a good choice if security is paramount.
Face Recognition: These offer extra security features such as logging an image of every user who approaches the machine. Some require relatively high-end cameras, adding to the cost of deployment.
Voice Authentication: These systems require no special hardware, and some centralised systems are ideal for granting mobile users remote access.
Hand Geometry: This approach uses the geometric shape of the hand for authenticating a user’s identity. One can use finger length, thickness, and curvature for the purposes of verification. This methodology is suitable for larger user bases or users who may access the system infrequently.
Retinal scanning: The unique patterns of the retina are scanned by a low intensity light source.
Iris scanning: Iris scanning is less disturbing to the eye. It utilises a conventional CCD camera and requires no intimate contact between user and reader.
Signature Verification: Signature verification devices have proved to be reasonably accurate in operation and obviously lend themselves to applications where the signature is an accepted identifier.
Widely used in forensics such as criminal identification and prison security, recent advancements in biometric sensors and matching algorithms have led to the deployment of biometric authentication in a large number of civilian applications. Some of the things that Biometrics can help avoid include the prevention of unauthorised access to ATMs, cellular phones, smart cards, desktop PCs, workstations, and computer networks. Biometrics can also be used during transactions conducted via telephone and Internet (electronic commerce and electronic banking) to minimise risks.
MasterCard International Inc. and Visa USA Inc., the world’s two largest credit card companies, have begun to study the feasibility of using finger-scanning devices at the point of sale to verify that the card user is really the card holder. The scanners would compare fingerprints with biometric information stored on a microchip embedded in the credit card. Walt Disney World in Orlando has started taking hand scans of people who purchase yearly passes.
The Immigration and Naturalization Service is letting a select group of travelers bypass lengthy lines at New York’s John F. Kennedy International Airport and Newark international Airport by sticking their bands and special cards the service has issued into an automated turnstile.
To understand how it works, let’s take a look at how Nasa may use biometrics in the Mars Surveyor Programme. Suppose a Nasa employee wanted to logon to the Nasa website to change some flight control data for the Space Shuttle. This obviously requires very secure access. The employee clicks the logon button of the website, which pops up a biometric logon screen. The screen asks for the user ID or email address and then captures the employee’s fingerprint and face with a finger reader and PC video camera that has been installed on his PC.
The biometric data is compressed, encrypted and sent to the biometric server over the Internet, where the biometric data is matched against the employee’s biometric registration. If the match is good, the biometric server sends back an encrypted session ID and then the employee’s PC relays that to Nasa’s website. The website server recognises the session ID and logs the employee in. The whole communication process takes a few seconds. Biometric authentication, thus, offers a highly secure, reliable and inexpensive solution.
(The author is a team member of SSI Education)
thestatesman.net
steve |
