There are two main types of biometric solution.
The first is physiological biometrics. These are biometrics which use a physical trait, such as a fingerprint, iris, hand or face for recognition. The physical trait is analysed, measured and digitally stored. A fingerprint is automated through a numeric encryption of it’s ridges, splits, dots, valleys, furrows and minutiae points. This encryption is called an algorithm, creating a binary encoded template. The iris is also digitally stored using an algorithm in the same way, using its visual features such as the connective tissue, cilia, contraction furrows, crypts, rings and corona.
The other type of biometric solution is a behavioural biometric. This involves the use of a behaviour trait or pattern, such as a voice, signature or key stroke. These traits are stored in a similar way to the physiological traits except they are updated regularly to cope with the ever changing patterns in the trait. These algorithms have to take into account that the user’s voice might be affected by the cold or illness that they are experiencing or that the document they are typing has to be completed within the hour.
Both types are relevant to different situations and circumstances. Naturally the physiological biometrics have proved more reliable then the behavioural as the physical traits generally stay the same all the time, whilst the ever changing behavioural traits have more chance for error.
Identification, Authentication
and Authorisation.
When you provide your selected trait to a biometric device, you must have already been registered for it to recognise you and therefore authorise you. The device can register and authorise you by two methods.
Identification
This is when the device/networked server holds a database of the registered users and the presented trait is authorised by searching that database to establish a match. In theory the device is asking “Do I know you?”. This method of identification is called one to many (1:N).
Authentication
The theory to this is that the device is asking “Are you who you claim to be?” By presenting an user id number or a SmartCard (containing the biometric algorithm) you announce who you claim to be. In order to prove that this id number or SmartCard belongs to you, you are asked to prove this identity by presenting the biometric trait directly to the device. You are authorised if they match. This method is called one to one (1:1).
Performance Measures
The biometric industry measures it’s products, most commonly, by the device’s FAR and FRR as a percentage or ratio. FAR stands for ‘False Acceptance Rate’, this indicates the likelihood of an impostor being falsely accepted through the security system. FRR stands for ‘False Rejection Rate’, this is the likelihood a registered user being falsely rejected.
These measures play against each other as the tighter the security is taken the less likely an impostor can be falsely accepted (low FAR%) but also the greater chance that the device may question and reject a registered user (high FRR%). This is also the same in visa versa as the easier it is for a registered user to be accepted (low FRR%) the more likely it is for an impostor to be accepted (high FAR%).
These percentages have both been greatly reduced over the years of biometric development. A low FRR% can also be achieved by the device being installed in the correct position for a comfortable ease of use and proper training to its users so that they understand how the device works and what the scanner is looking for during the identification process.