This is an overview of existing and possible future applications of biometrics.
Obtaining access to a secured area or system is mostly a two-step process:
- Identification, the process by which the user professes an identity by providing a username, a pincode or some other form of ID.
- Authentication, the process of verification or testing to make sure that the user is who he claims to be.
Biometrics can be used for both steps, identification requiring a one-to-many search in the templates database and authentication a one-to-one comparisson of the measured biometric with the template that is associated to the claimed identity.
There exist three types of authentication factors: something you know (e.g. password), something you have (e.g. token device, badge) and something you are. Biometrics fall in the third category, which is by definition the most secure because most companies still struggle to implement good password practices and when token devices or badge readers are used they get lost or are shared among colleagues.
A lot of commercial, biometric access control solutions are available, and many more are in development.
- Access control to computer systems (workstations) : USB fingerprint readers, voice and face recognition software using standard camera and microphone hardware, etc.
- Door security: doors with biometric locks using iris recognition, fingerprint readers, etc.
- Portable media such as USB sticks and mobile harddrives with integrated biometric access control and mostly encrypting your data using a built-in algorithm.
- Safes with biometric locks
Time and attendance management
The problems with time registration and attendance management are very similar to those encountered with access control. Nowadays most systems identify employees with a pincode or a badge. In practice employees loose their badge or forget their pincode, even worse some employees let collegues who arrive early apply their badge or pincode to the system (buddy punching).
Especially fingerprint attendance systems have lately gained a lot in popularity.
Screening large crowds for fugitive criminals or missing children, or border control in for example airports can be largely automated using biometrics. The cost of such implementations of biometrics is very high and for existing surveillance systems the success rates vary.
The US department of Homeland Security applies fingerprint recognition for border control. Non-US citizens between 14 and 79 years old, entering the United States have all 10 fingerprints taken by electronic means. This is part of the US-Visit program. Fingerprints of tourists and immigrants are cross-checked with different databases to identify terrorists, criminals and illegal immigrants. In fiscal year 2007 (source: www.cis.org):
- a total of 46,298,869 entries were recorded at air and sea ports;
- 236,857 were identified as possible overstays;
- 11,685 biometric watch-list hits occured at the port of entries, these included individuals with criminal histories for crimes such as murder and drug trafficking as well as immigration violations.
Japan implemented a similar system under the name J-VIS, scanning both index fingers of foreign visitors. Also the United Arab Emmirates implemented a border control system using iris recognition.
This type of immigration and border control system is reason for much controversy. Most debate is actually on how databases, or so-called watch-lists, containing the biometrics of criminals were compiled. Also it is common believe that criminals or terrorists will find a way to pass the biometric controls unhindered.
Face recognition for surveillance
It is said that some casino’s are using face recognition to automatically search the crowd for card counters and cheaters, it is unknown whether they are successful with this or not.
Face recognition was trialed in the UK, at the London Borough of Newham 250 surveillance camera’s were installed to scan faces within their view. Images were compared against a database of criminals, if a match was found an alert was sent to the police. It is said, however, that not ever one criminal was arrested thanks to the system. We must add to this that the system was installed already in 1998 and that seen the technological difficulties to scan and recognize faces in a crowd it is clear that face recognition was 10 years ago not yet up to that challenge.
A more interesting way to use face recognition for surveillance is with so called facetraps. The difficulty with using surveillance camera footage is that subjects are only seldom looking directly into the camera, the resulting images are therefore difficult to process for face recognition algorithms. A facetrap is a location where a camera can be set up in such a way that the subject, without even realizing it, automatically looks directly into the camera. Examples of such locations are counters, elevators, clocks or television screens at which visitors look.