Authentication is the process of determining whether a person is who he or she claims to be. This process can occur in one of two ways. Verification asks “Is this the person who he or she claims?” and consists of a single comparison. Identification makes a one-to-N comparison and tries to determine if the person is one of the N people. Several factors, such as what you know, what you have, or what you are can be used for authentication, with all three options having strengths and weaknesses. For improved security, it is advisable to use more than one factor, if possible.
Biometric authentication is a “what you are” factor and is based on unique individual characteristics. Two types of biometric properties are useful for authentication. Physical biometrics include DNA, fingerprints, facial recognition, and eye scans (iris, retina). Behavioral biometrics include voice recognition and handwritten signatures.
The biometric authentication process consists of several stages: measurement, signal processing, pattern matching, and decision making. Measurement involves sensing biometric characteristics and is necessary both for the creation of the reference model and for each authentication trial. For example, when voice verification is utilized, this stage involves recording one’s voice through a microphone. Then the digital data are mathematically modelled. When the user wants to be authenticated, the device compares the received data to the user model and makes a decision mostly based on a pre-calculated threshold.
Biometric authentication systems are not 100% accurate. There are two types of errors in a typical biometric system. A false reject (FR) error is the rejection of an authorized person trying to access the system. A false accept (FA) error is the acceptance of a person who is not in fact who he or she claims to be. These two types of errors are inversely proportional and in general can be controlled by a confidence threshold. To increase the security of the system, the threshold can be increased, which decreases FA errors and increases FR errors.
Advantages of biometric systems:
- Improved security
- Improved customer experience
- Cannot be forgotten or lost
- Reduced operational costs
Disadvantages of biometric systems:
- Environment and usage can affect measurements
- Systems are not 100% accurate.
- Require integration and/or additional hardware
- Cannot be reset once compromised