Biometric Identification — A Comprehensive Introduction For 2019

Biometric Identification has been with us since the beginning of recorded time. Archeologists have found evidence of handprints being used in the Qin Dynasty (221–206 BC) to identify criminals and track their illicit activity.

More than two Millennia later, the Motorola Atrix launched with the world’s first fingerprint sensor. Thanks to state of the art technology the phone could save and verify biometric data, enabling the phone’s owner to unlock the device simply by placing her thumb on the appropriate area.

Since then, different forms of biometric identification have crept into our lives and have become far more sophisticated. Fingerprints, facial recognition and iris recognition are just some of the ways with which we can identify ourselves using cutting edge technology.

That being said, Biometric verifications are employed not just by corporations trying to sell products, but also by Governments aiming to track and monitor their citizens. It’s an incredibly powerful tool that can be used both to enhance and reduce our quality of life.

Let’s find out more.

What does “Biometric” mean?

Before we look into the different forms of biometric identification and discuss their security implications, we should be clear on what the term “biometric” means.

“Biometric” derives from the Greek words “bio” meaning “life” and “metric” meaning “measurement.” In brief it refers to the measurement and analysis of an individual’s unique physical characteristics.

Some of these characteristics are DNA, fingerprints, retina patterns, hand geometry, earlobe geometry, iris patterns, and your voice. These are hard or even impossible to fake meaning that biometric technology is often used to identify individuals and manage access control.

How Does Biometric Identification Work?

We previously discussed the great variety of use cases, and each employs the technology in slightly different ways. In general, identification requires two sides, one involving the nature of the Biometric characteristic, and the other is the device which tracks and verifies its authenticity. Jain, Bolle and Pankanti released a groundbreaking paper in 1999 entitled: “Biometrics Personal Identification in Networked Society”. Here the authors lay out seven factors which they believe identify a suitable Biometric characteristic:

1. Universality — An overwhelming percentage of the population needs to have this characteristic (fingerprint for example)
2. Uniqueness — The likelihood of sharing an identical Biometric data point with another person needs to be impossibly small.
3. Permanence — It must be robust and not easily changed.
4. Measurability — The characteristic must be convertible to a machine readable data point.
5. Performance — It’s unaffected by external conditions and is predictably measurable.
6. Acceptability — Devices, whether clay tablets or cutting edge mobile phones, must be able to authenticate the data point.
7. Circumvention — Creating forgeries must be so complex as to be prohibitive.

Biometric characteristics, like fingerprints and retinas, fulfil these seven characteristics, making them suitable for identification.

On the flipside, we also need technology that fulfils certain standards in order to authentic reliably. These are:

1. Reading or scaning at least one Biometric characteristic
2. Comparing the biometric data to previously collected information in order to establish a match.
3. Storing the data securely on a database for future comparisons

Once you have a Biometric characteristic that fulfils the seven requirements outlined above, and can authenticate it with the technology listed previously, you can begin Biometric identification.

What Forms Of Identification Are There?

Biometric Identification entered into mainstream consciousness with the introduction of fingerprint readers on flagship mobile phones. Today, millions of individuals use their Biometric data to unlock mobile devices, causing some commentators to hail the end of regular passwords.

Whether Biometric identification will become the industry standard is yet to be seen, but it’s worth thinking about the different forms that already exist and how they are already impacting our lives. Let’s take a closer look:

Fingerprints

Fingerprints are the oldest form of Biometric identification and by far the most widely used. They are unique to the individual and comprise ridges on the human finger. These typically produce shapes which, when covered in ink or read by a sensor, form a unique impression which can be used to identify the individual.

In its modern iteration the technology relies on an initial set-up process in which the correct fingerprint is saved. Whenever the device or account is asked to unlock, the in-built fingerprint reader will scan the impression and compare it to the appropriate entry in its database. The fingerprint matches the device is unlocked, whereas a failed match will return an error.

Although this approach is increasingly incorporated in 21st century technology, it is far from perfect. We use our hands and fingers for all manner of tasks, often causing dirt or water to change the impression and result in an error.

Additionally, genetic conditions like Adermatoglyphia result in the absence of fingerprints, making this form of identification impossible. Nevertheless, Fingerprints are among the most reliable and widely used form of Biometric identification.

Facial Recognition

When Apple launched Face ID in 2017 it marked a milestone in the history of Biometrics. From that point onward, millions of consumers would use their facial features to unlock mobile devices.

Facial recognition usually works by projecting a small grid of infrared dots on to the user’s face. Next, sophisticated technology uses these dots to create a 3D facial map which is subsequently stored and used to identify a match.

This mapping technology is able to account for glasses, clothing and even makeup, making it one of the most powerful forms of Biometric Identification. Power in the wrong hands is a scary proposition however, and recent reports suggest that the Chinese government is building a giant facial recognition database to identify any citizen in just a few seconds.

Whether bureaucrats should have access to such highly sensitive and unalterable data is a matter for debate. What is very clear on the other hand is that facial recognition is widely regarded as the heir apparent to fingerprints, in terms of Biometric identification.

Iris Recognition

The iris is the colourful part of the eye and controls the diameter and size of the pupil — allowing it to adapt to different lighting. In order to perform this task the iris employs pigmented muscle-fibers, also known as a stroma. A handy side-effect of this apparatus is that each eye displays a unique set of colourful patterns which can be used to identify individuals.

These complex patterns are said to be unique, stable and observable from a distance making them an excellent choice for authentication. For this reason, several countries have enrolled in iris recognition programs enabling passport-free automated border-crossings.

As a consequence, iris recognition is one of the oldest forms of Biometric identification in existence and still used today. The modern technology it relies on however is quite expensive and the emergence of more accurate forms of authentication — like facial recognition — may be a nail in the coffin.

The Advantages Of Biometric Identification

Biometric Identification offers a number of important advantages.

In terms of convenience, it’s clearly much easier to press your thumb against a sensor than it is to remember a secure password. For businesses, this can result in happier customers and fewer support tickets.

From a security perspective, Biometrics also wins the day. Malicious actors can easily crack unsophisticated passwords using specialised software. Creating a fraudulent 3D map of a customers face in order to access her account is far more complex and time consuming.

The Disadvantages Of Biometric Identification

Although Biometrics often provide a more convenient and secure method for authentication, it also harbours some dangers.

Perhaps the most concerning is the centralization of Biometric data in vulnerable databases. As this timeline shows, data breaches are breath-takingly common and Biometric databases — like this one in Israel — have already exposed highly sensitive records.

Of course this raises serious concerns. Leaked passwords and email addresses can easily be changed, but fingerprints and retinas are for life.

Equally concerning is its use by Governments around the world. As regimes change it’s easy to imagine a country’s entire biometric database falling into the hands of a group of politicians that do not have their citizens best interests at heart. The damage that could be done in such a scenario is immeasurable.

Conclusion

Clearly Biometrics is becoming increasingly popular and we should expect to see more of it entering our lives in the years to come. For individuals it’s worth seriously considering where the data is stored.

Information — like fingerprints — can wreak havoc when it falls into the wrong hands and corporations often fail to keep their customers data safe.

For businesses, Biometric identification represents an exciting leap with the potential to lower costs and increase customer satisfaction. That being said, Biometric data is much more valuable than the information that would typically be stored on your databases. With that in mind, it is absolutely crucial to find a reputable service provider that can not only provide the technology but the data security as well.