1 / 56

Emerging Biometric Applications

Emerging Biometric Applications. Expectations meet Reality. An Emerging Technology. What are Biometrics?. The term biometrics refers to a science involving the standard analysis of biological characteristics.

muncel
Download Presentation

Emerging Biometric Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Emerging BiometricApplications Expectations meet Reality

  2. An Emerging Technology

  3. What are Biometrics? The term biometrics refers to a science involving the standard analysis of biological characteristics. A biometric is a unique, measurable characteristic or trait of a human being for automatically recognising or verifying identity.

  4. Who are you? No, who are you, really???

  5. Authentication Methods in Network & Internet Security • Something you know • Passwords • PINs • Mother’s maiden name • Something you have • ATM card • Smart card • Digital certificate • Something you are • Biometrics • Positive identification • Never lost or stolen

  6. Biometric Techniques Identification of all the biometric methods, both mainstream and ‘esoteric,’ known to the group. Consider methods that relate to non-humans and also combinations of methods.

  7. Innate Iris Retina Ear Fingerprint Palm / hand Face (visual & heat) Skin detail / veins DNA / Blood / Saliva / anti-bodies Heart rhythm Footprint Lips Behavioral Gait Signature Typing style Mixed Voice Body odour Biometrics

  8. Why Biometrics? “Biometric identification (e.g., fingerprints, face and voice) will emerge as the only way to truly authenticate an individual, which will become increasingly important as security and privacy concerns grow.” - Gartner Group 26th April 2000

  9. Store Present biometric Capture Process IDENTIFIED Compare Match No Match DENIED Present biometric Capture Process How do Biometrics Work? Enrollment: Add a biometric identifier to a database Fingerprint, Voice, Facial or Iris Verification: Match against an enrolled record

  10. Fingerprint Image Identification

  11. Randomness

  12. Accuracy v. Affordability v. Acceptability 0 1 Affordability >> 2 3 4 Accuracy >> Courtesy, Veridicom Corp.

  13. Benefits for the Consumer

  14. Benefits of Biometrics Biometrics link a particular event to a particular individual, not just to a password or token, which may be used by someone other than the authorized user

  15. Business Scenarios • The password problem • Remote access • Who is using our fee-based web-site? • Challenge-response tokens • Too many physical-access devices • Protecting the single-sign-on vault

  16. Password Rules(an obligatory cartoon)

  17. How Do You Remember Passwords?

  18. The Password Problem • They’re either too easy or they’re written down somewhere! • Users forget them! • Help Desk has to sort out the mess!

  19. Password Survey • Every user requesting password reset received survey • 50% response • “No recriminations” policy • Source - CCH

  20. The Password Problem Good passwords are bad for users

  21. The Password ProblemWrite it Down 47 28 8 16 % of respondents Never Occasionally Often Always

  22. The Password Problem User Overload No of 57 36 7 Pswds % 1-3 4-6 7-9

  23. The Password Problem User Impact Password 4 62 29 5 Resets % Zero 1-2 3-6 > 6

  24. The Password Problem Wait Time

  25. The Password Problem Impact on Productivity

  26. The Password Problem Who Knows your Password?

  27. The Password Problem How Many Passwords do you Know?

  28. 4 62 29 5 % of respondents Zero 1-2 3-6 > 6 The Password ProblemResets per Year Source: CCH

  29. The Password Problem • Identifiable costs • Lost productivity • Flow-on productivity losses • Support team • Management and infrastructure • US research - $340 per incident* • Anecdotal – some incidents over $AU10,000 *BioNetrix Corp - www.bionetrix.com/inserts.pdf

  30. Choosing Technologies and Partners

  31. Privacy Concerns and Ethics • Criminal stigma • 3rd party use of data • Sold or given for other than intended purpose • Provided to law enforcement • Unauthorized access • Identity theft • “Tracking” of actions through biometrics • Religious objections - “Mark of the Beast”

  32. Australian Privacy Act NPP 4 – Data Security An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

  33. Privacy Policy Recommendations • 5 basic principles • Notice – disclose ALL data captured • Access –anyone can view their stored data • Correction Mechanism • Informed Consent – no 3rd-party involvement • Reliability & Safeguarding

  34. Who would use Biometrics • Strong identification and authentication • Medium – high data security • Non-repudiation (I didn’t do it!)

  35. Who would use Biometrics • The last metre • Fee-for-service web sites • e-Commerce transaction verification

  36. Selecting Biometric Technologies • User / environment considerations • Cooperative/non-cooperative users • Overt/covert capture • Habituated/non-habituated • Attended/unattended • Public/private • Indoor/outdoor • Possible interference • User lifestyle/occupation • Compatibility with existing/legacy systems

  37. Selecting Biometric Technologies • Technology factors • Cost • Accuracy • Ease of use • Public acceptance • Long term stability • Existence/use of standards • Barriers to attack • Track record of vendor/product • Availability of alternate sources • Scalability

  38. Iris Face Finger Signature Voice Accuracy Very High Medium High High Medium Ease of Use Medium Medium High High High Barrier to Very High Medium High Medium Medium Attack User Medium Medium Medium Very High High Acceptability Long Term High Medium High Medium Medium Stability Interference Coloured Lighting Dryness Changing Noise, Contacts Aging, Dirt, Signatures Colds, Glasses, Age, Weather Hair Race Technology Comparison

  39. Accuracy • False rejection rate • Measures how often an authorized user, who should be recognized by the system, is not recognized. • I am not recognised as me! • False acceptance rate • Measures how often a non-authorized user, who should not be recognized by the system, is falsely recognized. • You are pretending to be me!

  40. d Non-matching prints Matching Threshold Matching prints False non-matches False matches Matching vs. Non-Matching Prints

  41. FRR Error Rate FAR Threshold FRR vs. FAR • FAR / FRR are loosely inverse • FAR = FER = Equal Error Rate • Failure to enroll rate (FER) • Measures how often users are unable to enroll a biometric record

  42. Selecting a Biometric Solution

  43. Biometrics Institute • Recently incorporated • Impartial tester • Education source • Government & industry funded • www.biomet.org • support@biomet.org • “Introduction to Biometrics” 1-day course September 25th

  44. What problem are we solving? • If biometrics is the answer, what’s the question?

  45. Health Health Technologies (Australia) Patient Records Capital Coast Health (NZ) Access security & SSO e-Commerce (Australia) e-Contracts Big Sky Contracting SocialSecurity States of New Jersey, Virginia,Connecticut Social Welfare systems Banking & Finance ING Direct (Canada) On-line banking ABN AMRO (Australia) Network Security Pt Makindo (Indonesia) Network Security On-line Trading Government Network Security and ID systems Defence – Stratcom US GSA – Govt-wide Smart Card Program Reference Sites

  46. What are some of the products?

  47. Biometric Scanning Devices PC Video Camera Secugen EyeD Mouse II Scanner Sensar Iris Scanner Veridicom 5th Sense Fingerprint Scanner Phoenix Keyboards Veridicom ‘Combo’ Fingerprint & SmartCard Scanner Telex Microphones

  48. SAF/2000 • SAF/NT • System requirements • Versions • Hardware • Client environment

  49. 2. Client accepts username passed to SAFserver 3. SAFserver advises login method 4. Client collects biometric 5. Summarized biometric passed to SAFserver for confirmation 7. If user is valid, SAFserver passes user password to client 8. Client passes username and password to login server to complete the login Data Flow During Login SAFserver 1. Client displays NRIgina.dll Biometric device 9x/NT client BSP 6. SAFserver determines validity of biometric Login Server

  50. NMAS • Modular interface to NDS • Choice of biometric method & supplier • Multiple & graded authentication • Free starter pack • Enterprise Edition

More Related