…and successfully confirms

his identification with his

finger (biometric template).
What Is BIOMETRICS?
Biometrics can be defined
as the technique of studying the
physical characteristics of a person
such as fingerprints, hand
geometry, eye structure etc. to
establish his or her identity. This
science is primarily implemented to
identify individuals.
Biometrics is a modern
technological field that focuses on
identifying an individual through his
or her unique physical traits.
Biometrics spans various fields
such as artificial intelligence and
biology, as well as various
hardware-related fields
Why BIOMETRICS?
The use of biometrics is no longer restricted to defense establishments
or sensitive areas. An increased need for security has prompted even everyday
office goers to install fingerprint recognition devices to boot up their laptops,
thumb drives and other daily use gadgets. The question is, why? Why isn’t the
16-digit password good enough? Simply because fingerprints are more secure.
A password is breakableand anyone with basic knowledge of computers can
crack passwords using the myriad free programmes available on the Internet.

For obvious reasons, a fingerprint, however, is difficult to fake without

the help of the owner. It is also a lot more convenient to simply place your
finger on to a scanner instead of remembering a long and complex series of
characters and their cases. To make matters worse, they should, ideally, have
no correlation whatsoever. So essentially, for maximum security, your
password should be an alphanumeric ‘word’ that doesn’t mean anything.
 Fujitsu’s PalmSecure™ takes on the challenges
faced by many of the current biometric technologies
available today. The USP of being purely contactless
makes PalmSecure™ an ideal choice for deployment
in various public programs and services and addresses
the concerns of public hygiene and convenience at a
mass scale and providing lower cost of operations and
maintenance cost.
 Biometrics can be separated into two
classifications, physiological and behavioral. Physical
identifiers do not change over time or with mood.
Behavioral identifiers are generally considered less
conclusive because they are subject to such limitations
as illness, imitation, and mood changes. It is not so
much to see which one is better, but it is important to
determine which type of security works best in a given
environment.
Physiological classification includes:
Behavioral classification includes:
Fingerprints Voice Authentication
Hand Geometry Signature Analysis
Eye Patterns
Facial Recognition
How Biometric Processes Work
The concept of Biometric verification is simple. The system has
some pre-stored data. When youapproach the system (say a fingerprint
scanner), your finger is scanned and matched with a record of
fingerprints already in its database. Only when it finds a match, access is
granted. The concept might be simple, but the process is quite ingenious.
A biometric system is a real-time identification system which identifies a
person by measuring a particular physical or behavioral characteristic
and later comparing it to a library of characteristics belonging to many
people.
Fingerprint and other biometric devices consist of a reader or
scanning device, software that converts the scanned information into
digital form, and wherever the data is to be analyzed, a database that
stores the biometric data for comparison with previous records. When
converting the biometric input, the software identifies specific points of
data as match points. The match points are processed using an algorithm
into a value that can be compared with biometric data scanned when a
user tries to gain access.
Verification and identification:
Verification – The system verifies the claimed identity of the user by
comparing his/her biometric sample with one specific reference template, which
is either physically presented by the user or pointed to in the database.
Verification can be knowledge-based (e.g. PIN or password) or token-based
(e.g. smart card). The user says, "I am X!" and the system reply with "yes, your
are X!" or "no, you are not X!"
Identification – The system identifies the end user from his/her biometric
sample by associating it with his/her particular reference template based on a
database search among the reference templates of the entire enrolled
population. The user asks, "who am I?" and the system reply with "you are X!"
or "you are not an authorized user".
MEASUREMENT PARAMETERS :>>
Everything, which is under the sun, has a unit or a parameter to describe its
capability. Similarly we have units, to be precise the parameters that
measure the capability of the type of biometric technique applied. These are
FRR and FAR.
FAR: - It stands for False Acceptance Rate, which means that
the rate at which an imposter is accepted as a valid match.
FRR: - It stands for False Rejection Rate, which means that
the rate at which a legitimate match is denied to access.
The following four-stage process illustrates the way biometric systems
operate:
1.Capture — a physical or behavioral sample is captured
by the system during enrollment.
2. Extraction — unique data is extracted from the sample
and a template is created.
3. Comparison — the template is then compared with a new
sample.
4. Match/non-match — the system then decides if the features
extracted from the new sample are a
match or a non-match.
Fingerprint Matching:
Among all the biometric techniques, fingerprint-based identification
is the oldest method which has been successfully used in numerous
applications. Everyone is known to have unique, immutable
fingerprints. A fingerprint is made of a series of ridges and furrows
on the surface of the finger. The uniqueness of a fingerprint can be
determined by the pattern of ridges and furrows as well as the
minutiae points. Minutiae points are local ridge characteristics that
occur at either a ridge bifurcation or a ridge ending.
Fingerprint matching techniques can be placed into two categories:
minutae-based and correlation based. Minutiae-based techniques
first find minutiae points and then map their relative placement on
Fingerprint classification is a technique
the finger. However, there are some difficulties when using this
to assign a fingerprint into one of the
approach. It is difficult to extract the minutiae points accurately
several pre-specified types already
when the fingerprint is of low quality
established in the literature which can
provide an indexing mechanism.
Fingerprint classification can be viewed
as a coarse level matching of the
fingerprints. An input fingerprint is first
matched at a coarse level to one of the
pre-specified types and then, at a finer
level, it is compared to the subset of the
database containing that type of
AUTHENTICATION METHODS:

Fingerprint ….
In recent years, fingerprints have rallied significant support
as the biometric technology that will probably be most widely used
in the future. In addition to general security and access control
applications, fingerprint verifiers are installed at military facilities,
including the pentagon and government labs. Although machines
tend to reject over 3% of authorized users, the false accept rate is
less than one in a million. Today, the largest application of
fingerprint technology is in automated fingerprint identification
systems (afis) used by police forces throughout the U.S. and in
over 30 foreign countries.
Verification of fingerprints is also fast and reliable. Users
experience fewer errors in matching when they use fingerprints
Security Level Overview…
versus many other biometric methods. In addition, a fingerprint
identification device can require very little space on a desktop or
in a machine. Several companies have produced capture units
smaller than a deck of cards.
 Security Level Overview…

SECURITY
Level I
Level II
Level III

Access Authorization
and Identity Management
through Fingerprint
 logon with bioLock

bioLock

Logon bioLock checks bioLock

authentication rules user/
function

bioLock prompts you for fingerprint

bioLock
templates

Fingerprint comparison with table

Logon blocked Logon authorized

 
Please Our technology identifies unique points on your finger and creates an
Note: encrypted, digital template – we never take an actual image of the finger!!!
Humans have fingerprints for the exact same reason that tyres have
treads. It helps in better grip and, by a bizarre twist of nature,
different people have entirely different sets of fingerprints, which
enables identification. A fingerprint is made up of ridges and valleys
(lines and the gaps separating them) and it is these ridges and
valleys which are scanned to verify the authenticity of a print. To
authenticate a set of prints, a scanner needs to do two things: first,
it needs to get the image of the prints which are to be
authenticated, and second, it needs to actually go about the
business of verifying them.
The most commonly used method of scanning is optical
scanning. An optical scanner has a CCD sensor (Charge Coupled
Device) similar to the ones used in digital cameras. There is an array
of light sensitive diodes (photosites). When these diodes come in
contact with light, they generate an electrical signal. Every
photosite records a pixel representing the light it came in contact
with. An analogue to digital converter (ADC) system in the scanner
processes the electrical signals to generate digital representations
of the image. It is not necessary that the same kind of light falls on
all diodes. So what is generated is a mix of dark and light areas,
which together make up the image. The process begins as soon as
you place your finger on the glass plate.
The scanner has its own source of light (mostly an array of
Retinal Scanning
Despite being shown as the absolute cutting edge, retinal
scanning is actually rather old in the chronology of technology
innovations and research on this started way back in the 1930s. For
the retina to be scanned, the user looks through a small hole in the
scanning device and focuses on a particular point for the time period
during which, a low intensity light and a CCD analyse the layer of
blood vessels at the back of the eye for matching patterns (akin to
fingerprint checking) and validate or repudiate the persons identity.
This technology is still not in the public domain (unlike fingerprint
recognition, which is) and is used only to secure highly sensitive
security areas. Unlike fingerprints, there is absolutely no known
method of replicating a person’s retina and to use a dead person’s
retina is no good as it deteriorates too fast to be of any help.
Iris Scan
Iris Scan, though relating to the eye (like retinal scan)
uses a completely different method of identification. The Iris
is the coloured ring surrounding the pupil. The scan
analyses the features that exist in this coloured tissue. Over
200 points can be used for comparison such as the rings,
furrows and freckles. The scan is done with a regular
camera and the subject stands about a foot from the lens (of
the camera) so it is a lot more convenient. The Iris pattern is
much more unique than a fingerprint. A statistical analysis
puts the probability of two irises matching at 1 in 10 to the
power 78 while the population of humans on earth is roughly
7 billion that is 7 to the power 9.
Signature verification

Signature verification enjoys a synergy with

existing processes that other biometrics do not as people
are used to signatures as a means of transaction related
identity verification and mostly see nothing unusual in
extending this to encompass biometrics. Signature
verification devices have proved to be reasonably
accurate in operation and obviously lend themselves to
applications where the signature is an accepted identifier.
Facial Recognition
While fingerprinting and retinal scanning are relatively easy to
administer, since the people going through the process are aware of it and are
consenting to subject themselves to these measures, the main application of
facial recognition is in security wherein the software is expected to pick a face
out of, say, thousands of passengers at the airport, and match it with a database
of wanted criminals and positively state whether or not that face belongs to the
guilty party.
To make the computer recognise a face from a picture or a video feed is
quite an achievement in itself, but a bigger achievement is to identify clearly if
the face is that of the wanted man or not. If you look in the mirror, or at a
persons face for that matter, you will notice that every face has certain
characteristics and distinguishable features, which allow us to differentiate
between two people. The equipment used here is not really too fancy or cutting
edge, and the brains for this lie entirely in the software. The software divides the
face into 80 nodes, some of the common ones being distance between eyes,
width of nose, and depth of eye sockets, cheekbones, jaw line, and chin. The
system generally needs to match between 14-25 nodes in order to obtain a
positive ID.
Facial Scan Technologies As suggested by the
graphic, distinctive
characteristics of the entire
face are highlighted for use
in future authentication. The
vast majority of faces can be
reconstructed by combining
features of approximately
100-125 eigenfaces. Upon
enrollment, the subject's
eigenface is mapped to a
series of numbers
(coefficients). For 1-to-1
authentication, in which the
image is being used to
verify a claimed identity,
one's "live" template is
compared against the
enrolled template to
determine coefficient
variation. The degree of
variance from the template,
of course, will determine
acceptance or rejection. For
1-to-many identification, the
same principle applies, but
Voice Recognition
Like fingerprints and face attributes, every person has a
unique speech pattern. Voice recognition works by first
storing voice patterns and then using them as a database
to authenticate a subject. Voice recognition is often
confused with speech recognition, which is a technology
that converts speech to text and the conversion software
needs to go through extensive training by the user before
any suitable and acceptable results are obtained. Voice
recognition works by noting a person’s voice (physical
characteristics of the vocal tract, the harmonic and the
resonant frequencies) and converts it into an audio file
which is known as a voice print. During the creation of a
voice print, the subject is asked to choose a phrase and
asked to repeat it. The phrase should be 1 to 1.5 seconds
in length since a smaller phrase provides the system with
too little data, and beyond that, too much data. Both of
these conditions result in reduced accuracy. The problem
with voice recognition does not lie in its integrity since
DNA (Deoxyribo Nucleic Acid)
DNA samples can be taken from the body if the subject or his
personal belongings are passed through chemical processes. This DNA
fingerprint is in the form of a sequence of A’s, T’s, G’s, U’s and C’s in
random order. These alphabets refer to the nitrogenous bases. Here A
stands for “Adenine”, T stands for “Thymine”, G stands for “Guanine”, U
stands for “Uracil” and C stands for “Cytosine”. The length of this
sequence is immense and beyond comprehension!
DNA matching has advantages over other means of biometric
verification. DNA samples can be collected in many more forms than
blood samples, retina scans or fingerprints. Even the personal
belongings of people like hairbrushes, toothbrushes or clothes carry their
DNA from phenomenon like natural skin flaking. So it becomes close to
impossible for an imposter to fake a DNA sample or avoid leaving a trace
at a crime scene. Microsoft has recently declared that they will introduce
biometrics in their coming versions of windows operating system. Well,
nothing wrong with that buy hope that they don’t use DNA fingerprinting
because if that is the case then if you want to start your PC on Saturday
than you either you have to switch on your PC either on Wednesday or on
Tuesday. Present day technology still takes more than couple of days for
DNA verification.
As we rapidly move towards the new millennium, Security and Access
Control are becoming more important than ever before.
Passwords, though still extensively used, are fast becoming a hazard,
requiring an enhanced method of security.
Positive Identification of individuals is now a serious business
considering the fact that people have to be allowed access to areas only if they
are authorized.
Attendance is to be recorded in all kinds of workplaces eliminating “buddy
Punching” and “ghost workers”.
Money is to paid over “wires” - the internet obviating the need for people
to go to banks.
Criminals have to be caught and proven guilty without a doubt social and
medical benefits have to be paid by the state.
Newer chip designs and supporting software, has spurred the
development of solutions based on these crucial needs beyond boundaries.
Parts of the human body - the hand, the iris/retina, the face and the voice,
all provide a means of positive verification. Commendable progress has been
made by various companies using the above parts of the human body with
various levels of success.
Although Card Based systems have been in the market for several years
now, the latest and most secure technology involves the use of the human body -
both physical and behavioral - for positive verification and identification - known
as Biometrics.
Biometrics in Public
Contactless Biometrics – the most viable option
Future Applications(Some Common Ideas)
With the increased use of computers as vehicles of information technology, it
is necessary to restrict access to sensitive/personal data. By replacing PINs,
biometric techniques can potentially prevent unauthorized access to or
fraudulent use of ATMs, cellular phones, smart cards, desktop PCs,
workstations, and computer networks. PINs and passwords may be forgotten,
and token-based methods of identification like passports and driver's
licenses may be forged, stolen, or lost. Thus biometric systems of
identification are enjoying a renewed interest.
There are many views concerning potential biometric applications, some
popular examples being –
ATM machine use - Most of the leading banks are considering using
biometrics for ATM machine and as a general means of combating card fraud.
Workstation and network access
Public identity cards
Internet transactions
Telephone transactions
Gunlock - A miniature electronic fingerprint capture and verification device is
being developed. When built into the authorized user of the gun would be
able to fire it.
Elections - This technology can also be integrated with voting procedure so
that, the cases of fraud or bogus voting is reduced to minimal.
Automated Border Control - This idea is covered in airport security and is
very similar to that. This technology can also be implemented in railways.
Conclusion:
The increased need of privacy and security in our
daily life has given birth to this new area of science.
These devices are here and are present around us
everywhere in the society and are here to stay for a
long time to come. Indeed, it will be interesting to
watch the future impact that they will have on our
day-to-day lives ...
Biometrics is a very interesting and exciting field that
has been growing exponentially in recent years
(especially 2008). The wide variety of physically
unique traits of our bodies will soon allow us to live in
a very secure password-less world.