BIOMETRICS.doc (Size: 338.5 KB / Downloads: 840)
networks. It can be used during transactions conducted via telephone and Internet (electronic commerce and electronic banking). In automobiles, biometrics can replace keys with key-less entry devices
Biometrics technology allows determination and verification of one's identity through physical characteristics. To put it simply, it turns your body into your password. These characteristics can include face recognition, voice recognition, finger/hand print scan, iris scans and even retina scans. Biometric systems have sensors that pick up a physical characteristic, convert it into a digital pattern and compare it to stored patterns for identification.
2.0 IDENTIFICATION AND VERIFICATION SYSTEMS
A person's identity can be resolved in two ways: identification and verification. The former involves identifying a person from all biometric measurements collected in a database and this involves a one-to-many match also referred to as a 'cold search". "Do I know who you are" Is the inherent question this process seeks to answer. Verification involves authenticating a person's claimed identity from his or her previously enrolled pattern and this involves a one-to-one match. The .question it seeks to answer is, "Are you claim to be"
Verification requires comparing a person's fingerprint to one that pass previously recorded in the system database. The person claiming an identity provided a fingerprint, typically by placing a finger on an optical scanner. The computer locates the previous fingerprint by looking up the person's identity. This process is relatively easy because the computer needs to compare two-fingerprint record (although most systems use two fingerprints from each person to provide a safety factor). The verification process is referred as a 'closed search' because the search field is limited. The second question is "who is this person" This is the identification function, which is used to prevent duplicate application or enrollment. In this Case a newly supplied fingerprint is supplied to all others in the database. A match indicates that the person has already enrolled/applied.
(Dept. of Computer Science atuf<Engg. 3
The identification process, also known as an 'open search', is much more technically demanding. It involves many more comparisons and may require differentiating among several database fingerprints that are similar to the objects.
(Dept. of Computer Science and Engg. 4 SNgCE, "Kadayiruppu
3.0 BIOMETRIC SYSTEMS AND DEVICES
A biometric system is a combined hardware/software system for biometric identification or verification. Therefore the system should be able to:
Â¢ Receive biometric samples from an enrollee or candidate.
Â¢ Extract biometric featured from the sample.
Â¢ Compare the sample of the candidate with stored templates from individuals.
Â¢ Indicate identification or verification upon the result of the previous comparison.
Biometric devices have three primary components:
Â¢ One is an automated mechanism that scans and captures a digital of analog image of a living personal characteristic.
Â¢ The second handles compression of the image with the stored data.
Â¢ The third interfaces with application systems
These pieces may be configured to suit different situations. A common issue is where the stored images reside: on a card presented by the person being verified or at host computer. Recognition occurs when an individual's is matched with one of a group of stored images.
3.1 BIOMETRIC ACCURACY
Biometric accuracy is the system's ability of separating legitimate matches from imposters. There are two important performance-characteristics for biometric systems
(Dept. of Computer Science and^Engg. 5
False rejection is the situation when a biometric system is not able to verify the legitimate claimed identity of an enrolled person.
Â¢ False acceptance is a situation when a
4. biometric system wrongly verifies the identity by
comparing biometric features from .not identical individuals.
Â¢ False Rejection Rate (FRR) refers to the statistical probability that the biometric system is not able to verify the legitimate claimed identity of an enrolled person, or fails to identify an enrolled person.
* False Acceptance Rate (FAR) refers to the statistical probability of False Acceptance or incorrect verification.
In the most common context, both False Rejection and False
Acceptance represent a security hazard. I
(Dept. of Computer Science and<Engg. 6 S5VgC% Kadayiruppu
4.0 BIOMETRIC METHODS
Static Biometric methods
It ' is also called physiological method. It involves authentication based on a feature that is always present. Examples of Static methods are:
Â¢ Fingerprint Identification.
Â¢ Retinal scan.
Â¢ Iris scan.
Â¢ Hand geometry.
Dynamic Biometric Methods
It is also called behavioral method. It involves authentication based on a certain behavior pattern. Examples of Dynamic Methods are:
Â¢ Signature recognition. Ã‚Â® Speaker recognition.
Â¢ Keystroke dynamics
(Dept. of Computer Science and<Engg. 7 SNCjCE, %adayiruppu
5.0 BIOMETRIC SYSTEM ARCHITECTURE
Major components of a biometric system are:
o Data collection,
o Signal processing,
=> Data collection subsystem
It is also called data acquisition system. It comprises of input device or sensor that reads the biometric information from the user. It then converts biometric information into a suitable form for processing by the remainder of the biometric system. Examples of data collection subsystems are video camera, fingerprint scanner, microphone, etc. Various requirements for data collection involves the following
" Sampled biometric characteristic must be similar to the user's enrolled template.
Ã‚Â¦ The users may require training.
<Deft. of Computer Science aruffcngg. 8
Ã‚Â¦ Adaptation of the user's template or reenrollment may be necessary to accommodate changes in physiological characteristics.
Ã‚Â« Sensors must be similar, so that biometric features are measured consistently at other sensors.
Various changes that can happen in the biometric system are the following:
Ã‚Â¦ The biometric feature may change.
Ã‚Â¦ The presentation of the biometric feature at the sensor may change.
Ã‚Â¦ The performance of the sensor itself may change.
Ã‚Â¦ The surrounding environmental conditions may change.
=> Signal processing subsystem
This subsystem is used mainly for feature extraction. It receives the biometric data from the data collection subsystem and transforms the data into the form required by the matching subsystem. It is in this subsystem the discriminating features are extracted from the raw biometric data and also filtering may be applied to remove noise.
The matching subsystem plays the key role in the biometrics system. It receives processed biometric data from signal processing subsystem and biometric template from the storage subsystem. It then measures the similarity of the claimant's sample with the reference template. The result is a number known as match score.
=> Decision subsystem
The decision subsystem interprets the match score from the matching subsystem. A threshold is defined. If the score is above the threshold,
(Dept. of Computer Science and <Engg. 9
the user is authenticated. If it is below, the user is rejected. Typically a binary decision yes or no may require more than one submitted samples to reach a decision. The subsystem may reject a legitimate claimant or accept an imposter.
=> Storage subsystem
The storage subsystem maintains the templates for enrolled users. There will be one or more templates for each user. The templates may be stored in physically protected storage within the biometric device or conventional database or portable tokens such as a smartcard.
=> Transmission subsystem
Subsystems are logically separate units. Some subsystems may be physically integrated. Usually, there are separate physical entities in a biometric system. The biometric data has to be transmitted between the different physical entities as the biometric data is vulnerable during transmission.
Enrolment involves data collection and feature extraction. It is the process through which the user's identity is bound with biometric template data. Biometric template is stored in a database or an appropriate portable token. There may be several iterations of this process to refine biometric template.
=> Security 6f enrolment
Requirements for enrolment:
Ã‚Â¦ Secure enrolment procedure.
Ã‚Â¦ Binding of the biometric template to the enrollee.
Ã‚Â¦ Check of template quality and matchability.
(Dept. of Computer Science and%ngg. 10 SNgCE, Kadayiruppu
5.2 POSSIBLE DECISION OUTCOMES
Ã‚Â¦ A genuine individual is accepted.
Â¢ A genuine individual is rejected (error).
Â¢ An impostor is rejected.
Â¢ An impostor is accepted (error).
5.3 ERRORS I
There are mainly two types of errors. They are:
Â¢ Type I: system fails to recognize valid user ('false non-match' or 'false rejection')
Â¢ Type II: system accepts impostor ('false match' or 'false acceptance')
'Dept. of Computer Science and <Engg. 11
6.0 FINGERPRINT TECHNOLOGY
There are several components to a system that uses fingerprints to identify or verify the identity of an Individual. Figure 1 illustrates the most common basic model for use of fingerprints In government-based identification applications, incorporating the five functions performed by information systems to manage and utilize fingerprint flies, An Individual submits fingerprint samples either through a live scan or card scan system. The fingerprint images are processed into digital data files, These files are transmitted to a centralized database, where they are compared to a stored database of Images also processed into digital data files. In order to explain the finger print identification system, the finger print identification system used for border security is explained below.
Figure 1: Fingerprint processing model.
There are several methods to capture fingerprint images, and the choice has typically been determined by the specific requirements of the application and the constraints of a particular environment. In government applications, where collection of a fingerprint sample is sometimes a step in the legal process, the priority is collecting as much
(Dept. of Computer Science anfQZngg. 12 SNQCE, %pJdyiruppu
data from the fingers as possible, and processing time is rarely a factor. This is why the FBI takes full ten print, rolled fingerprints, despite the longer time it takes to collect these prints. Such a large sample also increases accuracy, as each individual fingerprint increases the amount of data collected.
Alternatively, where the INS is required to process large volumes of individuals quickly, they have traditionally placed a greater priority on speed of process. This is why in the past the INS has collected impressions of only two index fingers.
For either application, storage of biometric images in WSQ format is crucial to preserving the interoperability of the biometric system. This is important in ensuring the usability of the fingerprints by new systems and techniques as they are developed in the future. The extractions of features and patterns from a fingerprint image rely on proprietary methods, making true interoperability between different systems difficult. Capturing and storing a high quality image ensures that any system or technology can make use of all images in a database perpetually.
Two ways to capture fingerprints are live scan and card scan. A live scan approach involves the use of optical scanners designed specifically for capture of fingerprints. They are used by placing and/or rolling the fingers onto'a glass platen. Scanning technology below the platen creates an image of the finger(s), and the image is processed using software residing on an associated PC or local computer network.
A card scan approach involves the use of consumer-grade scanners designed for document and photograph scanning. These can be used by first impressing fingers onto a card, using ink or inkless paper, and then placing the card in the scanner. The scanner then takes the image of the
(Dept. of Computer Science and (Engg. 13 SWQCE, Kjidayiruppu
card, and software residing on an associated PC or local computer network processes the image. For state and federal system usage, the FBI maintains a rigorous image quality testing and certification program that every live scan and card scan system must pass before a particular make and model can be used.
6.2 PROCESS: Minutiae Extraction
(Dept. of Computet Science and'Eru^. 14 SNgCE, Kadayiruppu
Minutiae extraction is the process of converting an image of a fingerprint to a set of data points that can be subsequently compared numerically to other data sets. These data "points of interest" are called minutiae, and are comprised of two primary features of fingerprints: ridge endings and ridge bifurcations. (See Figure 2)
Minutiae files are smaller than image files and are ideal for storage at the point of application, but are not typically interoperable between equipment from different vendors. To ensure future usability of the biometric, the image must be stored. It remains to be seen whether a standardized minutiae template model will be widely adopted.
In a typical system, type, location, and angle are recorded for each point of interest. Proposed standards specify that a Cartesian coordinate system is used to represent the location of a minutia, in units of pixels. Image resolution is also required. Also specified by the proposal, the origin of the coordinate system is located in the upper left, with values increasing in value to the right and downward.
An important area of work for standards groups such as INCITS M1 and ISO JTC 1 SC37 is to standardize the definition of minutiae locations and angles. Only then will biometric data extracted by different equipment be effectively compared and matched.
Matching of fingerprints lies at the heart of a fingerprint system. It is the process by which mathematical algorithms are used to compare a data set of minutiae of a single fingerprint to another or several others. These matching algorithms typically generate a match "score", and then compare this score to a threshold that is associated with some level of confidence that the two prints belong to the same finger.
6.4 STORING (compressing)
WSQ (wavelet scalar quantization) is the fingerprint image compression algorithm that is the standard for the exchange of fingerprint images across government biometric systems, as defined in the ANSI/NIST Data Format For The Interchange Of Fingerprint, Facial, and Scar/Mark/Tattoo
(Dept. of Computer Science and (Engg. 15 SNgCE, %adayiruppu.
Information published in 1993 and updated in 2000. WSQ is specified as required by the FBI's EFTS (Electronic fingerprint Transmission Specification). WSQ is designed to allow the interchange of fingerprint and other identification information between law enforcement agencies in the USA and the FBI centralized integrated Automatic Fingerprint Identification System (IAFIS). The IAFIS started accepting ten print records that comply with this standard from law enforcement agencies in July of 1S9S and from civilian agencies shortly thereafter.
(Dept. of Computer Science andQZngg. 16
7.0 FINGERPRINT RECOGNITION: OVERVIEW
Â¢ Optical sensors.
Â¢ Ultrasound sensors.
Â¢ Chip-based sensors.
Â¢ Thermal sensors.
7.2 INTEGRATED PRODUCTS
Â¢ For identification - AFIS systems.
Â¢ For verification.
Optical fingerprint sensor [Fingerprint Identification UnitFIU-001/500 by Sony]
(Dept. of Computer Science and<Engg.
Figure 4: Fingerprint recognition: Integrated system
Travel Mate 740 by Compaq and Acer
(Dept. of Computer Science and (Engg. 18
7.3 "VERIFINGER"-A software example
Neurotechnoiogija, Ltd. has developed fast, compact and reliable fingerprint identification engine VeriFinger, intended for system integrators who need powerful fingerprint identification algorithm for their biometric security systems, VeriFinger is available as a software development kit (SDK) for MS Windows 9x, 2000 and NT (current version 3.3) and Linux (current version 3.1). It can be easily integrated into a customer's security system. VeriFinger fingerprint recognition engine, integrated with the data management system, is used in our other product, person identification system Finger Point.
VeriFinger SDK includes the followings components:
s VeriFinger dynamic link library (DLL file) for Windows 9 x/2000/NT
or library files for Linux. # C source code of the example program using the library provided
j Visual Basic source code of the example program using the library provided functions (not available in Linux version).
s Delphi* source code of the exampre program using the library provided functions (not available in Linux version).
s Software description.
Access tools (DLLs) for Compaq and LLare.U fingerprint scanners and source code of the sample programs, where VeriFinger 3.3 engine is used with these scanners, are optionally available.
(Dept. of Computer Science and<Engg. 19
VeriFingertest results and technical specifications:
VeriFinger was tested with 2400 fingerprints, captured with four different scanners. Each fingerprint was compared with all other fingerprints (5,760,000 comparisons). The average test results as well as other specifications are presented below:
False rejection rate < 3 %
False acceptance rate < 0.001 %
Required fingerprint resolution > 250 dpi
Fingerprint processing time 0.35 second
Matching speed 5000* fingerprints/second
Size of one record in the database About 150 Bytes
Maximum database size Unlimited
Program occupied array size 250 kb
<Dept of Computer Science and<Engg. 20
8.0 FUTURE APPLICATIONS
There are many concerning potential biometric applications, some popular examples being;
8.1 ATM MACHINE USE.
Most of the leading banks have been experimenting with biometrics of ATM machines use arid as general means of combining card fraud. Surprisingly, these experiments have rarely consisted of carefully integrated devices into a common process, as could be achieved with certain biometric devices. Previous comments in this paper concerning user psychology come to mind here one wonder why we have not seen a more professional and carefully considered implementation from this sector. The banks will of course have a view concerning the level of fraud and cost of combating it via technology solutions such as biometrics. They will also express concern about potentially alienating customers with such as approach. However, it still surprises many in the biometric industry that the banks and financial institutions have so far failed to embrace this technology with any enthusiasm,
8.2 WORKSTATION AND NETWORK ACCESS.
For a long time this was an area often discussed but rarely implemented until recent developments aw the unit price of biometric devices fall dramatically as well as several designs aimed squarely at this application. In addition, with household names such as Sony, Compaq, KeyTronics, Samsung and others entering the market, these devices appear almost as a standard computer peripheral. Many are viewing this as the application, which will provide critical mass for biometric industry and create the transition between sci-fi device to regular systems component, thus raising public awareness and lowering resistance to the use of biometrics in general.
(Dept. of Computer Science and<Engg. 21
8.3 TRAVELS AND TOURISM
There are many in this industry that have the vision of a multi application * card for travelers which, incorporating a biometric, would enable them to participate in various frequent flyer and border controls systems as well as paying for their air ticket, hotel rooms, hire care etc, all with one
i convenient token. Technically this is eminently possible, but from a political and commercial point of view there are many issues to resolve, not the least being who would own the card, are responsible for administration and so on. These may not be insurmountable problems and perhaps we may see something along these lines emerge. A notable challenge in this respect would be packaging such an initiative in a way
\ that would be truly attractive for users.
8.4 INTERNET TRANSACTIONS
Many immediately think of on line transactions as being an obvious area for biometrics, although there are some significant issues to consider in this context, Assuming device oost could be brought down to level whereby a biometric (and perhaps chip card) reader could be easily incorporated into a standard build PC, we still have the problem of authenticated enrollment and template management, although there are several approaches one could take to that. Of course, if your credit ; already incorporated a biometric this would simplify things considerably. It is interesting to note that certain device manufactures have collaborated with key encryption providers to provide an enhancement to their existing services. Perhaps we shall see some interesting developments in this area in the near future.
8.5 TELEPHONE TRANSACTIONS.
No doubt many telesales and call center managers have pondered the use of biometrics. It is an attractive possibility to consider, especially for
(Dept. of Computer Science andQZnQQ. 22
Seminar Report 2005-2006
automated processes. However, voice verification is a difficult area of biometrics, especially if one does not have direct control over the transducers, as indeed you wouldn't when dealing with the general public. The variability of telephone handsets coupled to the variability of line quality and the variability of user environments presents a significant challenge to voice verification technology, and that is before you even consider the variability in understanding among users.
The technology can work well in controlled closed loop conditions but is extraordinarily difficult to implement on anything approaching a large scale. Designing in the necessary error correction and fallback procedures to automated systems in a user-friendly manner is also not a job for the faint hearted.
Perhaps we shall see further developments, which will largely overcome these problems. Certainly there is a commercial incentive to do so and I have no doubt that much research is under way in this respect.
8.6 PUBLIC IDENTITY CARDS.
A biometric incorporated into a multi purpose public ID cards would be useful in a number of scenarios if one could win public support for such a scheme. Unfortunately, in this country as in others there are huge numbers of individuals who definitely do not want to be identified. This ensures that any such proposal would quickly become a political hot potato and a nightmare for the minister concerned. You may consider this a shame-or a good thing, depending on your point of view. From a dispassionate technology perspective it represents something of a lost opportunity, but this is of course nothing new. It's interesting that certain local authorities in the UK have issued 'citizen' cards with which named cardholders can receive various benefits including discounts
(Dept. of Computer Science and%ngg. 23
at local stores and on certain services. These do not seem to have seriously challenged, even though they are in effect an ID card.
<Dept. ofComputer Science and^Engg. 24
The ultimate form of electronic verification of a person's identity is biometrics, using a physical attribute of the person to make a positive identification. People have always used the brain's innate ability to recognize a familiar face and it has long been known that a person's fingerprints can be used for identification. The challenge has been to turn these Into electronic processes that are inexpensive and easy to use.
Banks and others who have tested biometric-based security on their clientele, however, say consumers overwhelmingly have a pragmatic response to the technology. Anything that saves the information-overloaded citizen from having to remember another password or personal identification number comes as a welcome respite.
Biometrics can address most of the security needs, but at what cost Surprisingly, the benefits quickly outweigh the costs. Like so many technological developments, innovative people have found new ways to implement biometric systems, so prices have come down dramatically ;n the last year or two. As prices have come down, the interest level and the knowledge about how to effectively utilize these systems have increased. So the investment is decreasing and the recognizable benefits are increasing. Biometrics, when properly implemented, not only increase security but also often are easier to use and fess costly to administer than the less secure alternatives. Biometrics can't be forgotten or left at home and they don't have to be changed periodically like passwords.
Devt. of Computer Science JTZSEIZJ.
Chapter Contents Page No.
1. Introduction. 1-2
2. Identification and Verification Systems. 3-4
3. Biometric Systems and Devices. 5-6
4, Biometric Methods. 7
5. Biometric System Architecture. 8-11
6. Fingerprint Technology, 12-16
7. Fingerprint Recognition: Overview. 17-20
Future Applications. 21-24
9. Conclusion. 25
10. References. 26
(Dept. of Computer Science and<EngQ.