Implementing Biometric Authentication
A Report on Implementing Biometric Authentication at Dynamic Safe Deposit
Section I – Executive Summary
The paper is a report presented to the management team of Dynamic Safe Deposit (DSD) on implementation of a biometric authentication system. The report was authorized after the management reached a consensus to replace the current security system due to system failures as expressed by staff and customer complaints.
Biometric security systems authenticate the identity of a user through unique, stable, and universal characteristics such as finger prints, finger veins, facial properties, eye imaging, and palm prints. The biometric authentication security system is one of the most secure, accurate, reliable and widely applicable security systems in the commercial sector. The accuracy of a biometric system is evaluated through measures such as false rejection rate (FRR) and false accept rate (FAR).
The two proposed authentication systems for DSD Limited were finger vein and face recognition authentication systems. The finger vein authentication technology would require customers to run their fingers on a scanner to be granted access to their boxes. On the other hand, the face recognition technology scans photos of customers and authenticates their access.
Upon a careful comparison of the two systems, it was revealed that while the facial recognition system was convenient for the customer and easy to install, it was not applicable to the company due to lack of reliability and applicability. On the other hand, finger vein technology seems to meet all the criteria for convenience, reliability, and acceptability.
The report recommends the application of the finger vein technology. The technology also has a high level of accuracy, and it is easy for the customers to use.
Section II (1973 words)
One of the greatest challenges facing Dynamic Safe Deposit currently is security. The company management has reached a consensus that the security personnel are experiencing security problems with regard to user authentication. Some of the flaws in the current security system include difficulties in user identification, lack of, and unclear document. Therefore, a need has developed for the company to implement a biometric authentication system that will address most of the flaws in the current system. The current report provides an overview of the biometric user authentication system, precisely the finger vein and face systems. The report presents a detailed comparison of the various biometric systems with regard to convenience, reliability, and acceptability, and draws recommendations for the best system to adopt in the company.
Biometric Authentication Systems Explained
The following section provides a detailed description of biometric authentication systems. Biometric systems are based on characteristics of the user that are universal, stable, and unique. As opposed to other user identification criteria that may change over time, the characteristics used by the biometric system are unique, and they can’t change over time. Examples of the characteristics used include finger prints, voice characteristics, face, and iris images. With the biometric access control system, users are first enrolled in a system whereby their finger, voice, or iris characteristics are recorded in a referencing system – these unique characteristics are referred to as the biometric sample. When a user needs to access the system, their finger print, voice or eye images, depending on the one being used, are matched with the recorded sample. If their characteristics match with the previously stored biometric template, the user is granted access. If the characteristics do not match the original biometric template, access to the system is denied.
Biometric systems are known to be secure and accurate, however, they have flaws. Therefore, it is important to consider what makes an ideal biometric system. To a certain level, an ideal biometric would depend on its application, however, there are fundamental properties required for all physical biometric identifiers. These features include security, cost, convenience, acceptability, and reliability.
Security is a major factor in the consideration of any security system. There are major aspects that every biometric system must satisfy with regard to security. The most basic aspects include accuracy, resistance to forgery. As regards the accuracy, an ideal biometric system should have a false acceptance rate (FAR), this refers to the likelihood that unauthorized individuals might be recognized as authorized (Edgington, 2007). The FAR is dependent of factors such as the uniqueness of the selected biometric characteristic, and the ability of capturing and recording biometric information accurately, and the possibility of matching it correctly. The FAR also covers the aspect of incorrectly identifying, and rejection of authorized persons, also known as false rejection rate (FRR). The eye-iris authentication system has been reputed for its high FAR and FRR abilities as opposed to finger vein authentication system.
Resistance to forgery refers to the likelihood that a biometric system may be forged. An ideal biometric system should possess the lowest likelihood that the information may be forged. In this regard, internal biometric measures may be more secure than external biometric measures. For instance, reports have shown that fingerprints can be lifted from glass and authenticated to scanners using fake fingers produced using household ingredients (Matsumoto, 2002).
The cost of implementing a biometric authentication system is normally estimated from the initial installation cost to recurrent costs. The initial cost comprises the cost of local area network (LAN), software installation, and hardware devices such as sensors, card readers, and processors. Other costs accrue from software installation licenses, and personnel training (Bolle, 2004, p. 144). A system might be secure and cost effective; however, if it is not practical in a certain setting, it will never succeed. Therefore, it is crucial to consider the convenience of a system.
An ideal biometric system for DSD should be easy to learn and use. Certain biometric technologies infringe on the convenience of a system. For instance the eye-iris technology requires people to remove glasses when using the system. Removal of spectacles may cause problems especially if the user is short-sighted, in such an occasion, they would have difficulties locating the area of focus.
When integrating a security system, it is important to consider whether the users at the company will accept the new system. Some of the issues that may be raised with regard to the acceptability of a system include privacy concerns such as remote tracking, hygiene issues especially with contact techniques as fingerprints, and safety concerns such as chopping off of body parts. The ideal biometric technique must fulfill the right balance of these aspects.
The reliability of a biometric authentication system would recognize the ability of a system to produce consistent, accurate results. Reliability would be estimated through accuracy measures such as false rejection rate (FRR) and false accept rate (FAR) (Edgington, 2007).
Finger Vein and Face Authentication Systems
In the context of Dynamic Safe Deposit (DSD), the two most feasible authentication systems would be the finger vein biometric system, and the face authentication system.
Finger Vein Authentication
Finger vein technology utilizes the changes in blood flow observed under high-intensity near-infrared light (NIR) Light Emitting Diodes (LEDs). The main operating principle behind the finger-vein technology is that every person has a unique vein pattern, and that the data on the vein pattern could be used as a viable biometric identifier. When obtaining the image, the invisible infrared light is absorbed by the haemoglobin to produce an image of a unique vein pattern, which is then captured by the sensor below the finger. Once the vein pattern is captured in the image, the image is than refined and passed to the authentication process. The authentication matches the newly captured vein pattern to an existing pattern in the database. If the vein patterns match, the user is accepted and if the veins do not match, the user is rejected. Finger vein recognition is relatively insensitive to a variety of factors including sweat, dirt, gloves, and surface injury. The finger vein technology has been recognized as a viable biometric authentication technology for commercial uses, with banks, supermarkets, and computers rapidly adopting the technology. At DSD, the technical team would have to retrieve samples from customers. For every customer to access their box, they would have to pass the finger vein authentication.
Face Recognition Authentication Technology
Face recognition uses a computerized program to automatically identify and verify the identity of a person from either a digital image or a video frame. The technology authenticates a user by comparing the facial features in the new image with an existing file in the facial database. The technology analyzes the facial characteristics of an individual’s facial image using a digital video camera. The operating principle behind facial technology is that a human face has over 80 nodal points with unique characteristics. The facial details recorded include distance between the eyes, nose, jaw edges, and the mouth. The process works in a four-stage process. The first two process phases include image capturing where a facial sample is captured and stored in a database, and extraction which entails retrieval of unique features of the image. The other phase include comparison which entails comparison of the new face with the template, and finally matching which tells whether the two faces match or not (Bolle, 2004).
Facial recognition has been widely adopted in surveillance of potential threats against terrorists, a known criminal, or scam artists. However, the technology has not been widely applied in high-level security checks such as in banking. In the context of DSD, each customer would be photographed for the company to obtain the templates. Details would then be stored in the database. Cameras and face recognition would then be fitted near each customer’s compartment to screen the customer before they can access their boxes. If the customer fails the face recognition test, they would not be allowed to access their safe boxes.
Comparison of the Finger Vein and Facial Technologies
Facial and finger vein technologies vary in terms of convenience, reliability, and accessibility. The differences depend on how both the company and the customers would perceive either of the technologies, and the right balance among the three aspects. Therefore, it is imperative to compare the two technologies to find the most appropriate for DSD.
As regards convenience, finger vein technology would be regarded as the most viable option given that it is fast as long as the user has a finger. According to Edgington, (2007) the technology has no enrollment problems as it is just the same as the old technique of using fingerprints which would be easy for the company. To the customers, using the technology is also easy given that it only involves placing a finger on a scanner. On the other hand, face technologies are regarded as one of the most convenient techniques given that the technology is non-invasive. The use doesn’t have to place any of their body parts against a scanner, and there no intrusions or delays when using the method. The technology is also cheap to install and run for the company (Hassanein et al. 2014). The other thing is that it is easy to deploy given that the organization can adopt the standard CCTV technology hardware fitted with face recognition software. To the customers, facial recognition technology would be appropriate since it is automatic, and it takes pictures from a distance. A system may be convenient but not reliable; therefore, it is important to consider the reliability of a technology.
Finger vein technology has received accolades as one of the most reliable biometric technologies given that it is not subject to manipulation, and the finger vein pattern is stable and unique. The technology has low likelihood of false acceptance rate (FAR) whereby an impostor may be regarded as a genuine user. The technology also has a low false rejection rate (FRR) whereby a genuine person may be regarded as an impostor (Anand, Flora & Philip, 2013). Moreover, the technology is insensitive to a variety of factors including sweat, dirt, gloves, and surface injury. On the other hand, reliability of face recognition technology is subject to a number of disruptors including ageing, plastic surgery, adjustment of facial hair, and head masking (Hassanein et al. 2014). The human face is subject to natural and artificial changes which can render facial recognition technologies unreliable for both the company and the clients.
Acceptability of a technology has to do with how customers perceive a certain biometric technology. Finger vein technologies are widely applied in banks, safes, computers, and door entry in other companies. Despite the vast application of the system, the technology, it might be criticized on the basis of hygiene and public health concerns since it is an invasive technology (Anand et al. 2013). On the other hand facial recognition has been applauded for its extensive use especially after the September 11 terror attacks. The technology is also non-invasive and cheap for the company. Facial recognition may be easily adopted by the company since is cheap and easily adopted (Hassanein et al. 2014). It shows that facial recognition technologies may be easily accepted by the customers given that they are passive and non-invasive.
Given the comparisons, it is clear that both technologies have strengths and weaknesses as regards convenience, reliability, and acceptability. However, it is important to consider the applicability of either technology to the context of DSD. Already, the clients are expressing discontentment with the current face recognition system due to lack of reliability. As Hassanein et al (2014) explain, facial data is subject to change agents such as age, surgery, and adjustment of facial hair. On the other hand, facial technologies have only been known to be applicable in large security areas requiring low-level security authentication as opposed to critical areas such as banking – where DSD falls. Therefore, finger vein technology falls as the best option for DSD irrespective of the few concerns about hygiene. The technology is known to be easy to use, and it has been widely tested in a variety of sophisticated authentication systems. The technology is also highly accurate, highly reliable, and easy for the company to install.
Section III: Decisions about the Technical Section
My decision for the material to be used in the detailed section was reached through a critical analysis of the audience, and the intent to meet the purpose of the result. The members of the management team to whom this report is to be presented have been described to have little knowledge on the subject of biometric authentication technologies. The prompt is also clear that finger vein and face recognition technologies were the most appropriate for the company. Therefore, I deemed it important to use simple language, and shallow detail of each technology, focusing on the areas that might affect the adoption of each technology. The information is specially tailored to meet the needs of a curious management team with no idea of the technology. Provision of detailed sections would have resulted in a long, boring, and incomprehensible report, probably appropriate for a more technical audience. I chose to include citations not only to authenticate but also to articulate major points about each technology; this is would help the audience discern distinctions between the two technologies, and probably develop a position on the best technology to adopt.
Section IV: Self – Evaluation and Grading
|1||Description||Excellent||– The description was clear, succinct, and it correctly explained the important aspects of biometric authentication technology- The description clearly introduced key concepts – acceptability, convenience, and reliability in the context of biometric authentication systems- The content was factually correct and authenticated using current citations
– The structure, presentation, and language was excellent
|2||Explanation of respective technologies||Excellent||– The respective technologies were clearly explained- The student clearly explained how each technology would be used to authenticate the customers- The section was presented in fine detail and a clear, succinct, factual language|
|3||Comparison of the two technologies||Good||– The structure is appropriate for the medium, audience, and purpose- The style reflects good technical writing with clear explanations- The section gives thorough, relevant, and correct comparison backed by in-text citations|
|4||Recommendations||Excellent||– The reasons behind the choice of finger vein technology are clearly given and concurrent with the literature- The writer paid attention to detail and cited reasons behind the choice- The recommendation reflects professional-level technical writing and clear, succinct language|
|Overall grade||Excellent||– The paper perfectly met all the requirements and reflected the targeted course outcomes. Excellent work|
Anand, J. T., Flora, A., & Philip, A. S. (2013). Fibger-Vein Based Biometric Security System. International Journal of Research in Engineering Technology, 2(12): 196 – 200
Bolle, R. M. (2004). Guide to biometrics. New York: Springer.
Edgington, B. (2007) Your quest for the ideal biometric: is it in vain? Introducing Hitachi’s Finger Vein Technology – a white paper [online]. Available from: http://www.hitachi.eu/veinid/documents/veinidwhitepaper.pdf
Hassanein, A. E., Kim, T., Kacprzyk, J., & Awad, A I. (2014). Bio-inspiring Cyber Security and Cloud Services: Trends and Innovations. Berlin, Heidelberg: Springer Berlin Heidelberg.
Maltoni, D., Maio, D., Jain, A. K., & Prabhakar, S. (2009). Handbook of fingerprint recognition. Springer Science & Business Media.
Matsumoto, D. (2002). Doubt cast on fingerprint security. BBC News. Available at: http://news.bbc.co.uk/2/hi/science/nature/1991517.stm