Bringing biometrics to the door
By Wayne Pak
By Wayne Pak
Biometrics fuse convenience and security while validating “true identity” versus identity that is associated with possessing an ID card (or mobile credential on a smartphone), and offers numerous benefits to access control and other enterprise applications.
With the emergence of new anti-spoofing capabilities and its integration into secure platforms that protect privacy and support numerous credential technologies, biometric authentication is poised to deliver a much higher matching speed and better overall performance along with improved security and user convenience.
Development of the latest solutions has focused on the following key areas:
Improving image capture
The quality of the captured image is critical, across all types of fingerprints and environments. Many customers choose sensors that use multispectral imaging because it optimizes the quality of the captured image and illuminates the skin at different depths to collect information from inside the finger to augment available surface fingerprint data. Additionally, the multispectral sensors work for the broadest range of people with normal, wet, dry or damaged fingers, across the widest range conditions (from lotions or grease to sunlight, wet, cold conditions). The sensors also resist damage from harsh cleaning products and contamination from dirt and sunlight.
Liveness detection to enhance trust
An increasingly visible dimension of biometric performance in commercial applications, liveness detection is critical for preserving trust in the integrity of biometrics authentication.
At the same time, it must not impede performance or result in excessive false user rejections. The most trusted multispectral imaging fingerprint sensors with liveness detection provide a real-time determination that the biometric data captured by the fingerprint reader is genuine and being presented by the legitimate owner, rather than someone impersonating them.
This capability leverages the image-capture approach of using different colours or spectrum of light to measure the surface and subsurface data within a fingerprint.
In addition to this optical system, the biometrics sensor features several core components including an embedded processor that analyzes the raw imaging data to ensure that the sample being imaged is a genuine human finger rather than an artificial or spoof material.
Advanced machine learning techniques can be used so the solution can adapt and respond to new threats and spoofs as they are identified. This is critical if biometrics are to eliminate the need to use PINs or passwords. It also protects privacy — if you can’t use a fake finger, then even if you did obtain someone’s fingerprint data, it is meaningless.
The top-performing solutions capture usable biometric data on the first attempt for every user and speed the liveness detection process. They quickly perform template matching to reject impostors and match legitimate users. They should be tested by skilled and independent third parties like the National Institute of Standards and Technology (NIST) for interoperability so that performance is based on data that can be trusted in all template-matching modes.
As an example, HID Global uses the top-ranked NIST certified MINEX III minutia algorithm to ensure interoperability with industry-standard fingerprint template databases. This interoperability ensures that today’s systems, which are based on much more powerful hardware than in the past, will perform accurate 1:N identification of a full database in less than a second.
Incorporating biometrics into access control systems requires a secure trust platform designed to meet the concerns of accessibility and data protection in a connected environment. The platform should leverage credential technology that employs encryption and a software-based infrastructure to secure identities on any form factor for trusted access to doors, IT networks and beyond.
Cryptography prevents any man-in-the-middle attacks while also protecting the biometric database. This system also should encompass remote management of all readers and users, spanning all onboarding as well as template loading and enrolment activities for supported authentication modes.
Tools should be available to allow system administrators to manage all configuration settings from time and data to language, security and synchronization. Additionally, the system should enable continuous live monitoring of authentication, alerts and system health. To simplify deployment, application programming interfaces (APIs) should be available for direct integration of biometrics authentication solutions with the access control infrastructure.
Biometrics data must be handled like all sensitive and identifying information, and properly architected system designs will always consider and protect against both internal and external threats and attacks.
New system architectures and data models have been created to protect personal information and maintain user privacy. Beyond the encryption of the data itself, there are now many good alternatives available for building highly secure and well protected systems, including the use of multi-factor and even multi-modal authentication to maintain security even if some identifying data is compromised.
Today’s fingerprint authentication solutions are on a fast track to deliver a unique combination of ease of use and higher security to access control systems. With their latest enhancements in liveness detection, system architectures and performance, they seamlessly combine security and convenience to make them a viable option for secure access to facilities, networks and services.
Wayne Pak is director of product marketing, physical access control, HID Global (www.hidglobal.com).
This story was featured in the August/September 2019 edition of SP&T News magazine.