Biometric authentication is increasingly gaining popularity in a large spectrum of applications, ranging from governmental programs (National ID card, Visa, fight against terrorism) to personal applications such as logical and physical access control. Although a number of effective solutions are nowadays available, new ideas and techniques are necessary to overcome some of the limitations of current systems. Biometric authentication has been widely regarded as the most foolproof - or at least the hardest to forge or spoof. Since the early 1980s, systems of identification and authentication based on physical characteristics have been available to enterprise IT. These biometric systems were slow, intrusive and expensive, but because they were mainly used for guarding mainframe access or restricting physical entry to relatively few users, they proved workable in some high-security situations. Twenty years later, computers are much faster and cheaper than ever. This, plus new, inexpensive hardware, has renewed interest in biometrics.
Types of Biometrics
A number of biometric methods have been introduced over the years, but few have gained wide acceptance.
Signature dynamics. Based on an individual's signature, but considered unforgeable because what is recorded isn't the final image but how it is produced -- i.e., differences in pressure and writing speed at various points in the signature.
Typing patterns. Similar to signature dynamics but extended to the keyboard, recognizing not just a password that is typed in but the intervals between characters and the overall speeds and pattern. This is akin to the way World War II intelligence analysts could recognize a specific covert agent's radio transmissions by his "hand" -- the way he used the telegraph key.
PAGE 2
Eye scans. This favorite of spy movies and novels presents its own problems. The hardware is expensive and specialized, and using it is slow and inconvenient and may make users uneasy.
In fact, two parts of the eye can be scanned, using different technologies: the retina and the iris.
Fingerprint recognition. Everyone knows fingerprints are unique. They are also readily accessible and require little physical space either for the reading hardware or the stored data.
Hand or palm geometry. We're used to fingerprints but seldom think of an entire hand as an individual identifier. This method relies on devices that measure the length and angles of individual fingers. Although more user-friendly than retinal scans, it's still cumbersome.
Voice recognition. This is different from speech recognition. The idea is to verify the individual speaker against a stored voice pattern, not to understand what is being said.
Facial recognition. Uses distinctive facial features, including upper outlines of eye sockets, areas around cheekbones, the sides of the mouth and the location of the nose and eyes. Most technologies avoid areas of the face near the hairline so that hairstyle changes won't affect recognition.
The Current Leader
Because of its convenience and ease of use, fingerprint authentication is becoming the biometric technology of widest choice. A growing number of notebook PCs and computer peripherals are coming to market with built-in fingerprint readers. Scores of products are available, including keyboards, mice, external hard drives, USB flash drives and readers built into PC card and USB plug-in devices. Most of these units are relatively inexpensive.
These devices allow the user to maintain encrypted passwords that don't need to be remembered but instead are invoked after the user puts his finger on the reader. This can also be used with a separate PIN or password to offer true two-factor authentication.