What is biometric security and what are its most used techniques?
Facial recognition and fingerprint detectors are measures of biometric security that have been associated with fiction for many years. From research and espionage facilities guarding state secrets, and banks that are protected against the most capable thieves, to laboratories holding lethal viruses protected from terrorists and villains. Today, however, this is no longer about science fiction. Who doesn't carry a mobile phone in their pocket that can be unlocked with a fingerprint?
Biometric security is here to stay and, like everything in the world of computers, has a lot of room for improvement. That is always good news.
What is biometrics? And what is biometric security?
Biometrics, from the Greek bios- (life) and -metrics (measure), is the set of methods and techniques used to identify, or verify the identity of a person, based on some of their physiological characteristics (as well as behavioural ones, such as their signature). Our voice, our fingerprint, our eyes, and even the rhythm of our heartbeat. All of these characteristics share one thing in common: they are unique.
So, what is biometric security? Biometric security is the field of information technology that applies these techniques of biometrics to increase access protection to systems, from unlocking a mobile phone to gaining access to an ultra-high security laboratory. Biometric security is already a standard. Whilst not exempt from bugs and vulnerabilities, it works very well, thanks to the technological development behind it, and a series of conditions when choosing the human trait to digitise. This trait must be:
- Universal: present in all human beings.
- Particular: with widely distinctive characteristics.
- Permanent: it must not change over time.
- Recognisable and measurable by current technologies.
- Efficient: it must have good performance, with optimal check speeds.
- Acceptable to users, without risks to health and privacy.
- Robust in terms of security.
What are the most used techniques in biometric security?
Not all biometric security methods are based on a physiological trait that meets all of these conditions. The most popular are:
- Fingerprint scanning: the most common and refined, and one of the quickest and cheapest methods. This can be applied to any device that can be touched: a screen, a mouse, a touch panel on a door or a laptop, etc. According to a study by Spiceworks, fingerprint scanners are the most widely used biometric security measure in the business world: present in 57% of companies.
- Facial recognition: the second most popular measure, used in 14% of the companies studied. Its drawbacks are the multiple factors that can prevent its correct operation, mainly lighting and the passage of time. Unlike the fingerprint, the face does change throughout life.
- Biometrics based on hand geometry: one of the cheapest techniques and most accepted by users. It allows both hands to be recognised, it is easy to use, and it offers one of the best speeds. This is the third most used measure in the business world, although it only works with small groups of people, due to the high probability that the geometry is repeated.
- Iris recognition: Less prevalent in the market due to its higher cost, but one of the most effective measure. Accurate, safe, and fast. The iris remains very stable throughout life and the small variations that lighting causes in the eye prevent fraud by photography.
- Vein matching recognition: this technology uses infrared lights that are absorbed and reflected by the haemoglobin of the veins, and is one of the most advanced methods of biometric security that can be implemented.
Is biometric security reliable?
Biometric security is more comfortable for users, but is it really secure? It has the same drawbacks as a password. The trait that is digitised is transformed into encrypted information that is stored in a database. If the sending and receiving of data are not well automated and do not feature robust security systems, software vulnerabilities can lead to data theft and subsequent access to the system.
Also, some measured features of the techniques we have explained can be falsified using a photograph or 3D model. And what happens when your biometric identity is stolen? Unlike passwords, these features cannot be changed and, once stolen, they would be unusable for life (unless they change over time, making them less optimal for use).
Feng Jianjiang, a professor at Tsinghua University in China, has warned that a replica of fingerprints can be obtained from a photograph in the right conditions.
Privacy is another problem that biometric security presents. As with the rest of our data, our biometric identity becomes part of the cloud and, apart from the vulnerabilities of the data itself, this means that there is always a possibility of the sale of that data.
According to a survey published by Ping Identity, 92% of companies consider biometric authentication effective or very effective, and 86% of companies say that data stored in the cloud is secure.
Despite everything, biometric security still has a way to go, and many challenges to overcome. However, its advantages can only increase, and its disadvantages will decrease. If you want to turn your career around and be part of the team that will revolutionise the future of computing and biometrics, don't hesitate! Join BETWEEN!