We traditionally identify ourselves with something we know (a name, a password) or with something we have (a card, a mobile phone). And in some cases with 2 or more factors to increase security, as for instance when we use a card and a PIN to withdraw money from an ATM.

The digitization of processes has increased our need to identify ourselves automatically, and with it the threats to digital identity theft by hackers and other criminals.

With the most commonly used methods we need several authentication factors with high complexity to have a high level of security. The use of passwords, for example, needs long and complex combinations, different for each system, and that we change them periodically.

Security therefore involves a high level of inconvenience for users. And since we generally tend towards convenience, identification systems end up being insecure.

To solve this need for security and convenience in identification at the same time, biometric technologies have been developing. They are based on the fact that we have parts of our body that differ from those of other people enough to be able to uniquely identify each person with certainty. For example: fingerprints, face, voice, or irises.

With biometrics we identify ourselves by something we are, and therefore:

• It’s very secure. No one can steal or copy our body. Unlike a card that can be copied or stolen, or a password that can be hacked.
• It’s very convenient. We have nothing to carry that we may lose nor anything to remember that we may forget.

The most secure biometric technology is DNA analysis, which due to its characteristics is usually only used for forensic activities. Those that can be used to quickly perform identifications in real time, ranked by security level, are: iris biometrics, vein map, fingerprint, facial, and voice.

There are other types of biometric technologies based on behavior, such as typing dynamics on a PC, or the way we walk or gait analysis, but they are much less secure and more difficult to apply.

In general, professional biometric systems have:

• Biometric servers equipped with AFIS (Automatic Fingerprint Identification System) if they use only fingerprint, or with ABIS (Automatic Biometric Identification System) when they use other additional biometric technologies such as iris or facial that make them multibiometric systems.
• At identification points there are usually PCs or mobile devices with client software that communicates with the biometric server.
• Biometric sensors connected to the PC or mobile device, which are specific scanners designed to take quality photos of the fingerprint or irises, or face cameras.

The client software collects the image of the biometric sample (iris, fingerprint, face, vascular map of veins) captured by the sensor locally, and communicates with the biometric server, which performs the identification functions.

In small systems we may not have a biometric server, and the entire operation may be carried out on a single device. This is the case, for example, of a fingerprint device placed on the wall to open an office door.

The most important biometric operations are:

• 1:N Identification (one to all), of a live sample against all samples stored in the biometric database.
• 1:1 Verification (one to one), of a live sample against those stored of only a certain person.
• 1:n Segmented identification (one to few), of a live sample against a subset of the database filtered by certain criteria (for instance, identification only among the inhabitants of a certain city).
• Enrollment or biometric registration of live samples in the biometric database. It is done once for each person that will be securely identified from this moment on.

There is no biometric technology that is superior to the others in all cases, but depending on the application it is better to use one or the other. For example:

• Iris biometrics is the most secure if we are going to identify people in large databases. It also has the advantage of being contactless, and can be used through glasses and goggles.
• Fingerprint biometrics, with contact, are very secure, especially considering that we can use several fingers to increase identification security in large databases. And fingerprint sensors have a much lower price than iris sensors.
• Facial biometrics allow the use of existing cameras, and the ergonomics of use are very simple, everyone knows how to take a selfie. On the other hand, its security level is low for identifications in large biometric databases, and it doesn’t work well identifying faces with occlusions and changes in facial appearance (masks, glasses, beards, etc.)

Biometrics is not a single solution, it is a technology that can be applied in different ways to business processes, and it is important to choose appropriately which one to use in each case. For example, the system that we use to open a door in an office has little in common with the one that we have to use in a prison for the inmates’ census and control of visits, beyond the fact that they use biometric principles in the development of both solutions. .

It is essential to take into consideration different aspects to choose the right biometric system for each sector and need. At least the following ones:

• Security level needed.
• The size of the biometric database.
• The number of identification points required.
• Fixed and/or mobile identification points.
• The profile of the people who are going to perform the identifications.
• Whether users identify other people or themselves.
• The ergonomics needed in the identification process.
• If there are different use cases that require several different biometric technologies, even with different types of sensors.
• The level of integration required with existing corporate systems and software.
• The available budget.

In future articles we will explain in more detail different issues related to the use of biometric technologies.

Find out how Verázial ID uses the most advanced biometric technologies to solve all the identification problems in your sector.

Contact us for a demo and/or a customized analysis.