Abstract: BIOMETRIC SECURITY

BIO-METRICS
Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristic. Among the features measured are face, fingerprints, hand geometry, handwriting, iris, retinal, vein, and voice..
Using a unique, physical attribute of your body, such as your fingerprint or iris, to effortlessly identify and verify that you are who you claim to be, is the best and easiest solution in the market today

for computer accounts, bank ATMs, e-mail accounts, wireless phones, web sites and so forth. Biometrics hold the promise of fast, easy-to-use, accurate, reliable, and less expensive authentication for a variety of applications.

How Biometrics Works

Biometric authentication requires comparing a registered or enrolled biometric sample against a newly captured biometric sample.

Three major components

A mechanism that used to scan and capture digital images of individuals' biometric characteristic. A software and database that use to process and store the image as data for verification use afterward. An application system that use to interface with individuals for confirming their true identity.

TYPES OF BIOMETRICS
Face Recognition Analyzes he characteristics of an individual's face. Facial recognition uses features of the face such as the location and position of the nose, outlines of the eyes, areas of the cheekbones, and the mouth Fingerprints Use patterns found on the fingertip some use optical images, while others use electronic field imaging. Ways to identify the fingerprint image include pattern matching, fringe patterns, ultrasonic and others. Iris Scanning Uses the unique characteristics of the human iris to identify an individual. The information about the iris is converted to an algorithm, which maps the iris's distinct patterns and characteristics. Voice Authentication Software and hardware technology convert voice into text data that can be analyzed by voice response systems and other computers. Dynamic Signature Verification Is the process used to identify an individual's handwritten signature by analyzing the shape, speed, velocity and pressure of the act of signing.

Enrollment stage
Individual perform an enrollment process for biometric capture by using a sensor for fingerprint, microphone for voice verification, camera for face recognition and scanner for eye scan. Then the data, biometric characteristics, stores into a database for the verification process later on.

Verification stage
Individual is to perform the biometric capture again. The application system extracts the biometric characteristics and compares to the data in the storage. After this comparison, the verification result, either pass or not, would be based on the percentage of characteristic matches. Sometimes more than one biometric technology are used because a number of factors, such as environmental or physical damage on specific part, that affect the user acceptance by the verification accuracy.

Smart Cards and Biometrics

Integrating smart cards, biometrics and public key cryptography provides a solid foundation for developing secure applications and communications. The highest level of security uses three-factor authentication: Something you know (password or PIN) Something you have (smart card, magnetic stripe card or a physical key) Something you are (your fingerprint, retina scan or voice pattern) An individual gains three-factor authentication by combining a smart card, biometric and PIN. If the user loses the smart card, the card is inoperable without the

Why it has to be Biometrics

Biometrics can be used to identify you as you. Tokens, such as smart cards, magnetic stripe cards, photo ID cards, physical keys and so forth, can be lost, stolen, duplicated, or left at home. Passwords can be forgotten, shared, or observed. Moreover, today's fast-paced electronic world means

people are asked to remember a multitude of passwords and personal identification numbers (PINs)

Abstract: BIOMETRIC SECURITY

biometric. Forged fingerprints are weeded out with use of the PIN. In a smart-card-secure world, you are not locked into one form of authentication, such as a password or key.

Biometrics and Computers

With security an increasing concern for government and corporate businesses, biometric access to computers is going to become very common. Products already on the market include finger print scanner units, key board and mouse scanners, touch screen monitors that scan the finger print, and voice activated software.

technologies, we have to consider about the availability and accuracy of each technology. For example, among the technologies we discussed above, fingerprint and face might be more collectable than retina technology. Besides, accuracy of identification is another issue. Different technology might incur different level of errors. Therefore, before we adopt a technology for biometric identification, we have to evaluate the availability and accuracy of the candidate technologies. Cost Cost is another major factor in the implementation of biometrics. In the past this was more the case, as biometrics was an emergent unproven technology. However, as biometrics has gained more industry support the cost has fallen. Identity Theft Biometric identification could be fooled by a latex finger, a prosthetic eye, a plaster hand, or a DAT voice recording. Biometric devices must therefore be able to determine whether there is a live characteristic being presented. By monitoring living characteristics biometric devices become a source of sensitive biomedical data User Acceptance The biggest issue in biometric implementation is user acceptance. Many people are no comfortable with the idea of specialized fingerprint reading pads. These remind the user or the other main use of fingerprints, identifying and cataloging criminals. Luckily it appears that the manufacturers of biometric devices understand the concerns of these users. Most biometric device manufactures design their device so that it does not simply record the users fingerprint, but rather a mathematical model of the fingerprint which contains only the attributes that the device uses to tell fingerprints apart.

Portable Device Protection

In the next few years you will see just about every thing come with biometric protection. Mobile phones, MP3 players, cars, laptop computers, building access, locker access.

PKI - The Central Public Key Database

PKI stands for Public Key Infrastructure. Governments and security companies world wide are addressing the complex problem of setting up a directory service that will play an essential role in the setting up of any PKI system. Applications must be able to verify the certificate authority of the public key contained on the smart card. The certificate authority is the organisation that initially issued the encryption keys and smart card. The certificate authority verifies that the person is who they claim to be. If privacy concerns can be overcome, public keys (for the certificate authority and for the individual) should be available to all applications that need cross verification.

Personal Banking
This application makes a binding between the application, the public cryptographic key and personal data stored in an employee directory. Again, the original single identity token is reused. Directory services and biometrically secured cryptographic key storage would truly enable electronic commerce. Such a scheme, if widely adopted, would allow an individual to carry a single convenient smart card to authenticate themselves to applications anywhere..

Biometric -Issues and Concerns

When applying biometrics on security, there are several issues to be considered. Some issues are due to the nature of biometric identity, and some are due to the reasons from the social perspective. Availability and Accuracy When choosing from the available biometric

Abstract: BIOMETRIC SECURITY