Campus ID News
Card, mobile credential, payment and security
biometric template

Biometrics 101 (part II): Storing and matching biometric templates

CampusIDNews Staff   ||   Mar 01, 2004  ||   , ,

In the February issue of SecureIDNews, part one of our series on biometric technology concepts was presented. In this second part review, key concepts are described building upon those presented prior.

As you may recall, biometrics are numeric representations of physical characteristics that enable identification or verification of the individual possessing the characteristic. Biometrics can be physical or behavioral. Physical biometrics focus on an individual's physical attributes such as fingerprints, hand geometry, and iris or retinal patterns. Behavioral biometrics measure an individual's actions such as the manner of walking (referred to as gate) or the way he or she types at a keyboard.

There are two key stages to a biometric system: enrollment and presentment. At enrollment, the individual presents the item or action to be measured to the measuring device or scanner. The device conducts the scan and the software generates a numeric representation of the image based on set algorithms. Using a fingerprint as an example, the person places the finger on the scanner. The scanner takes one or more readings of the fingerprint pattern and applies the system's specific algorithmic settings to it. A numeric string is created based upon the specific fingerprint pattern and this number is stored as the biometric template.

At presentment, the previously enrolled individual presents the item (e.g. the finger) again. This time the purpose is not to enroll the individual into the system but rather to verify that the person is who they claim to be or identify the person from a pool of individuals. Continuing the previous example of the fingerprint scan, the individual places the finger on the scanner and the same algorithm is applied to the scanned print. The resulting numeric template is compared to the enrolled template and, if they match, access is granted.

Storage of the template

A key concept of, and major difference between, biometric systems involves the storage of the enrolled template. To function, the enrolled biometric template must be available for comparison against the newly presented fingerprint and resultant template. But where will the system store the enrolled template? While there are many possible points of storage, the real question boils down to this: "should the template be kept on the system or in the possession of the individual?"

Commonly the terms "storage on reader, panel, or system" is used when the enrolled template is housed on the system and "storage on card" when the template is kept in the possession of the individual (e.g. on a smart card).

While this might seem like an insignificant difference, it is at the root of many of the anti-biometric privacy opposition arguments. If the template is in the possession of the system it is, by default, outside of the absolute control of the individual. This has been a cause for significant concern among privacy advocates. If the template is housed only on a card that remains in the possession of the individual, this concern is alleviated.

Matching of the templates

For a biometric system to function, a presented template must be compared to an enrolled template or a database of enrolled templates. Just as the location of the template's storage is an important differentiator of biometric systems, so too is the location for this comparison or matching process.

A biometric match can be conducted in the same two basic areas as template storage: on the system or on the card. The key here again is the location of the individual's biometric template. If the match operation is performed on the system (e.g. at the reader, at the panel) it is, by definition outside of the absolute control of the individual. Thus, many systems are designed to perform the match operation on the card itself, using the processing capability of the smart card. In this scenario, the actual enrolled biometric never leaves the card and thus is at a lesser risk for compromise.

The most secure and most privacy-protecting architecture includes storage of the enrolled biometric template on the card as well as matching of the enrolled and presented biometrics on the card.

Perception is reality …

As nearly every biometric industry representative will attest, it is impossible to ‘reverse engineer' the actual physical or behavioral characteristic from a biometric template. Using our fingerprint example, the scanned finger is mathematically summarized into a series of digits based on certain key points in that fingerprint image. Someone possessing the string of digits could not recreate the fingerprint even if they had access to the formulas used as only bits and pieces of the finger are incorporated.

It is analogous to describing a person's physical appearance. The man is 6 feet tall, he has brown eyes, and black hair. He has a birthmark on his right ear and small scar above his left eye. While this description can be used to identify a person (at least to a point), it would in no way enable an accurate recreation of the person or his likeness.

Thus, the need for storage and matching of the biometric on the card for reasons of privacy protection is likely overemphasized. It can be, however, the best architecture for certain applications and environments. And if the people perceive that there is a risk, this perception is difficult to counter. It seems that both in biometric measurement and in the public view of biometric technology, perception is reality.

Related Posts

Subscribe to our weekly newsletter


campus card photo upload video
May 23, 24 /

Video tutorials guide students through photo upload process

Photo upload is commonplace for campus card programs, but teaching students to use the software can be a real challenge. Most campuses rely on text-based upload instructions on a visually ‘less-than-appealing’ page somewhere on the institution’s website. But we have all heard it before – modern students are visual learners and prefer to consume information […]
NACCU Guide to Going Mobile
May 23, 24 / ,

NACCU releases first-ever Guide to Going Mobile

This week, NACCU launched its new Guide to Going Mobile, an online resource that includes best practices for institutions  preparing for a mobile credential launch. Project team members contributed their own experiences and interviewed campus administrators who had already deployed the new IDs as well as others that were in various stages of the process. […]
Kent State autonomous store
May 23, 24 /

Kent State autonomous store uses campus cards from CBORD for entry, payment

Kent State University’s Flash Bistro is a grab-and go store that offers snacks and light meals. These days, the meals seem even lighter as students enter the store, pick up their food, and exit without interacting with a cashier or self-checkout device. With the help of Kent State’s transaction system provider, CBORD, students to present […]
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.

Attn: friends in the biometrics space. Nominations close Friday for the annual Women in Biometrics Awards. Take five minutes to recognize a colleague or even yourself.

Feb. 1 webinar explores how mobile ordering enhanced campus life, increased sales at UVA and Central Washington @Grubhub @CBORD

Load More...
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2024 CampusIDNews. All rights reserved.