Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS
biometric template

Biometrics 101 (part II): Storing and matching biometric templates

CampusIDNews Staff   ||   Mar 01, 2004  ||   , ,

In the February issue of SecureIDNews, part one of our series on biometric technology concepts was presented. In this second part review, key concepts are described building upon those presented prior.

As you may recall, biometrics are numeric representations of physical characteristics that enable identification or verification of the individual possessing the characteristic. Biometrics can be physical or behavioral. Physical biometrics focus on an individual's physical attributes such as fingerprints, hand geometry, and iris or retinal patterns. Behavioral biometrics measure an individual's actions such as the manner of walking (referred to as gate) or the way he or she types at a keyboard.

There are two key stages to a biometric system: enrollment and presentment. At enrollment, the individual presents the item or action to be measured to the measuring device or scanner. The device conducts the scan and the software generates a numeric representation of the image based on set algorithms. Using a fingerprint as an example, the person places the finger on the scanner. The scanner takes one or more readings of the fingerprint pattern and applies the system's specific algorithmic settings to it. A numeric string is created based upon the specific fingerprint pattern and this number is stored as the biometric template.

At presentment, the previously enrolled individual presents the item (e.g. the finger) again. This time the purpose is not to enroll the individual into the system but rather to verify that the person is who they claim to be or identify the person from a pool of individuals. Continuing the previous example of the fingerprint scan, the individual places the finger on the scanner and the same algorithm is applied to the scanned print. The resulting numeric template is compared to the enrolled template and, if they match, access is granted.

Storage of the template

A key concept of, and major difference between, biometric systems involves the storage of the enrolled template. To function, the enrolled biometric template must be available for comparison against the newly presented fingerprint and resultant template. But where will the system store the enrolled template? While there are many possible points of storage, the real question boils down to this: "should the template be kept on the system or in the possession of the individual?"

Commonly the terms "storage on reader, panel, or system" is used when the enrolled template is housed on the system and "storage on card" when the template is kept in the possession of the individual (e.g. on a smart card).

While this might seem like an insignificant difference, it is at the root of many of the anti-biometric privacy opposition arguments. If the template is in the possession of the system it is, by default, outside of the absolute control of the individual. This has been a cause for significant concern among privacy advocates. If the template is housed only on a card that remains in the possession of the individual, this concern is alleviated.

Matching of the templates

For a biometric system to function, a presented template must be compared to an enrolled template or a database of enrolled templates. Just as the location of the template's storage is an important differentiator of biometric systems, so too is the location for this comparison or matching process.

A biometric match can be conducted in the same two basic areas as template storage: on the system or on the card. The key here again is the location of the individual's biometric template. If the match operation is performed on the system (e.g. at the reader, at the panel) it is, by definition outside of the absolute control of the individual. Thus, many systems are designed to perform the match operation on the card itself, using the processing capability of the smart card. In this scenario, the actual enrolled biometric never leaves the card and thus is at a lesser risk for compromise.

The most secure and most privacy-protecting architecture includes storage of the enrolled biometric template on the card as well as matching of the enrolled and presented biometrics on the card.

Perception is reality …

As nearly every biometric industry representative will attest, it is impossible to ‘reverse engineer' the actual physical or behavioral characteristic from a biometric template. Using our fingerprint example, the scanned finger is mathematically summarized into a series of digits based on certain key points in that fingerprint image. Someone possessing the string of digits could not recreate the fingerprint even if they had access to the formulas used as only bits and pieces of the finger are incorporated.

It is analogous to describing a person's physical appearance. The man is 6 feet tall, he has brown eyes, and black hair. He has a birthmark on his right ear and small scar above his left eye. While this description can be used to identify a person (at least to a point), it would in no way enable an accurate recreation of the person or his likeness.

Thus, the need for storage and matching of the biometric on the card for reasons of privacy protection is likely overemphasized. It can be, however, the best architecture for certain applications and environments. And if the people perceive that there is a risk, this perception is difficult to counter. It seems that both in biometric measurement and in the public view of biometric technology, perception is reality.

Subscribe to our weekly newsletter

RECENT POSTS

Jan 26, 23 / ,

Baylor adds Starship robot delivery

Baylor University has added robot delivery from Starship Technologies to its dining services offerings with the help of Grubhub. The initiative will see Baylor deploy a fleet of 20 delivery robots on the Waco, TX campus.
Jan 26, 23 /

NACCU Annual Conference registration now open

The National Association of Campus Card Users (NACCU) has opened registration for its Annual Conference. This year’s conference will be held April 16-19 in Austin, Texas and will feature a packed schedule of informative events and sessions with both campus card professionals and corporate vendors.

Grubhub, Topanga.io partner for reusable takeout container initiative

Grubhub has partnered with reusable packaging management platform, Topanga.io, announced to provide an integrated takeout container management service on college campuses. The partnership will bring Topanga.io's ReusePass program to universities across the United States, starting first with Ohio State University and Colorado State University.
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Join us, @NACCUorg, and @TouchNet to explore how campus card programs can successfully navigate the sales and procurement process. Join the webinar on June 6, 2 pm EDT. https://go.touchnet.com/l/652093/2022-05-18/lsndq

Webinar: Learn how the University of Arizona uses campus cards, mobile ordering, kiosks, lockers, and robots to revolutionize campus dining. April 7, 2-2:30 EDT. Register Now at https://register.gotowebinar.com/register/7821245544009488910?source=campus-id

As supply chain issues in 2021 persist, identity solutions provider @ColorID discusses ways campuses can to overcome potentially troublesome delays until the situation eases.

https://www.cr80news.com/news-item/protecting-your-campus-card-program-from-supply-chain-issues/

A dining services push at the @UBuffalo is reinforcing the utility of self-service checkout. @CBORD is improving the food service experience using the GET app, as well as Nextep kiosks and Oracle’s Micros Simphony POS.

https://www.cr80news.com/news-item/kiosks-self-service-tech-streamline-campus-food-service-u-buffalo/

Did you miss our recent webinar? No worries - watch it on-demand. Leaders from @NAU and the @UAlberta joined Ryan Audus, Touchnet, and Andrew Hudson, @CR80News, to discuss innovative mobile services and the future of mobile tech in higher ed. Watch now: https://bit.ly/31RFyLn

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2023 CampusIDNews. All rights reserved.