In the following Q&A section, key biometric concepts are presented to accompany the article titled, ”Bolt-on biometrics.”
Under the broadest definition, any measurable characteristic or behavior that can be used to establish identity.
The process of measuring a biometric and associating it with an individual.
Like any other item used for identity verification, biometric templates need to be distributed to verification points and then managed over the lifecycle of that identity. Although biometrics cannot be “revoked” their privileges still need to be turned on/off as a person’s role changes.
Some biometrics, most famously fingerprints, can be “left behind,” even inadvertently, while others, such as iris scans or hand geometry leave no trace after presentation.
When the user must consciously choose to present their biometric for verification. Some methods with a visual component only require an individual to step into a field of view where they may be “passively” identified.
If a biometric is being compared to a pool of measurements looking for a match, this is known as “1 to n” or “1 to many.” When a biometric measurement is compared to a specific known template for a match this is “1 to 1.” Generally, 1 to 1 is faster, easier and more accurate. However, 1 to n is especially useful in law enforcement and security applications where an individual’s identity is not yet known.
There are two measures of accuracy for biometrics, false acceptance rates (letting the wrong person in) and false rejection rates (keeping the right person out). Depending on your application you may choose to favor one or the other and most biometric systems can adjust their sensitivity one way or the other. The crossover error rate (CER) plots these values against each other to provide a true picture of the accuracy of the system. This allows comparisons between different biometrics. Generally, a lower CER is the most accurate system. Since this point is where the two values are equal, it is sometimes referred to as the equal-error rate.
It depends on the application. Most biometrics operate relatively fast in a 1 to 1 match situation. However, the total throughput for a transaction, including presentation of the biometric, verification and feedback, may exceed the user’s threshold. This would be especially true of any high volume access control or payment situation. The longer the line is, the more important speed may be.