Biometrics can be used for identification or combined with credentials and PIN codes to affect multiple factor authorization. Multiple factor authorization forces a higher level of security.
Biometric technology involves creating a digital file referred to as a template is created by using a biological characteristic of an individual; often called their biometric signature. This template can be stored in memory and compared to the biometric signature of individuals requesting access.
When an individual’s trait is compared to a large database it is referred to as 1:N (one to many) identification.
Another technique is to store the template on a credential and the person presents the credential when attempting access, and the trait is compared to the template on the credential. This is referred to as 1:1 (one to one) authentication.
Systems often will permit the enrollment of two biometric signatures for each end-user, in case one of the signatures is unreadable by the system. This is typically a fingerprint where a wound on the finger obscures the scan. Another alternate is to assign a P.I.N. number to a user which can be used in lieu of their biometric signature.
Unlike keys, PIN numbers, picture IDs, magnetic swipe and “smart” cards, biometric-derived identities cannot be transferred to another person, stolen, copied or counterfeited. Therefore, the application of biometric technology eliminates or greatly reduces the opportunity for identity theft unauthorized access and the potentially disastrous consequences to safety and security.
There are three different elements to Biometric access control systems:
- A reading or scanning device (terminal) that can capture the image of personnel.
- The software algorithm which creates each individual’s biometric template which is stored in a database or on a credential, and determines if the scanned signature matched the stored template.
- Access Control controllers and software which manage the users the templates the access rules and control and record activities and the locking and unlocking of the doors.
Some biometric technologies are open platform in that they present a Wiegand output to a access control system. One example would be that my fingerscan would create a Wiegand data string the same as a credential would create, and the access control system would act on this data as if it were a credential-based transaction.
Some biometric systems are self-contained and a valid signature results in a contact closure to unlock the door. Many biometric terminals may be configured to do both.
There are a number of biometric scanning technologies, and which one is best is the subject of much contention between not only vendors but also consortiums that make studies and comparisons.
Fingerprints, hand geometry, veins, voices, faces, irises, retinas and even signatures, keystrokes and DNA all lend themselves to being measured, digitized, stored, retrieved and matched in order to verify someone’s identity.
Check out http://www.nist.gov/itl/iad/biometric-120611.cfm to gain a little more perspective on this area of technology.
Facial recognition system can verify identity without physical contact with a reader or appliance. CCTV cameras have been adapted for use in facial recognition.
Iris recognition is one of the most accurate biometrics currently available.
Retina recognition also has a high degree of precision, but because subjects must allow a light to be shone into the back of their eye, retina recognition is considered one of the more intrusive biometric technologies.
Hand recognition is precise, reliable and non-intrusive.
Vein recognition systems are not readily available yet, but offer a level of precision similar to iris recognition technology.
Voice, signature and keystroke reliability of this technology depend on the variables such as the subject’s stress level, ambient noise level, illness, etc.
Fingerprint recognition is the most widely deployed biometric identifier because it is reliable and easy to deploy.
In addition to its standalone capability,the Zodiac 250 can be incorporated into an existing access control system using switchable 26-bit Weigand format or Cansec 37-bit proprietary format.