Artificial intelligence is converging with biometrics to help provide more security in computers and smartphones.
Biometrics Definition
Biometrics is defined as the study and application of scientific and/or technological methods designed to measure, analyze, and/or record a human’s unique physiological or behavioral characteristics. In fact, many of us already use biometrics now in the forms of our fingerprints and our faces.
How Biometrics Are Used in Daily Life
Although biometrics has been used by various industries for decades, modern tech has helped it gain more public awareness. For example, many of the latest smartphones feature fingerprint scanners and/or facial recognition to unlock devices. Compared with so called token-based (e.g. keys, ID cards, driver’s licences) and knowledge-based (e.g. PIN codes, passwords) methods of access control, biometric traits are far more difficult to hack, steal, or fake. This is one reason why biometrics are often favored for high-level secure entry (e.g. government/military buildings), access to sensitive data/information, and the prevention of fraud or theft. Characteristics used by biometric identification/authentication are predominantly permanent, which offers a convenience — you can’t simply forget or accidentally leave them somewhere at home. However, the collection, storage, and handling of biometric data (particularly with regards to consumer tech) often brings up concerns about personal privacy, security, and identity protection.
Biometric Screening Characteristics
There are a number of biometric characteristics in use today, each with different means of collection, measurement, evaluation, and application. Physiological characteristics used in biometrics relate to the shape and/or composition of the body. Some examples are (but not limited to):
DNAFingerprints/palm printsIris/retinaFaceVein geometryScent/odor
Behavioral characteristics used in biometrics — sometimes referred to as behaviometrics — relate to unique patterns exhibited through action. Some examples are (but not limited to):
VoiceGaitSignatureKeystrokeHeartbeat
Characteristics are chosen because of specific factors that make them suitable for biometric measurements and identification/authentication. The seven factors are:
Universal – Each individual has to have it. Unique – There should be enough differences to distinguish separate individuals from each other. Permanence – The resistance to change over time (i.e. how it holds up against aging). Collectability – The ease of acquiring and measuring. Performance – The speed and accuracy of matching. Circumvention – How easily it can be faked or imitated. Acceptability – The openness of people to the particular biometric technology/process (i.e. easier and less invasive techniques, such as fingerprint scanners in smartphones, tend to be more widely accepted).
These factors also help determine if one biometric solution may be better to apply in a situation than another. But cost and the overall collection process are also considered. For example, fingerprint and face scanners are small, inexpensive, fast, and easy to implement into mobile devices. This is why smartphones feature those instead of hardware for analyzing body odor or vein geometry!
How Biometrics Work Throughout Society
Biometric identification/authentication starts with the collection process. This requires sensors designed for capturing specific biometric data. Many iPhone owners may be familiar with setting up Touch ID, where they have to place fingers on the Touch ID sensor over and over and over again. The accuracy and reliability of equipment/technology used for collection help to sustain higher performance and lower error rates in subsequent steps (i.e. matching). Basically, new tech/discovery helps to improve the process with better hardware. Some types of biometric sensors and/or collection processes are more common and prevalent than others in everyday life (even if unrelated to identification/authentication). Consider: Once a biometric sample has been captured a sensor (or sensors), the information undergoes analysis by computer algorithms. The algorithms are programmed to identify and extract certain aspects and/or patterns of characteristics (e.g. ridges and valleys of fingerprints, networks of blood vessels in retinas, complex markings of irises, pitch and style/cadence of voices, etc.), typically converting the data to a digital format/template. The digital format makes the information easier to analyze/compare against others. Good security practice would involve encryption and secure storage of all digital data/templates. Next, the processed information passes along to a matching algorithm, which compares the input against one (i.e. authentication) or more (i.e. identification) entries saved within a system’s database. Matching involves a scoring process that calculates degrees of similarity, errors (e.g. imperfections from the collection process), natural variances (i.e. some human characteristics can experience subtle changes over time), and more. If a score passes the minimum mark for matching, then the system succeeds at identifying/authenticating the individual.
Biometric Identification vs. Authentication (Verification)
When it comes to biometrics, the terms ‘identification’ and ‘authentication’ are often confused with one another. However, each one is really asking a slightly different yet distinct question. Biometric identification wants to know who you are — the one-to-many matching process compares biometric data input against all other entries within a database. For example, an unknown fingerprint found at a crime scene would be processed to identify who it belongs to. Biometric authentication wants to know if you are who you claim to be – the one-to-one matching process compares biometric data input against one entry (typically yours that had been previously enrolled for reference) within a database. For example, when using the fingerprint scanner to unlock your smartphone, it checks to ensure that you are indeed the authorized owner of the device.
