1. What are biometrics?
At the most basic, biometrics can be best explained by breaking down the word: bio, as in biological; and metric, as in measurement. That is to say, biometrics are biological measurements. Thanks to the unique nature of many of these measurements, biometrics are particularly suited for identification. Fingerprints, facial measurements, the patterns that your veins make and even the way you walk – all of these characteristics and more are unique to you and you only.
At FindBiometrics, we focus on the technologies that measure biometrics and apply them to identity verification. Sometimes that means proving to a computer that you are you and are allowed to access your email, other times it means law enforcement officers uncovering wanted crooks. In every case biometrics allow for a high level of efficiency and assurance when it comes to every transaction dealing with identity and credentialing.
2. What are the characteristics measured by biometric technology?
Some biometric measurements are easy to see and others are not. Those that are on the surface – facial, iris, fingerprint – can be measured from a high resolution image with an algorithm that compares physical details.
There are also what are sometimes called Invisible Biometrics: essentially any type of unique biological quality that is not measured visually, usually because they rely on biological processes rather than outward appearance. Voiceprint biometrics, for instance, which rely on the unique sound of a human’s voice, measure a trait that combines the uniqueness of your lungs, larynx and other vocal organs. Unique EKG readings similarly verify an identity by measuring a human heart via the user’s wrist.
Invisible biometrics can be further refined to a subcategory of behavioral identification. The way that you interact with connected devices (computers, tablets, smartphones) can be measured and a profile can be derived from the resulting data. New software can then compare the way you usually type, use a mouse or scroll on a page with active inputs to see if malware or a fraudster has hijacked your device.
3. How does biometric authentication work?
Biometrics involve comparison. Whether visible, invisible or behavioral, biometric authentication technology centers on the capture of a measurement and comparing it to a previously derived string of numbers called a template.
A template is not a whole image, but rather a code that describes certain unique features of said image within the context of a specific biometric technology. Through the administrative process called enrollment, in which a biometric is initially scanned into a system, a template is derived and stored either on a server behind a firewall or in a secure element on a device (like an iPhone).
After enrollment, any time a biometric is scanned into a system in a request for access, the measurement of the presented biometric are compared to those described by the template. If there is a match, then access is granted, if there is not then it is denied.
Of key importance in the case of biometric authentication is the fact that templates are not whole images. A compromised database of biometric templates is not the same as a security breach resulting in the theft of passwords, PINs or account numbers. A template can’t be reverse engineered, but if it could be, an ideal biometric system should require a live biometric be presented for access in the first place.
4. What’s the difference between biometric authentication and biometric identification?
Authentication, as described above, involves matching one submitted biometric feature and matching it with a specific authorized template. When it comes to identification, rather than looking to issue a positive credential, the aim of biometric technology is to simply find a match within a database. For instance: the FBI’s Interstate Photo System allows law enforcement officials to scan biometrics and have them compared to those associated with wanted criminals.
Biometric identification also has applications in identifying characteristics held by groups of people. Some facial recognition technology can scan the faces of a large passing population and provide estimates on its demographics like average age and gender. In general, a good way to distinguish between biometric identification and biometric authentication is to look at what is being achieved with the matching.
Is a user requesting access to a secure physical or digital process? That is authentication. Is the person using the technology trying to discover something about a scanned individual? That is identification.
5. What are the ideal uses for biometric technology?
There are a huge number of applications for biometric technology and more are being invented constantly. Biometric authentication can be used to provide better-than-password security to online accounts or personal hardware (like phones, tablets or PCs). Biometrics are increasingly being used to authenticate financial transactions, especially payments. There are even applications in healthcare that help doctors and clinicians keep better patient health records.
Biometrics help law enforcement agents catch criminals and are making our airports more convenient; they help keep lunch lines moving quickly in schools and make sure no students get lost on field trips; biometrics are making our smartphones more usable and might be the key to helping users seamlessly interface with the growing Internet of Things.
Biometric technology can be used for everything from the everyday to the stuff of yesterday’s science fiction. Find out what applications are being talked about right now by visiting our industry news section.