What are biometric systems used for?
Reliable user authentication is essential. The consequences of insecure authentication in a banking or corporate environment can be catastrophic, with loss of confidential information, money, and compromised data integrity. Many applications in everyday life also require user authentication, including physical access control to offices or buildings, e-commerce, healthcare, immigration and border control, etc.
Currently, the prevailing techniques of user authentication are linked to passwords, user IDs, identification cards and PINs (personal identification numbers). These techniques suffer from several limitations: Passwords and PINs can be guessed, stolen or illicitly acquired by covert observation.
In addition, there is no way to positively link the usage of the system or service to the actual user. A password can be shared, and there is no way for the system to know who the actual user is. A credit card transaction can only validate the credit card number and the PIN, not if the transaction is conducted by the rightful owner of the credit card.
This is where biometrics systems provide a more accurate and reliable user authentication method, as can be summarised in the table underneath:
Existing user authentication techniques include:
Something you know, e.g. password or PIN. The issue is that many password are easy to guess, and can also be easily forgotten.
Something you have, e.g. key or car. They can be lost, stolen or duplicated.
Something you know and have, e.g. card + PIN.
Something you are, e.g. fingerprint, hand, iris, retina, voice. You cannot lose them, are unique for each individual and are difficult to forge.
Why are biometrics secure?
Unique: The various biometrics systems have been developed around unique characteristics of individuals. The probability of 2 people sharing the same biometric data is virtually nil.
Cannot be shared: Because a biometric property is an intrinsic property of an individual, it is extremely difficult to duplicate or share (you cannot give a copy of your face or your hand to someone!)
Cannot be copied: Biometric characteristics are nearly impossible to forge or spoof, especially with new technologies ensuring that the biometric being identified is from a live person.
Cannot be lost: A biometric property of an individual can be lost only in case of serious accident.