Biometrics

Biometric Authentication.  Sounds very CSI doesn’t it. With a computer-driven world and identify theft numbers increasing, it is becoming more difficult to keep personal information safe from hackers.  We all have multiple passwords used on an increasing number of websites and computers which makes maintaining and keeping track them more difficult.

There are three authentication methods used: passwords, security tokens or smart cards, and biometrics or physical characteristics (fingerprint, veins, voice recognition, eye scanning, palm print or handwriting).   All three have drawbacks so most security professionals recommend using a method called two-factor authentication.  Implementing two-factor authentication system requires expensive hardware infrastructure changes making the single authentication the least expensive method.

Let’s look at the breakdown of each method.

Passwords – They are inexpensive and offer minimal security.  Managing multiple passwords for different systems can be a nightmare, requiring users to maintain lists of passwords and systems they use.

Security Tokens/Smart Cards – Require more infrastructure support and specialized hardware.  This method offers better security than using passwords but is not foolproof.

Biometric – The most regarded foolproof security system.  This system is used mainly for guarding restricted physical entry since computers have gotten much faster and cheaper and inexpensive hardware has sparked a new interest in biometrics. There are a number of types available for use.

Types of Biometrics

• Signature Dynamics – Based on an individual’s signature, but considered unforgeable because what is recorded isn’t the final image but how it is produced.
• Typing Patterns – Similar to signature dynamics but it is extended to a keyboard recognizing not just a password that is typed but the intervals between characters and the overall speed and pattern.
• Eye Scans – Just like you’ve seen in James Bond movies. The hardware is expensive and specialized it is slow and inconvenient and makes users uneasy.
• Fingerprint Recognition – Fingerprints are unique in addition they require little physical space for the reading hardware or stored data.
• Hand or Palm Geometry – This method relies on devices that measure the length and angles of individual fingers.
• Voice Recognition – Different than speech recognition. The concept is to verify the individual speaker to stored voice pattern.
• Facial Recognition – Uses distinctive facial features including upper outlines of eye sockets, areas around cheekbones, the sides of the mouth, and the location of the nose and eyes.

Legal Issues

• Privacy – People who are subject to biometrics scan or reading can feel that such procedures are physically invasive, especially if they involve reading body parts.
• Information Security – Readings are often stored in a database that can be accessed by an employer or government agency. Such information may include private information including medical history and bank accounts.

Companies considering using biometrics should clearly state the purpose of the system in policies or company handbooks and indicate whether the system is being used for identification or verification purposes.

I hope that you found this information helpful.  Please feel free to forward it to others.  If you would like to learn more about this topic or would like to request a topic, please contact me. If you missed any past newsletters or would like a printed copy, please visit my website www.mdsystemsolutions.com.

Until next time…Happy Computing!!!