Biometrics: Challenges and Applications

1
Biometrics Challenges and Applications

• Ishwar K. Sethi
• Department of Computer Science Engineering
• Oakland University, Rochester, MI 48309
• isethi_at_oakland.edu
• www.cse.secs.oakland.edu/isethi
• iielab-secs.secs.oakland.edu

2
Biometrics What is it?

• Technology for automated recognition or
  verification of the identity of a person using
  physiological or behavioral characteristics such
  as fingerprints, hand geometry, iris, voice, and
  signatures.

3
Recognition vs. Verification

• Recognition or identification implies checking
  whether a person is in the systems database or
  not. (one-to-many search)
• Verification or authentication implies checking
  the identity claim presented by a user.
  (one-to-one search)

4
Why Biometrics?

• Better than password/PIN
• No need to memorize passwords
• Requires physical presence of the person to be
  identified
• Better than smart cards
• Cannot be stolen
• Cannot leave it at home

5
Biometric System Architecture
Enrollment Phase
Identification/Verification Phase
6
Processing Examples
Data Capture Conditioning
Feature Extraction
Fingerprint Processing
Template Formation
Retinal Scan Processing
Template Formation
7
An Example of a Face Template
8
Template Size
9
Performance Measures

• False match rate (FMR)
• How often the system will match a subject with
  someone elses template
• False non-match rate (FNMR)
• How often the system will fail to verify a match
  when it does really exist
• Failure to enroll rate (FER)
• How often the system fails to enroll a person
  because of the unacceptable quality of the
  persons biometric sample

10
State of the Art Performance Metrics

• False match rates have been falling as the
  technology matures. Near zero rates are possible
  with some technologies
• False non-match rates lie in single digit range
• Failure to enroll rates can be as high as about
  12

11
Factors Affecting Performance

• Data capture factors
• Lighting, background noise, pose etc.
• Sensor interoperability
• Temporal changes
• Facial hair, eye glasses etc.
• Segmentation error

12
Face Recognizer Challenges
13
Segmentation Error
14
Biometric Applications (1)
15
Biometric Applications (2)
16
(No Transcript)
17
Biometric Revenue Growth
18
Market Share by Technology
19
Leading Biometric Applications and Vertical
Markets
Modality Application Key Vertical Market
Fingerprint Civil Identification Government
Face Recognition Surveillance Screening Travel Transportation
Hand Geometry PC Network Security Financial Sector
Middleware Retail/ATM/POS Healthcare
Iris Recognition Remote Authentication Law Enforcement
Source International Biometric Group
20
How Secure Are Biometric Systems?
Security system gets thumbs down from honours
studentBy CATRIONA JACKSONThursday, 13 June
2002An ANU computer science student has fooled
state-of-the-art thumbprint security systems, and
warned banks and business they aren't as secure
as they seem.Australian National University
honours student Chris Hill has proved that
"biometric" security systems, that use retina and
fingerprint scanning to identify people, could be
fooled using the information stored inside the
system itself. As part of his honours thesis,
Mr Hill tried the theory out on a commercially
available system, and cracked it.
21
Defeating Spoofing of Biometric Systems

• Randomization of verification data
• Retention of identifiable data
• Using multiple biometrics
• Using a combination of biometrics and smart cards

22
Societal Issues (1)

• Are some people left out because of physiological
  considerations
• For example, about 3 of the population has poor
  fingerprint quality
• Religious objections
• Mark of the Beast objection.
• Pat Robertson, host of The 700 Club and founder
  of The Christian Broadcasting Network, Inc.,
  observes that the Bible says the time is going
  to come when you cannot buy or sell except when a
  mark is placed on your hand or forehead.

23
Societal Issues (2)

• Informational privacy
• Function creep
• Tracking
• Identity theft
• Physical Privacy
• Stigmatization
• Hygiene

24
Function Creep

• Function creep, or mission creep, is the process
  by which the original purpose for obtaining the
  information is widened to include purposes other
  than the one originally stated. Function creep
  can occur with or without the knowledge or
  agreement of the person providing the data.
• Examples
• The use of SSN for purposes it was never intended
  to is the best example of function creep.
• South Carolina sold photographs of the states
  drivers to Image Data LLC, a New Hampshire
  company.

25
Tracking

• Possibility of linking different transactions to
  build a profile
• Use of face recognition to covertly monitor
  individuals
• Super Bowl in Tampa, Florida to identify would be
  criminals and terrorists

26
Identity Theft

• Although the biometrics provide a greater
  protection against the identity theft, the remote
  authentication does open up the possibility of
  identity theft.
• Liveness/Spoofing

27
Privacy Risk Factors (1)

• Overt/Covert
• Whether biometric signatures can be acquired
  without users knowledge or not. Covert systems
  are highly privacy invasive
• Optional/Mandatory
• Mandatory systems are considered more prone to
  privacy risks
• Verification/Identification
• Systems with identification capabilities are
  considered more risky
• Ownership of biometric data
• Systems where the biometric data resides with the
  owner are less susceptible to privacy abuse

28
Privacy Risk Factors (2)

• Behavioral/Physiological
• Behavioral biometric systems are less likely to
  be employed in a privacy invasive manner
• Templates/Identifiable Data
• Systems that maintain identifiable data in
  addition to templates are more risky
• Public/Private Sector
• Public sector use is more open to abuse due to
  lax controls while private sector may be tempted
  to share/link with others

29
Comparative Strengths of Different Biometric
Technologies
30
Summary

• Biometrics is at the threshold of tremendous
  growth. Numerous applications are emerging. The
  war on terror has hastened the deployment of
  biometrics
• Much hype in performance. Lots of improvements
  are needed
• Template protection and methods against spoofing
  are needed
• Privacy concerns need better addressing