“Who is she?” “Is she really the person she claims to be?” “Can I allow her to access this data?” Unlocking our phone or laptop, using our credit card, logging into our Instagram account, even traveling are some cases in which we encounter the above questions. It’s obvious that we cannot do the things above unless we give the right answer to such questions. So proving one’s identity is a very serious matter not only to protect people’s privacy but also to prevent certain people from accessing important data. In this article, we want to talk about biometrics, a secure way of authentication.
There are several ways to authenticate people’s identity. First by something they have (e.g. key, ID card) which can be easily stolen or lost. Another way is by using something they know (e.g. password or secret questions). As we know, passwords are usually susceptible to fraud and also people often forget them. Memorizing all of your passwords is pretty difficult. That’s why most people prefer to use the same password for all of their accounts. On the other hand, a number of studies have shown that the most common password in the world is 0000. As you see people hardly choose unbreakable passwords. In this case, hackers can simply find out what their password is and steal their identity. These problems lead us to a more secure way of identifying individuals. That’s where biometric authentication comes up!
The Definition of Biometrics
Biometrics are unique physical or behavioral characteristics that we can use to identify or verify the identity of a person. But not all characteristics can be taken into account. They should have the following features:
- Uniqueness: In order to identify someone, we should use a characteristic which is unique and differs from one person to another. For instance, fingerprints have some unique features. No two people have the same fingerprints, not even twins!
- Universality: Every person should have the characteristic.
- Stability: The characteristic should be stable and invariant with time.
- Measurability: It should be possible to measure, collect and process the characteristic.
- Performance: We must measure the characteristic with high accuracy. Also environmental factors affecting the identification accuracy should be controlled.
- Acceptability: People should accept to cooperate and to use our biometric system.
Since these characteristics cannot transfer to other people and they’re nearly unique and individualized, biometric authentication is becoming more and more popular in today’s world.
A person’s unique characteristic can be categorized into either physiological or behavioral.
- Physiological characteristics: These characteristics refer to the human body structure and they are invariant with time. (e.g. fingerprints)
- Behavioral characteristics: These characteristics refer to people’s way of doing certain things. They are less stable and more likely to change depending on the person’s feelings in special situations. (e.g. keystroke patterns)
There are multiple methods to gather biometric information. These methods are called biometric modalities and like any other method they have some advantages and disadvantages. So we should use the most suitable one according to our circumstances. Some commonly used modalities are as follows:
- Fingerprint identification
- Face recognition
- Hand geometry biometrics
- Iris scan
- Keystroke identification
- Voice analysis
Biometric authentication is growing rapidly and even in some cases it has replaced traditional methods of authentication. Some of the most important advantages of biometrics are as follows:
- High speed: Biometric authentication is very fast. Sometimes you don’t even notice that the system is getting the required information from you!
- High security: As you know, one of the most important issues in today’s world is security. Traditional methods of authentication are not highly secure. Passwords and pins may be hacked, lost or guessed. People can easily forge ID cards but stealing biometric characteristics is very hard and even impossible.
- Low maintenance: Although installing this system is almost expensive, maintaining it is cheaper than other authentication systems.
- Loss-proof: You may forget your password or lose your key but your intrinsic characteristics are always with you and you don’t have to carry anything or to keep anything in mind.
Every system has some limitations and so does biometrics! These are some of its disadvantages:
- Unchangeable: It is clear that your intrinsic characteristics are not changeable. This could be a disadvantage! In traditional systems of authentication, you can change your password or ask for a new one in case of stealing or forgetting. But in biometric systems you can’t change your characteristics once set.
- Costly: It is not economic to authenticate people’s identity using biometric systems. In an organization where only few people work, it’s not worth applying biometrics!
- Vulnerable to spoof: Although biometric authentication is secure, it cannot guarantee %100 security. A fingerprint can be mapped onto a 3D model and then forged by a 3D printer. This way, we can simulate a fingerprint. But we should apply dual factor authentication to solve this problem.
Future of Biometrics:
Finally, let’s take a look at the future! There are some companies claiming that they can authenticate people’s identity by only observing their posture and the way they walk. In the future, we will be able to identify people based on where they’ve been to, with whom they have interacted and how they form their sentences!