Biometric Authentication in the Private Sector

CSC World Home

Current Issue

Authors

Back Issues

Contact CSC World

Subscribe to CSC World

Download CSC World

CSC WORLD - FEATURED ARTICLES

csc.com CSC World July/September 2007 Featured Articles
Findings: Biometric Authentication in the Private Sector

By David R. Lease, Ph.D.

Biometric methods of identification have been used by some government/public agencies and a few private industries since the 1960s. Notwithstanding its multiple advantages over other authentication methods, biometrics has not been widely applied in the corporate world. As reasons for lack of implementation, analysts cite high costs of equipment, technological problems, lack of standards, and user resistance — notably, concerns over privacy.

This study focuses on the five most widely deployed biometrics: fingerprint verification, facial recognition, hand geometry verification, iris recognition, and voice verification. It then considers the common objections and barriers to their implementation and offers recommendations to assist companies in making decisions about adopting biometrics.

The importance of identification and verification

As a mature technology with decades of development behind it, finger scanning is inexpensive, easy to use, deployable in many different environments, and very reliable.

Biometrics promises to emerge into the business mainstream largely because of the shortcomings of traditional security measures. The problem with “what you have” methods — ID badges, keys, etc. — is that badges and keys can be lost, stolen, or duplicated. “What you know” methods — passwords, PINs, etc. — are stronger, but only if users create different hard-to-remember passwords or other kinds of codes for each point of access. Most people can’t remember more than a few such codes, so users either write them down, making them easy to copy, or forget them — leading to costly password resets.

Biometrics can be called a “who you are” method that directly authenticates users based on physiological or behavioral characteristics. Current methods are sophisticated versions of traditional means, such as guards recognizing authorized users by sight.

In theory, almost any human physiological and/or behavioral characteristic can be used as a biometric measure. However, to fit within a viable, potentially accurate, and practical biometric system, the biometric used should also satisfy four other requirements

Universality: Every person should have the biometric characteristic.
Uniqueness: No two persons should be the same in terms of the biometric characteristic.
Permanence: The biometric should be relatively invariant over a significant period of time.
Collectability: The biometric characteristic should lend itself to quantitative measurement in a practical manner.

Some security experts argue that the biometric should also have a fifth attribute: acceptability, defined as the absence of strong public objections to its measuring/collection.

1 | 2 | 3 | next page >

Identity Management: Who Are You Online?
Read Article

Read about CSC’s global security practice.

Enhancing Security in the Private Sector With Biometric

Technologies



	© Copyright 2008 Computer Sciences Corporation \| Legal Disclaimer \| Privacy Policy \| Powered by CSC Hosting Services