Introduction
One of the greatest concerns in the filed of information security is verification that an individual accessing confidential, sensitive, or secret information is approved to do so. Such access is normally achieved through an individual giving their identity through an authentication process.
In simple terms, the individual accessing any classified information has to validate their identity prior to accessing the information (Daugman 1148-1153). If the individuals fail to provide their identity, then they are denied access to the information.
There are three authentication methods, which are use of passwords, use of tokens or smart cards, and the biometric authentication. Biometric authentication identifies users using their behavioral or physiological features.
This paper will look at different types of biometric authentications, how they work, their merits and demerits as well as the privacy issues that affect biometric authentication.
Types of authentication
There are numerous types of biometric authentications. Among them include, fingerprint recognition, voice recognition, face recognition, and iris recognition.
Fingerprint recognition
Fingerprint recognition requires capturing a picture of an individual’s fingertips and storing its features such as arches, helixes, and loops together with the outlines of grooves, minutiae, and crests. There are three ways of achieving fingerprint matching.
They are, “minutiae matching, correlation matching, and ridge feature matching” (Khan and Jiashu 82). According to Khan and Jiashu, “Minutiae based matching stores minutiae as a set of points in a plane. The points are matched with the template and the input minutiae confirmed” (83).
On the other hand, “correlation based matching overlays two fingerprint images and it computes the connection between matching pixels” (Khan and Jiashu 83).
Ridge feature based technique is, “an advanced method, which captures ridges since minutiae capturing are difficult in low quality fingerprint images” (Khan and Jiashu 83). Fingerprint scanning is consistent and secure. It protects entry gadgets for building door locks.
Voice recognition
The other type of authentication uses voice recognition. This form, “combines behavioral and physiological elements to come up with speech patterns, which can be captured through speech processing technology” (Zhang 46).
The authentication method uses inbuilt features of the speaker such as nasal pitch, accent, and rhythm. Voice recognition method may be classified into various groups based on the nature of authentication realm. One of the categories is the fixed text technique, which uses a predetermined word for authentication purposes.
The other group is the text dependent method, which requires a person to pronounce a certain phrase or statement. The word or phrase is then analyzed based on the person’s basic voice pattern.
Text independent technique is another category of voice recognition technique, which requires a person to articulate a phrase or word (Shaw 18). The system then “computes the matching based on the basic voice patterns regardless of the text and the language applied” (Shaw 18).
Face recognition
This method of biometric authentication uses a digital camera to record face images. It then analyzes facial features such as the distance between jaw edges, mouth, nose, and yes.
The dimensions are split into facial planes and stored in a database. Face recognition works in two ways; face appearance and face geometry.
According to Daugman, “Face appearance uses Fourier transformation of the face image into its fundamental frequencies and formation of eigenfaces, consisting of Eigen vectors of the covariance matrix of a set of training images. …user identification uses unique features of the face” (1153).
Face geometry configures a human face based on certain facial characteristics like mouth and eyes. It then computes the geometrical layout of these features, which facilitates in matching assemblage during face recognition process.
Cost and maintenance cost
Installation and maintenance cost of a biometric authentication system depends on the types of authentication used. Voice recognition technique is the cheapest. The cost of this technique involves purchasing the hardware and the software used to authenticate the user’s voice.
The hardware might be microphones, which are cheap ($4 per piece) and easy to find (Zhang 76). The technique does not require unique hardware and its maintenance cost involves purchasing new microphones or repairing the faulty ones.
The cost of installing a fingerprint authentication system is higher relative to a voice recognition system. The installation process involves purchasing fingerprint reader and software to store the different fingerprints and to facilitate in matching them during authentication.
The method requires specific hardware, therefore, making it expensive. Besides, its maintenance cost is high since it is expensive to upgrade it (Zhang 77). To upgrade the system, one would have to purchase superior software and hardware, which are expensive.
The cost of face recognition biometric authentication system depends on the security level of the system. The superior systems are very expensive. The cost includes, cost of the facial scanning device and the database software for storing and computing the facial analysis.
The system requires specific hardware to operate, hence, the high cost of installing and running the system (Daugman 11159). Besides, its maintenance cost is high since one requires upgrading the software as well as the hardware with the increase in security demands.
Benefits and drawbacks
In spite of the different types of biometric authentication systems having numerous benefits, they also have some drawbacks. Facial recognition system is secure since the user’s image is compared with a known image prior to authentication.
Therefore, no one can get access to information or building if their faces do not match with the stored data. The image representation is compact implying that the system can hardly confuse the images (Fierrez-Aguilar et al. 777).
One of the drawbacks of using face recognition system is that the system encounters challenges in detecting automatic features. In such an instance, the system makes arbitrary decisions, which might compromise the security.
Fingerprint recognition system is one of the most advanced systems. The system is easy to use. Every person has unique fingerprint characteristics. Consequently, fingerprint biometric system is remarkably accurate, therefore, making it secure.
To some extent, the system violates the privacy of the users since it is associated with criminal identification. Besides, in case the user’s finger is dirty or wet, the system might be prone to errors (Fierrez-Aguilar et al. 778).
A voice recognition system is non-intrusive, thus, highly acceptable. Moreover, the system’s verification time is short; hence, it is extremely efficient. Despite these benefits, it is possible to record another person’s voice and use it for unauthorized access into a building or network.
Illnesses like cold may change an individual’s voice leading to the system denying the individual access to the network (Fierrez-Aguilar et al. 778).
Roles of biometric authentication
All the biometric authentication systems serve the role of ensuring that there is controlled access to networks, personal computers, or applications. The authentication system helps to establish an individual’s identity prior to allowing the individual to have access to secured information, building, personal computer, or network.
Currently, health institutions are using biometric authentication systems to safeguard confidential information about the patients. In short, the ultimate role of all the biometric authentication systems is to offer security to networks, applications, buildings, and personal computers (Wayman 93-99).
Efficiency
Biometric authentication is not only convenient and secure but it is also efficient. Authentication systems like fingerprint recognition, voice recognition, and face recognition system uses a number of control methods, therefore, making them efficient.
Besides, the systems respond quickly to the changing environment and are easy to upgrade. Besides, biometric authentication systems not only facilitate in securing network systems and information within an organization, but they also help to monitor employee attendance (Ratha 618-620).
The systems’ versatility makes the method more efficient relative to the traditional authentication methods.
Privacy issues
Some of the biometric authentication methods are highly intrusive, and they might infringe into the user’s privacy. For instance, fingerprint and face recognition are associated with criminal identification. Hence, majority of the people decline to use these authentication methods unless they do not have an alternative.
Besides, some users fear that organizational leaders might use the given authentication information to monitor the users in a way that might contravene their privacy (Wayman 100-102).
Compatibility
Biometric authentication methods are highly compatible with different security needs. People can access some of the secured systems from a remote location.
Consequently, biometric authentication is compatible with such systems since it is hard for an organization to monitor all persons accessing its system from remote locations.
Moreover, the systems are compatible with numerous software and hardware platforms. Consequently, they are easy to upgrade or modify depending on security needs (Wayman 104-105).
Anti-Spoofing measures
Many anti-spoofing measures can help to enhance the security of biometric authentication. One of the anti-spoofing measures is the application of multi-modal biometric systems.
This involves combining two or more biometric types into a single biometric system. For instance, to enhance the security of fingerprint recognition, one may incorporate face recognition into the system (Schuckers 56-59).
Another anti-spoofing measure that may facilitate to enhance the security of a biometric system is liveness detection. Despite the biometric devices using physiological information, the information does not indicate liveness.
The objective of incorporating liveness into a biometric system is to make sure that the presented biometric features are the actual features of the individual seeking authorization.
For instance, in facial recognition, liveness may include eye blinking. This would facilitate in making sure that an individual does not seek authorization using false information (Schuckers 60-62).
Security issues
The security issues associated to biometric authentication “are classified into two groups: concern about the theoretical basis of biometrics and vulnerability of biometric authentication system” (Ratha 614). Biometric system users are vulnerable to security threats related to system compromise or identity theft.
Biometric characteristics are permanently associated with a certain user. Hence, in case a biometric sample is compromised, it would affect all the applications it uses.
Eventually, it would affect the system or identity of the affected user. In addition, biometric authentication systems run on a server computer. Therefore, they are prone to virus and cryptographic attacks, which might compromise the security of a system or user.
Conclusion
Biometric authentication is one of the most secure methods of granting access rights into various systems or networks. It may take the form of fingerprint recognition, voice recognition, or face recognition. Even though, a biometric system is secure, it is prone to numerous security concerns.
For instance, the system is prone to virus and cryptographic attacks. To enhance its security, one ought to combine two or more forms of authentication in a single system.
Works Cited
Daugman, John G. “High confidence visual recognition of persons by a test of statistical impedance.” IEEE Transactions on Pattern Analysis and Machine Intelligence 15.11 (2004): 1148-1161. Print.
Fierrez-Aguilar, Julian, Javier Ortega-Garcia, Joaquin Gonzalez-Rodriguez, and Josef Bigun. “Discriminative multimodal biometric authentication based on quality measures.” Pattern Recognition 38.5 (2006): 777-779. Print.
Khan, Muhammad Khurram and Jiashu Zhang. “Improving the security of ‘a flexible biometrics remote user authentication scheme’.” Computer Standards & Interfaces 29.1 (2007): 82-85. Print.
Ratha, Nalini K. “Enhancing Security and Privacy in Biometrics-Based Authentication Systems.” IBM Systems Journal 40.3 (2001): 614-634. Print.
Schuckers, Stephanie. “Spoofing and Anti-Spoofing Measures.” Information Security Technical Report 7.4 (2002): 56 – 62. Print.
Shaw, Andrew. “Voice Verification – Authenticating Remote Users Over the Telephone.” Network Security 8.1 (1997): 16-20. Print.
Wayman, James L. “Fundamentals of biometric authentication technologies.” International Journal of Image and Graphics 1.1 (2001): 93-105. Print.
Zhang, David D. Biometrics Solutions: For Authentication in an E-World. Norwell: Kluwer Academic Publishers, 2002. Print.