Biometric Identification System

Identification means you don’t know anything about the person and you are trying to identify them, e.g., you go to a party, someone comes up and says, “hi”. What do you do? You look at the person’s face, and try to recognize them. The same process happens in the biometric identification solution.

Let’s say, you have pictures of all the users in the database. Now, someone comes up to you and says “Hi”, what you will do? You will take a picture of this person and feed it to your biometric system. The biometric system will compare this picture with all the pictures that are in database and returns the information of that person, whose photograph is the closest match. This is also called 1:N matching, where the biometric system is comparing 1 picture with all the pictures in the database.

In this example, we have used the face recognition technology to identify a person, but we can use fingerprint, iris, voice or any other biometric technology.

Biometric Verification System

Verification means verifying a person’s identity.

When a person walks up to you and says, “Hi, I am John” and shows you his ID card. You look at the person’s face, look at the picture, and try to match them. If they match, then it means that the person is verified, if it doesn’t, then you know that the person is not John but someone else. The same process happens in the biometric verification system.

A person walks up to you, and says, “Hi, I am John”. As before, you will take the picture of John, and feed it to your biometric system. This time you will inform the system that this person claims to be “John”. The biometric system will then pull up John’s file; try to match John’s face with the picture associated with the file. If the picture matches, then it will return a positive response indicating that the person is “John”, else, a negative response, indicating that the person is not John. This is system is also called 1:1 matching as only one comparison takes place.

Please note that the verification is not based on only photo IDs. You could also use pass code, userid-password or any information that only that user and the person who is verifying the identity, will know.

Biometric Authentication System

Authentication mean verifying the user is actually who he says he is (or who she says she is). It is the same as Verification.

Biometric Authorization System

Authorization means whether the user has an authority or permission to access something. This something could be a computer, secured location, etc

A good example of authorization is going to a movie theater to watch a movie. Before entering the premise, you are asked to show the movie ticket. If you have the movie ticket, then they let you pass through, else you are denied. Please note the person who is checking the ticket does know who you are, he/she will allow you only if you have a valid ticket. The point is that no identification or verification has taken place. It is assumed that the person who is carrying the movie ticket is the person to whom the movie ticket belongs.

Let’s look at another example. Let’s say, you sit at a front desk, and your boss hands you file with people’s name, and says, “Please let only these people walk in through the door.” A person walks up to you and says, “Hi, this John and I need to go through the door”. What will you do? You will first verify the person’s identity, and then check if his name is on the list. If you find his name on the list, then it means that he has the permission to go through the door. If his name is not on the list, then you will say, “I am sorry, you don’t have the permission to go through the door.” This is a secured form of authorization. Please note that in this case verification takes place before authorization.

Let’s consider fingerprint-based computer login system. A person wanting to access the computer system will place the finger on the fingerprint scanner. The biometric system will capture the fingerprints and compare it with the fingerprints of the people who have access to the system. If a match is found, then give the person is given access to the computer system, else the access is denied. In this example, verification is followed by authorization. Placing the finger on the fingerprint scanner means verifying that it is the same person who is asking the access to the system. Authorization happens when the computer returns a yes or a no response to the user’s request for accessing the system

Such systems could be are 1:N or 1:1. If the authorization is done using only the fingerprints, then the matching will have to be done with all the fingerprints in the database, hence the system will be of type 1:N. However, if a person is asked to submit a unique identifier (such as, user-id) along with the fingerprints, then only one matching takes place, that is with the fingerprints associated with the unique identifier. Such a system is of type 1:1.

Why a Price Difference?

Let’s say you have 1 million users in the database and you want to use a biometric system to identify a user. This means that the system has to make 1 million matches before it can produce results. A typical biometric algorithm can match 20K fingerprints in 1 second. So for 1 million users, it would take about 50 seconds to do the matching. This may not be an acceptable performance. In order to improve the performance, you will need multiple servers, running in parallel, to do the matching. Hence such systems cost more.

Now, if you are doing verification instead of identification, then the number of users does not matter, as the matching will always be 1:1.

Whenever I meet a new client, I always get asked the question, “Are fingerprints unique?” and before I can reply someone else replies, “Yes, they are absolute unique, I have heard that even the twins fingerprints are not similar and neither the fingerprints of two fingers of the same hand.”

While I agree with the answer, I am not sure about the accuracy of “Yes, they are absolutely unique” part. The reason is that we are about 6 billion of us. Assume that all 6 billion people have 10 fingers, that would make 60 billion fingerprints! Nobody has collected 60 billion fingerprints, matched against one another and proved the uniqueness! Does that mean that the fingerprints are not unique then? Well, no that would also be incorrect, because, fingerprints have been used for identification since 100 years now and we have yet to find 2 fingers with similar fingerprints.

The correct answer to this question is the probability of 2 people having similar fingerprints is very low.

Having said this, in the world of automation, fingerprints are never considered as unique! Here are some of the reasons:

1. When we capture fingerprints using a fingerprint sensor, we only capture a part of the prints. In the case of the flat prints, we miss the top and the side area of the finger. In case of rolled prints, we miss the top area. It could be possible that the uniqueness might be in these missing areas that we are not capturing.

2. The fingerprint are captured using a fingerprint sensor. This sensor is an electronic device, which will have an error rate. This means that there will be some loss of data and even an introduction of some noisy data bits.

3. Next, the fingerprints are processed by a fingerprint recognition algorithm where the fingerprints are converted into a template and then matched against existing templates. These templates contain data points on a finger that are of interest. They are supposed to be “unique” for each finger and therefore an unique representation of a finger (or a person).

The fingerprint recognition algorithm is developed from a sample data set, under certain conditions and assumptions. There is always a possibility that the sample set may not have all the patterns, the assumptions might be incorrect, or certain conditions, overlooked. Furthermore, fingerprint algorithm is a software and well, doesn’t all software programs have bugs?

When you some up these error rates, the possibility of two templates (or fingerprints) being similar goes up, especially when you have thousands of fingerprints in the database. When the templates taken from 2 separate fingerprints matches, it is called “false accept”, more on this later…

So does all this mean that fingerprints are not a good biometric identifier?

Fingerprint biometrics have been used for a very long time now. They are more reliable than most of the technologies that we have today. All technologies have pros and cons, so does a biometric-based solution. There are couple of options that you could use to overcome these problems. If you have over 50K users in the database, you could use a multi-biometric identification solution, or if you need to use the biometric technology to identify children between the ages 4 to 10, then you might be better off using multi-spectral sensors.

The right solution depends on the application. For you to succeed in your biometric implementation, it is best to hire a biometric solution provider who is well-versed with the biometric technology, understands your vertical and can help you to find a right solutions that fits your need.