Explaining Biometrics

Physical and behavioural characteristics make us who we are; they are part of our identity. These characteristics allow us to be identified and authenticated through a fingerprint, a passport photo, or facial capture. Processes and techniques have evolved, and biometrics has become widely accepted and adopted. Biometrics is a critical enabler for digital transformation. Let’s look at the origin of biometric technology in our modern and connected society.

Types of biometrics

Biometrics facilitate the modern and connected world while protecting data, identity, and access to services. All biometric methods and technologies have their advantages and disadvantages. Not all characteristics, such as voice, can be captured with the best quality, as it may change over time.

Biometrics can be divided into two categories: physiological and behavioural. DNA, saliva, and blood are biological biometrics but are not commonly used outside law enforcement and for healthcare purposes.

Physiological biometrics

Physiological measurements can be biological or morphological. Vein patterns, hand geometry, fingerprints, face, and iris are all examples of morphological measurements.

  • Vein- or vascular biometrics are usually captured on palms, fingers, or wrists by illuminating with infrared light and photographing the reflected light. The unique and identifiable information comes from blood vessels beneath the skin. A digital reader can scan the user’s unique pattern of veins before it gets digitized, encrypted, and securely stored.
  • Fingerprints represent one of the most common forms of biometrics. The minutiae, the pattern of ridges and valleys in a finger, is the most distinct fingerprint feature and is unlikely to be duplicated.
  • Hand geometry identifies users from the shape of their hands. Readers measure the palm and finger length, width, deviation, and angle. The distance between knuckles, the height or thickness of the hand and fingers are also part of the information stored.
  • Facial biometrics is popular because it’s easy to deploy, implement and use quickly. A scanner captures an image of the person’s face and converts it into a model. Matching happens when the model compares with one stored in a biometrics database.
  • The iris is unique and stable since it doesn’t change with age. Iris recognition works by capturing an image of the unique features of an iris. A special camera using infrared light can only pick up these unique patterns. It’s the method of choice for law enforcement because of its extreme reliability and accuracy.

Fingerprint, facial- and iris recognition are unique ways to connect physical and digital identities.

Behavioral measurements

The most common behavioural biometrics are voice, gait, and gestures. The measurements are not equally reliable, as some can be subject to stress or can vary over time. 

  • Voice identifies an unknown speaker by comparing a sample to existing templates stored in a database (1:N).  This method can be used for access control.
  • Gait can either be the walking style or the sound of steps. A biometric system analyses a person’s silhouette, height, speed, and walking characteristics.
  • Gestures. A bodily motion like waving enables computers to analyse and track movements. Gesture recognition, like hand and finger movement, is present in many computers and video games.

The history of biometrics

Fingerprints were the first biometrics widely used for identity verification. Using biometrics for military access control or criminal identification has been applied throughout history.  

Henry Classification System

Fingerprints are now a fundamental tool in every police force to identify people with a criminal history. The late 19th century they marked a significant change in criminal investigations in then-British India.

Statisticians Hem Chandra Bose, Qazi Azizul Haque, and Sir Edward Henry developed the Henry Classification System to classify and store fingerprints so that searching is conducted quickly and efficiently.

Tenprint records were placed into groups based on the fingerprint pattern type. Not only was this method more accurate, but it also saved time and didn’t require any specialist training.

Police forces could process more data, improving crime statistics and analysis. The developments from a century ago formed the basis for the modern-day AFIS, an Automated Fingerprint Identification System. Today, various technologies such as the Automated Multi-modal Biometric Identification System or AMBIS will speed up police investigations by matching iris scans and fingerprints against an existing database of individuals.

Handheld devices will assist with the registration of new scans and prints.

The various applications of biometrics

Today, many public and private sectors see the benefits of biometrics. It is not uncommon to unlock a phone with a fingerprint or face. 

To identify a person

Determining the identity of a person is done by a biometric identification process. The first step is capturing biometric data, such as facial images, fingerprints, or iris scans. The data is then stored and compared to other biometric data. This process answers, “Who are you?”

To authenticate a person

Biometric authentication verifies that the biometric data presented is the same as the stored data. For example, proving if the person holding the passport has the same biometric data stored on the passport chip and answers the question, “Are you who you say you are?” 

Identity

The ability to prove one’s identity values as the basis for participation in daily life. Lack of identification, and therefore verification, disadvantages both individuals and governments. Government agencies won’t implement programs effectively, such as pensions. Citizens can’t claim those benefits without proving who they are.

According to the World Bank, an estimated 1 billion people worldwide lack proof of ID or access to a National ID scheme. Women are more likely not to have a form of identification, particularly in low-income countries, limiting their access to critical services and participation in political and economic life. In addition, many lack an ID that is safe, trusted, or useful.

At Laxton, we work with governments to build civil registry databases and offer solutions to register everyone, even in the most remote areas. Following project specifications and guidelines from the UNDP, we developed a Central Biometric Record Management System (CRMS) and Data Collection Centre with a customised software interface for Malawi.

Security

A safe and secure society is one of the biggest priorities for governments. Biometric technology empowers law enforcement agencies to perform background checks, accurate identification in the field, and extensive investigations.

Our multi-modal biometric technology and tested and proven methodologies help law enforcement officials to serve the public and increase the speed with which they can perform their duties and bring justice and peace.

Integrating our devices into the security solution for Indonesia allows for reliable biometric data to be recorded, helping law enforcement track individuals across the 17,000 islands.

Elections

An up-to-date voter registry is crucial for reducing poll fraud and creating the integrity of free and fair elections. However, it starts with the identification of eligible voters. Before election day, citizens must be included in the voters’ register. An identification system with biometrics then verifies the registered voters as they cast their ballots on the day.

From initial planning to final wrap-up, we support governments in managing their election process successfully. Our project with the Electoral Commission of Ghana resulted in 17 million registered voters, enhancing the inclusivity and integrity of the polls.

Why multimodal biometrics are vital

When identifying or authenticating a person, reliability is essential. In biometrics, false positives and negatives are unavoidable. Biometric systems rely on algorithms. No measurement can be a hundred per cent accurate, especially when used independently. The use of multiple types of biometrics improves accuracy. The combination of face and iris recognition is an example of multimodal biometrics. This adds another layer of security and granularity.

Anti-spoofing

Spoofing is an attempt to circumvent the security of a biometric system. A fraudster can spoof modalities using different materials and methods, such as 3D masks, fake fingerprints, or photos. Advanced anti-spoofing methods such as liveness detection are necessary to differentiate simulated from real.  

Data protection and GDPR

Today, both the public and private sectors face challenges. Increasing innovation and biometric technology require regulated data security and privacy. While there is no law specifically for the usage of biometrics, the General Data Protection Regulation includes legislation for biometric data protection and privacy in the European Union.

Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. (…) Union or Member State law should provide for specific and suitable measures so as to protect the fundamental rights and the personal data of natural persons. Member States should be allowed to maintain or introduce further conditions, including limitations, with regard to the processing of genetic data, biometric data or data concerning health.
European Union Flag
GDPR
Privacy by Design

Companies and organisations handling personal data should implement the ‘Privacy by Design’ principle in the earliest stages of technology development. When integrated from the initial phase, data protection procedures should safeguard privacy.

Privacy by Default

Personal data should not be made accessible to an indefinite number of people. Companies and organisations should ensure that personal data is processed with the highest privacy standards. For example, biometric data can be anonymous, meaning a biometric database can contain numbers as biometric identifiers.

Top trends in biometrics

Biometrics proved to be the method to protect our identities and improve security. Over the years, biometrics has become more accurate. Scanners, cameras, and sensors have become more cultivated. The broad acceptance and increased use of biometrics require regulations and security policies.

As the digital environment changes, so do the population and circumstances. The pandemic forced many businesses and people to connect online instead of face-to-face at an office or store.

Focus on data protection
With the increasing use of biometrics, potentially sensitive data becomes more exposed. Cloud storage creates another potential vulnerability. Securing data is required in different stages of the biometric process: capturing, processing, and storing.  On the flip side, biometrics can help secure sensitive digital processes and help fight against document fraud, identity theft, and cybercrime. Increased acceptance makes implementing biometric technology easier.  
KYC

Establishing a customer’s identity, the Know Your Customer (KYC) principle, is essential for the financial sector. Banks and trading platforms must ensure the client’s identity when opening an account and over time. The KYC process includes ID cards, documents, and biometric verification.

Digital onboarding
The Covid-19 pandemic accelerates digital onboarding for services as businesses were forced to close. The shift to online onboarding resulted in a mobile-friendly approach to previously offline processes. For example, opening a bank account doesn’t require appointments at a physical branch.
Entry-Exit System

The Schengen Zone guarantees free movement for more than 400 million EU citizens, residents, and those visiting the EU as tourists, students, or for business. Border management is a high priority for the European Union.

The EU Entry-Exit System or EES will reinforce the internal security of the Schengen Zone through the coordination and sharing of biometric data. Each time a passenger crosses an EU external border, the EES digital infrastructure will register data to assess risk and automatically calculate the remaining length of stay.

Biometric data plays a significant role in the new common database. Europe will manage one of the largest biometric systems in the world. The biometric data will be verified and securely stored for three years.