Biometrics involves measuring the unique physical characteristics or traits of the human body. Any aspect of the body that is measurably different from person to person - for example, fingerprints or eye characteristics - can serve as a unique biometric identifier for that individual. Biometric systems recognizing fingerprints, palm shape, eyes, face, voice, and signature comprise the bulk of the current biometric recognition/identification technologies, although biometric systems that recognize other biological features do exist.

Biometric security systems use biometric technology combined with some type of locking mechanism to control access to specific assets. In order to access an asset controlled by a biometric security system, an individual's biometric trait must be matched with an existing profile stored in a database. If there is a match between the two, the locking mechanism (which could be a physical lock, such as at a doorway, an electronic lock, such as at a computer terminal, or some other type of lock) is disengaged, and the individual is given access to the asset.

A biometric security system is typically comprised of the following components:

Each of these components is discussed in more detail below.

The sensor is the device used to capture or record an individual's biometric trait (or "biotrait"). The sensor will vary depending on the type of biometric system. For example, sensors for fingerprint scanners may consist of cameras, which scan a person's fingerprints, or tactile sensors, which may use capacitors to generate an image of an individual's fingerprint. Optical sensors/scanners, which evaluate the retina or iris, are also specialized cameras. Other types of scanning devices include microphones and specialized writing tablets for signature recognition systems. For a more detailed discussion of sensors, see individual Product Guides for specific types of biometric systems.

A control panel is an electronic panel that is the main connection point for the biometric sensors, monitoring points, locks, host computer, and other wired inputs and outputs of the system. On less complex biometric security systems, the control panel may be integrated into the biometric unit. More complex systems will require a separate control panel, usually located in a secure room (such as a server room) to prohibit unauthorized access to the panel. The control panel runs the algorithms that compare biotrait information from the sensor with stored profile information. Its primary function is to make the access decision when an input is presented to a connected biometric sensor. This decision is made based on access permission data which can be stored by the control panel or retrieved from the host computer. Depending on the sophistication of the system, the control panel can also store data on "transactions" that occur within the system. For example, the system could be set up to record the number of times that an individual accesses a door or logs on to a computer. These transactions are typically stored in a history buffer until the control panel communicates this information to the host computer.

Note: The term "control panel" is generic as it is used in this document. Some manufacturers may refer to control panels by other names (for example, "controller", "smart remote box", and/or "door commander").

The host computer holds the central database for the system. Its main purpose is to process and store individual biotrait profiles and permission levels, and to communicate this information to the control panel. (A discussion of setting up the initial biotrait profile in the host computer is provided under "Enrollment" below. A discussion of permission levels is provided in the Software Application section below.) The host computer is connected to the sensor through the control panel, and it communicates biotrait, permission level, and access decision information to the control panel as necessary so that the control panel can process access requests. The host computer can track system transactions (i.e., who has accessed what door and when, who is logged in to a computer system), and may even be able to determine where a user is at any given moment.

Depending on the needs and complexity of the access system, the host computer can vary from a computer chip within the biometric unit to a basic stand-alone PC to a more complex networked system, such as a Windows NT server or a Unix-based reduced instruction set computer (RISC) platform. For instance, a small-scale biometric fingerprint system that controls access to a single room or facility and has a small number of potential users may be able to utilize a computer chip in the unit to store all necessary biotrait profiles and access logic. A fingerprint system that controls multiple access points and has multiple permission levels may require more processing power, and thus may require a dedicated PC. For example, a complex fingerprint system that controls access to 10 doors must have a sensor at each door. For this type of system it is more efficient to store biotrait profiles in a central host computer than in individual units at each door. The biotrait profiles can then be communicated back and forth between the sensors, the control panel, and the host computer. Updates to the system (such as adding or removing users) can be done once and stored at one central location instead of at each individual biometric scanner. More sophisticated security systems with larger numbers of potential users, more complex tracking, and different permission levels will typically require higher-powered host computers.

Specialized software is required to develop an initial biotrait profile and to compare the stored biotrait data with an image sent from the sensor during access requests. The software application typically also includes a database to house the profiles, and logic to set up permission levels. Different permission levels allow different users to do different things within the system. One type of permission level may control access to different physical areas within a facility. For example, if an individual is assigned permission level A, they may be able to access every doorway within a facility, while if they are given permission level B, they may only be able to access non-critical areas, such as the main administrative office, etc. Other types of permission levels may include authorization to update or change the permission levels themselves. Depending on the sophistication of the system, it may allow multiple numbers and types of permission levels. A system administrator manages this database, and can add and delete users or change permissions as necessary.

The software can be preprogrammed and housed within the biometric unit as part of a one-component, stand-alone biometric system. More sophisticated biometric software, which has greater functionality than prepackaged units (for example, it may be able to manage several biometric access controls at different locations) can be purchased off-the-shelf. This software can be run from a stand-alone PC or integrated into a network. For even greater flexibility and security, many vendors offer custom security systems configured to fit their client's individual needs. This can include custom software development using proprietary code. Although this is a very common practice, industry standards or set practices regulating these products are only currently being developed. Therefore, it is prudent to be cautious when choosing a proprietary package.

The locking mechanism is the part of the system that prevents the asset from being accessed until the biotrait is accepted and access is granted. The default setting for a biometric system is locked or engaged. The "key" to disengage the lock is the individuals' biometric trait, which must match his or her stored profile. Biometric security systems are often used in conjunction with some form of electronic lock. These locks may be physical, such as an electric bolt or an electromagnetic field locking a doorway, or they may be logical, such as the log-on requirements for a computer system. Further discussion on physical locking mechanisms can be found in the Security Product Guide on Locks. Discussions of logic locks and log-on requirements for computer systems are not provided because this is inherent in the design of computer systems.

Power sources for biometric locks vary considerably. Many stand alone units are battery-powered and run on either standard alkaline or lithium ion batteries. Others require a hardwired power source which can be connected to standard 120v or 220v/ac lines. It is important that these locks have power back-up so that they do not fail during power outages or from expired batteries. Battery operated units will usually give a warning (generally by beeping or a low battery light), before failing and some have an exterior connection to temporarily connect a substitute battery. Some hardwired units are backed up by temporary batteries, while others are connected to emergency generators. Biometric systems are typically associated with electronic locks, and thus they typically have the same emergency-related safety protocols inherent in these types of locks (i.e., emergency releases from the inside of a protected area; automatic disengaging of the lock after a power outage of a certain length of time).

Biometric security systems have several advantages over traditional security systems, such as keyed locks. For example, a key can be shared, duplicated, lost, stolen, or potentially sold to unauthorized personnel. In addition, a mechanical lock can be picked or otherwise defeated. In contrast, because of the unique physical characteristic or trait of an individual, an individuals' biotrait is unique to that person. Thus, it is more difficult to steal, replicate, or bypass a biometric system than other types of security systems. In addition, unlike a password or combination, biotraits cannot be forgotten.

While biometric systems can be a successful security solution, they do have some potential disadvantages, including the potential for systems to be defeated or compromised, and the potential for failure to recognize authorized persons. These disadvantages are discussed separately below.

Different biometric readers have some inherent weaknesses. For example, readers that employ cameras can be vulnerable to printed reproductions, while readers that employ capacitors (i.e., some fingerprint scanners) may be susceptible to fingerprint forgeries and various tricks using artificial fingers. For example, unauthorized persons may attempt to use novelty jelly finger toys or other artificial materials to fool the system. However, biometric systems can be modified or enhanced to detect and foil these fake or false attempts to access the system. For example, many biometric systems currently employ technology to detect the user's pulse when they are attempting to access the system. Other systems may detect the motion or the temperature of the user in an attempt to determine the validity of the scan.

In addition to direct attempts to fool the system using incorrect biotrait information, biometric data can be stolen, copied, and then fraudulently used, compromising future use of that particular profile. The most typical scenario for this would be to steal data once it is in electronic format in a database. However, special precautions can be taken to protect data as it travels from the reader to the database. Measures can also be taken to protect the profiles stored in the database. For example, system administrators can control the number of people who have access to the data, or they could store the data in a closed system that is not part of a company's network and is not accessible through the internet. They may also employ some form of encryption to make the data unintelligible to unauthorized users.

Biometrics can also incorrectly deny access to an authorized individual due to sudden changes in that individual's biotrait. For example, if an authorized person with a cut on his finger attempts to use a fingerprint scanner, he or she may be denied access because the algorithms attempting to calculate the percent similarity between the scan and the stored profile do not provide an acceptable degree of similarity. Similarly, a newly grown beard might deny an authorized person access through a facial recognition system. For these reasons, many biometric security systems have some kind of secondary option to permit authorized individuals to bypass that part of the system and still gain access to the protected asset. For instance, some systems may have a hidden mechanical lock that can be accessed to open a door if the biometric system does not recognize the user. Other systems may use an intercom system so that the user can contact someone inside if the system does not recognize them.

Unlike many other types of access control systems, users of biometric systems must first set up individual profiles before they can be granted access to the assets controlled by the system. Therefore, the first step in implementing a biometric security system is to set up an image, or a "profile," for each individual user of the system. This profile is stored in the user database and is used as the baseline for subsequent comparisons when the individual attempts to access the asset. First, each individual user is scanned using the appropriate sensor. Thus, for an iris scanner biometric system, a baseline iris scan is taken for each user using an iris scanner, whereas for signature recognition biometric system, a baseline signature is recorded on a scanning tablet. The scanners convert the scanned biotraits into electronic data, which is stored in the system database. The system administrator then assigns each individual permission, as discussed above. When an individual attempts to access an asset controlled by the system, he or she is scanned again, and the scanned data is compared to the stored profile data to determine if there is a match. Typically, this matching process involves complex algorithms that compare the similarity of stored vs. scanned profiles- for example, the percent similarity of specified points in a fingerprint profile. Some systems require that supplemental identification data be entered into the system so that the system knows what profile to attempt to match (see identification vs. authentication below). If the system contains different permissions levels, then the system must also determine whether or not the individual has permission to access the asset that they are attempting to access. If the system determines that there is enough similarity between the scanned information and the stored profile, and that the individual has permission to access that asset, it accepts a match, and sends an electronic signal to disengage the lock, giving the individual access to the asset.

Some biometric security systems are now equipped with multiple biometric sensors. For example, a unit might have both a fingerprint scanner and an iris scanner. This can increase system security by ensuring that users must pass both sensors before gaining access to that asset. These systems are more difficult to defeat than systems comprised of one sensor alone.

As described above, biometric security systems can be used to control access to numerous different assets, including doors or entryways, safes, filing cabinets, automobiles, cellular phones, desktop PCs, workstations, and computer networks. Certain types of biometric applications are typically associated with different applications. For example, biometric systems for personal computers typically use smartcard, fingerprint, or facial recognition. Biometric systems for doorway or physical entry control are typically fingerprint, facial recognition, palm, iris scan, or retinal scan systems.

Potential users can evaluate the following criteria to help them determine whether a biometric security system is correct for their requirements.

Adoption of biometrics has historically been slow due to cost, accuracy, and practicality. Recently, however, many systems have been packaged into readers costing $300 or less. As with many other technologies, new advances over time will likely lead to further price reductions and increases in accuracy and practicality.

The following attributes and features are important in any type of biometric system, and individual systems can be compared to determine what best suits the user's needs. These attributes and features, as well as additional features will be discussed in more detail in Product Guides for specific biometric systems.

Biometrics security systems can be set up to either authenticate or identify an individual. These two types of systems use different logic when comparing and attempting to establish a match. Each is explained in more detail below.

Authentication asks the question "Are you the individual you are claiming to be?" Authentication is a one-to-one verification comparison that attempts to match a person to a specific profile that is identified by the user. To perform an authentication match, an individual would initially enter data such as a code or password that is specific to that individual, and which is specifically associated with that user's biotrait profile. The individual would then have his or her biometric feature scanned and compared only with the stored profile associated with the code/password they had previously entered. If the currently entered biotrait matches the specific biotrait referenced by the code/password, a match is made and the user is granted access to the asset. If the biotrait does not match the specific biotrait referenced by the code/password, a match is not made and the user is denied access to the asset. Since authentication is a one-to-one comparison, it is intrinsically more accurate than identification. However, the added data entry step will require additional hardware and software, which will contribute to increased system complexity and cost.

Unlike authentication, in which a user pre-specifies the profile to which they are attempting to match, identification is a one-to-many comparison that asks the basic question "Are you a member of this group?" In an identification-type system, a biotrait is scanned and compared with all existing profiles in the database to attempt a match. This type of system is inherently less accurate than a system that employs authentication because the potential for an error to occur increases as the number of comparisons increases (see discussion of accuracy below). However, these systems tend to be less costly and require less time to set up.

Although systems vary, current technology has generally yielded high accuracy rates (i.e., authorized persons are recognized as authorized and are granted access; and unauthorized persons are recognized as unauthorized and are denied access.) As discussed above, biometric software runs sophisticated algorithms to determine whether a sensor scan "matches" a stored biometric profile. Thus the number of comparison points and the sensitivity of the algorithm (how much similarity is required between the scan and the profile to accept a "match") will affect the accuracy of any given system. In addition, the type of system (authentication vs. identification) will affect system accuracy. Physical scanner problems will also affect the accuracy of the system. For example, a bad reading caused by dirty sensors on a biotrait reader may cause a false rejection. In addition, in a large database it's possible to get a false acceptance when an unauthorized individual's biotrait is similar to one in the database and incorrectly matches to a profile in the database. There is an inverse relationship between false acceptance and false rejection. The threshold for acceptance can be set very high, but this often translates to a higher false rejection rate. The same algorithms that are attempting more accurate matches may also reject slight variations in an authorized user's biotrait, leading to more false rejections. Therefore, decisions must be made to determine the required level of security. Doing so will help determine the tolerance for false acceptance and rejection. As discussed above, using an authentication-type system as opposed to an identification-type system may alleviate some of these potential problems.

Further discussion of specific biometric security systems can be found in the following Product Guides:


Biometric Fingerprint Recognition (Under Development)
Biometric Facial Recognition (Under Development)
Biometric Hand and Finger Geometry Recognition
Biometric Iris Recognition (Under Development)
Biometric Retina Recognition (Under Development)
Biometric Signature Recognition (Under Development)
Biometric Voice Recognition (Under Development)