Is Biometric Reliable?
Biometrics systems are used in electronically authenticating an individual’s unique physical and behavioral characteristics. This system electronically captures a physical feature and behavioral characteristics and then matches it against a database of templates to detect and authenticate people’s identity. Biometric technology consists of six primary techniques
� Fingerprint
� Hand geometry
� Retinal scan,
� Signature dynamics
� Voice verification
� Key stroke dynamics
These techniques are used to distinguish people. The captured fingerprint, hand geometry and retinal scan all deals with people’s physical characteristics, whereas verifying signature dynamics, voice verification and key stroke dynamics deals with their behaviors. Biometrics authentication technologies have become more cost-effective, more accurate and a most reliable method for authenticating the users in the recent years. Because of this, government agencies and privately owned companies are now implementing advance biometric security systems to provide best security protection suitable for their work environment.
The biometric system’s ability in accurately identifying and verifying people’s identity makes this system more effective and reliable for security purposes. The biometric automated systems capture human’s unique physical and behavioral characteristics and store them digitally in the database. The unique physical characteristics of people’s hand-scan, finger-scan, iris-scan, retina-scan or facial-scan can not be forged or altered by simply changing one’s behaviors. Similarly, behavioral biometrics such as voice-scans and signature scans are also difficult to forge. When capturing a person’s unique physiological or behavioral characteristics, biometrics systems first gather the raw data relating to unique aspects of user’s hand, finger or facial structures. Only those distinctive characteristics obtained from the raw biometric data are stored digitally, and not the images themselves. For instances, capturing user’s fingerprint, the systems store distinctive characteristics of a fingerprint and use those factors or characteristics to create a template to identify a person. During an individual’s subsequent enrollment process, a user feeds his/her raw biometric data into the system. The system then converts the data into template and those enrollment templates is compared with the template stored in a database. After comparing the two biometric templates, the systems then assign a threshold score, or an indicator of confidence level to indicate the degree to which the two templates match. The score then is compared to the measure of confidence level. If the score exceeds the confidence level, the comparison is deemed to be a match and that is how an individual is positively identified. On the other hand, if the score does not exceed the confidence level, the comparison is not considered to be a match and the data is rejected. Only those individuals whose biometric data match are allowed in enrolling into the systems.
This kind of sophisticated technique of positively authenticating the users is crucial not only for the pass control of staff, entering restricted area but also for maintaining security and preventing unauthorized users accessing confidential information, and managing confidential databases.
Controlling the access control through access cards or through user ID/ password is not sufficient to insure the security in today’s high tech work environment because access cards and password/user ID is easier to steal as compared to stealing an approved person’s physical features. Besides this, remembering password every time to get into the systems can be very tiresome. Many big organizations with large numbers of staff who use many different applications are struggling with the problem of password-based security system. Using biometric technology enables people to access systems without having to remember several passwords for different application at the workplace. Biometric systems eliminate the need for remembering the user ID/password or carrying access card for accessing sensitive areas. The systems also ensure that only specific staffs whose identities are matched in the systems are allowed access into particular parts at the workplace. Biometric time and attendance systems are more secure than that of ID card system because cards can be swapped or carried in by colleagues and swiped through the system. Thus, the cards system is not very effective or reliable for managing the internal security in the workplace.
Various financial institutions like Bank of America, Bank One, and Chase are using fingerprint biometric security solution to secure access to its database . Only authorized personnel from the authorized bank are allowed access into sensitive area, through prior verification via fingerprint biometric tests . The law enforcing agencies are also using biometric tools to solve crimes, to ensure jail security and to protect the general public. Some of other agencies like INS, Home Land Security are using biometric tools for authentications as well. I strongly believe that implementing biometric system in the work greatly improves security integrity; prevent identity theft and helps conducting business practices effectively and efficiently.
Biometrics is an emerging technology that has the potential to improve the effectiveness of internal controls of various business practices. With the help of this technology, the air industries and financial institutions can improve security, strengthens control over access to assets and information systems, improving the reliability of financial data and ensuring greater compliance with the laws and regulations. The federal regulation and accounting guidelines requires that all the financial or baking industries should have systems for managing its internal control effectively. Internal control is a process designed to provide reasonable assurance that an organizations operates efficiently and effectively, provides reliable financial reports and complies with applicable laws and regulations . Management is responsible for implementing internal controls to achieve these objectives. Various companies and the government agencies are maintaining their internal control-integrated framework to help entities assess and enhancing their internal control systems by using biometric tools. The framework describes internal control systems in terms of five interrelated components :
� Control Environment
� Risk Assessment
� Control Activities
� Information and Communication, and
� Monitoring.
Despite the wider acceptance of biometrics security in the workplace, some people are still skeptical about implementing biometrics-based security system in their business practices. Those people believe that there are still several issues and challenges which need to be addressed before making the biometric systems a viable option for managing internal security inside the company.
The environmental conditions do have effects on biometric authentication devices. For this reason, some believe that fingerprint readers and iris scanners devices are not suitable for identifying users in an open shop environment rife with dust, humidity and other contaminates. Dirt smudges, and improperly place fingers, hands or faces can cause a false read. Glasses, contact lenses, overhead lighting and awkward camera placement can also significantly affect the usability of iris and retina scanners. Besides this, background noises and changes in a person’s voice because of illness or stress can cause error with voice-recognition systems. Finger print can be lifted off a glass surface, even from the fingerprint reader, using graphite power and a piece of tape or cube of gelatin. Iris scanner might be fooled with a high-resolution image of the user’s eye. Because of these facts some organizations fears that biometric devices can be easily tricked and thus these are not reliable for managing their internal security .
Even though there are some drawbacks implementing biometric technology, uses of this technology are on the rise due to innovative applications. Today, biometric technology has become an affordable solution to meet security challenges for government agencies as well as for the privately-owned companies. For those, who are still skeptical about biometrics-based security system due to various reasons such as reliability, performance and accuracy, it is suggested that they need to modify their security levels often, combining smart cards and biometrics technology to solve many security management challenges they are facing to-day.
The process of innovations can be expected to continue. After all, human ingenuity seldoms remain dormant and is always after better tools and techniques. These will eventually help develop more sophisticated and more fool proof device.
I personally believe that to provide or to manage better internal security system in a company, we should use biometric technology in conjunction with password/ID based security systems that provide more security. In another words, the biometric tool should not be used as the only security methods because of associated risks. If biometric data of an individual is lost, then it is gone for ever. A person’s thumbprint is not like a digital certificate that can be issued again and again. So, it would be wise to use biometric technology along with the smart cards security systems for better internal security management and control. After all implementing biometric can reduce numerous fraud, makes society safer and serves convenience.
