“Biometrics are our most unique physical (and behavioral) features that can be practically sensed by devices and interpreted by computers so that they may be used as proxies of our physical selves in the digital realm. In this way we can bond digital data to our identity with permanency, consistency, and unambiguity, and retrieve that data using computers in a rapid and automated fashion.”
The first application of biometrics was the use of fingerprints towards identifying a suspect in a criminal investigation. With the help of modern image capture technologies and powerful computing, this process that was once paper-based and labor-intensive is today largely digital and highly (but not completely) automated. New technology has lent biometric comparisonto other applications; namely “authentication” for various physical and logical access control applications, as well as near real-time biometric identification and watch list search for border control and other applications where results are needed extremely quickly.
Biometric applications can be classified into three purposes: 1) verification, 2) identification, and 3) duplicate checking:
Verification involves performing a “one-to-one” biometric comparison towards securing access to either a physical asset, such as a room or building, or to a digital asset, such as a smartphone, computer application, or database. For this application, biometrics are used much like passwords and PIN codes to enhance access control by performing a comparison of an individual’s live biometric sample to a single trusted stored sample. This stored sample might reside either in a central database, smartphone, or as a token on a credential such as a smart card ID.
In this way, we can “authenticate” the assertion of a person’s identity, answering the question “are you to the person to whom this token was issued?” and using the comparison result to either grant or deny their access. Use of biometrics for access control is of particular interest for commercial or personal security applications. Biometric verification can be offered as a more convenient alternative or enhancement to a PIN or password, in which case the user is offered to use it but can opt to bypass it for PIN or password entry at their discretion.
Identification is a very different and more demanding process (in terms of biometric algorithm and computing power requirements) that serves to assess whether an individual’s biometrics are present in a database, or “gallery”. A gallery may contain tens of millions of templates or many more. In this process, an individual’s live biometrics are captured and submitted to a biometric search system for “one-to-many” comparison. The system mathematically compares the template from the live probe sample to all the templates in the gallery. In doing so, biometrics help identify an individual even if they are not truthfully identifying themselves. Identification is performed most often for public-sector applications where trusted identity is critical to public safety, including criminal investigation and law enforcement, visa issuance and border management, background checks for employment screening, defense and intelligence.
Duplicate checking is yet another biometric process performed to determine whether there are individuals represented more than once in a database. This might be performed to detect fraud, such as in the case where an individual has enrolled multiple times in a social benefits program. This process involves matching the biometric template of each record in the database to every other, in a process called “biometric deduplication.”