Considering a biometric access system? Experts offer practical advice in these dos and don'ts.
DO expect resistance. All biometrics systems require user enrollment and credentialing, which are expensive and resource-intensive processes, Most says. "There is well-founded resistance to the idea of large, centralized repositories of personal information," she says. Eventual solutions to this problem may include anonymous identification, encrypted transmission of templates, and identity-centric infrastructures with distributed storage models.
In some cases, resistance comes in the form of cultural norms, says Ant Allen, an analyst at Gartner. For instance, finger scanning is not widely accepted in Japan, he says, as people reject the idea of physical contact with the sensors. Since the country's banks use biometric identification extensively for ATMs, many have turned to vein structure biometrics, whose sensors do not require contact.
Privacy concerns are another reason for resistance, he says. An example is retina- and iris-scanning systems, as these images can show symptoms of certain illnesses that people may want to keep private, he says.
DON'T overlook usability. System usability is another important factor. With finger-scanning systems, there is always a segment of the population that encounters difficulties with the scanners getting a correct read due to their skin type, Allen says. "It may mean providing an alternative system for this small group of users, and that might be seen as discriminatory," Allen says. He recounts a client that had to find an alternative for six users out of 2,000 to 3,000, as they could not interact successfully with the scanner. Reasons for enrollment problems include health conditions, racial characteristics, disabilities and personal idiosyncrasies, Most says.
Iris scanners seem to have fewer problems with enrollment, Allen says, but it's not always easy to get a good image. "My eyelids are quite heavy, so I physically have to hold them apart with my fingers to get an image," he says. "It works, but it's inconvenient." Face topography biometrics are also easier for enrollment, he says, but they have a lower accuracy rate.
Vein structure biometrics seem to work in a wide variety of circumstances, he says, although they may fail in extreme temperatures or environments. "A vendor tried it with coal miners, but the carbon from the coal on their fingers blocked the image," he says. On the other hand, these systems can read through medical gloves, which makes them an intriguing option for healthcare applications, he says.
At Beth Israel Deaconess Medical Center, Larry Nathanson, director of emergency medicine informatics, had to test a couple of systems to find one the ER doctors and nurses were comfortable with.
Nathanson was looking for a finger-scanning system for the tablet computers that are increasingly used in Beth Israel's ER. Because Nathanson wanted a strong password system--with a combination of numbers, symbols and uppercase characters--it was too cumbersome to enter the passwords into the tablets, which use on-screen keyboards. "By the time they got done, they could have walked back to their desk and done what they needed to do," he says. "It was a huge barrier."
He tested one finger scanning system, but because of its architecture, it offered only "mild benefits," he says. When a user swiped his finger, the system would go into "identification" mode, checking the print against the back-end database on a one-to-N basis. When finished, it would tell the client to unencrypt the user name and password and plug them into the Web application. Thereafter, it operated in "verify," or one-to-one mode, so when another ER staffer picked up the tablet and swiped his finger, it would first try to verify if this was the same user as before. Because it wasn't, it added additional steps. The catch: It could take 30 to 60 seconds to complete the log-in, which was no faster than entering a password.
He eventually found a workable system from BioKey, which is based on a thin-client architecture, with the bulk of identification happening on the server side. "With BioKey, you're just swiping your finger, and the server does the work on the biometric, eliminating the password," he says. "It's faster and more secure."
DO consider no-touch and "do nothing" technology. According to Most, contact-less and passive biometrics systems (such as face and iris) will gain significant traction because they require less of the user and pose fewer hygiene problems.
"Biometric authentication that does not require the user to do anything, like position themselves or have physical contact with a reader, will prove faster," she says. She refers to a conference she attended, where finger-scanning door locks were on display. "I was laughing because I'm a mom--if you're standing at your front door with groceries and a baby, you want the door to recognize you through something like an iris scanner," she says. "The guy next to me was from Sweden--he said, 'I'm not taking off my glove in the winter to get in the door.'"
Daniel Cook, network engineer and software technician at Bates County Memorial Hospital in Butler, Mo., switched from a fingerprint-based to a vein structure-based setup from Fujitsu for the hospital's time-and-attendance system. The old system yielded too many false negatives, Cook said, denying authorized people because they had abrasions or dirt on their fingers.
The Fujitsu system is more accurate and reads a lot faster, Cook says, and employees prefer it because the sensor is more sanitary. Users hold their hand up to a sensor, which reads the veins in their palms. Although they come into contact with two positioning pieces of the sensor, "it's easy for housekeeping to keep clean," Cook says. In all, there are eight systems implemented for 350 employees at the hospital. Cook also considered an iris scanner, but it was much more expensive, he says.
DO keep an eye on standards. Interoperability has been a key obstacle to biometrics solutions development, according to Most, and a bitter point of contention within the industry. "Though there are still internal battles regarding proprietary technology approaches and solutions, it is widely accepted that the industry as a whole will not progress unless uniform standards allow the integration of technologies from various vendors," she says. Many large commercial and government contracts will not be undertaken without the ability to select image capture devices and algorithms from multiple vendors. Standards are evolving, and some third-party vendors are taking on the interoperability challenge, but much work remains to be done.
DO consider applications with short-term ROI. Of all the business cases to use biometrics, time-and-attendance is the one with the shortest and most certain ROI, according to Most, because it eliminates "buddy-punching," where one person clocks in for another. "Biometrics not only offers the only effective means of addressing this business-breaking problem, but it also has more than a decade of proven performance, reliability and cost savings in time-and-attendance applications," Most says. Industry estimates place intentional and error-driven time theft in the range of 1.5% to 10% of gross payroll, she says.
In addition to stopping buddy-punching, other cost savings are achieved from reductions in overtime and payroll expenses, ending the need for time-clock supervision, and eliminating processes and supplies related to time cards, badges or PINs. "Time-and-attendance systems absolutely pay for themselves within a year, whether it's a small-scale or large system," she says.
According to Raymond Chera, president of RCNY Restaurants, using DigitalDining POS terminals with integrated DigitalPersona fingerprint biometrics, as opposed to the typical card-swipe or passcode method of logging into a cash register, is "a no-brainer" in the fast-food industry.
With the traditional system, employees can clock in friends, and managers' orders can be put through by anyone. With the biometric system, "no one can sign anyone else in or use anyone else's information," he says. The cost difference was minimal, and "the level of security it adds to my business is great--there are no headaches and no worries," he says. Currently, he has implemented the biometric system in just one location, but he plans to use it in all 41 new Arby's restaurants the company is slated to open in New York in the next decade.
Another low-hanging fruit is using voice biometrics for password reset, Miller says: "It's probably the largest point solution for voice biometrics." With renewed emphasis (including government regulations) on strong passwords or frequent resets, voice-based systems can alleviate costs associated with help desk calls. "This is using an expensive resource to do something that could be automated," Miller says.
This can be the camel's nose under the tent, he says. "Once someone registers a voice print, the vendor comes back and says, 'You can also use this for network access control or to harden a Voice Over IP network, to control unwanted access to company conference calls,'" he says.
DO consider multi-modal. Biometrics solutions will increasingly employ more than one mode, which is more accurate and secure. For instance, one biometric, like face recognition, might evaluate subjects against a watch list, while another, like iris recognition, might perform one-to-one authentication and a third does keystroke recognition.
Allen says voice is often used in a multi-modal way. It may be secure enough for identifying and authenticating internal users in call-center and password-reset situations, he says, but some organizations would also add knowledgebase authentication of some kind.
Miller concurs that starting about two years ago, major voice vendors began talking about multifactor authentication, partly to comply with government mandates around the world that required two-factor authentication. "Voice vendors with the highest promise are those dovetailing their voice engine with an existing security infrastructure that has been built around multiple factors," Miller says.
DO consider non-centralized storage. Clients are increasingly interested in systems that store biometrics data on a smart card or memory card, such as an existing building access card, Allen says. With this approach, a user would not only swipe a card, but also interact with a biometric system, which would verify his identity based on information stored on the card.
This increases security because it stops the practice of card-sharing, whether innocently or maliciously, Allen says. Additionally, rather than having to store biometric data in a central location--which requires a network and raises performance considerations--there is no reliance on a network connection. This is reminiscent of what airports use today, combining smart cards and iris recognition, Allen says. The trade-off, of course, is user convenience, as well as cost. "If you use a smart card with a biometric, it's an increase in cost per user, and it adds complexity of a different kind," Allen says.
DON'T overlook multinational restrictions. Allen warns that before making a global commitment to a biometrics approach, check various countries' laws. For instance, French law places restrictions on centralized storage of fingerprint data. So one French bank he knows opted for a vein structure recognition system, and another chose to store finger scan data on smart cards rather than in a central database.