Biometric authentication

 

Biometric authentication

Biometric authentication refers to the security procedure that involves the use of unique biological characteristics of individuals such as retinas, irises, voices, facial characteristics, and fingerprints in order to verify people are who they claim to be. This process is used to control access to physical and digital resources, such as buildings, rooms, and different devices.

The word biometric is a combination of two words: bio (human) and metric (measurement). In simpler words, biometrics are any metrics related to human features which make an individual different from other individuals.

Now, although biometric systems can combine authentication and identification, there is a major difference between the two. Specifically, identification asks, “who are you?” while authentication asks, “Are you who you say you are?” Biometric identification verifies you are you based on your body measurements. Biometric authentication goes one step further and uses that information to compare you against a database and enters your information in service.

Biometric authentication works by comparing two sets of data: the first one is preset by the owner of the device, while the second one belongs to a device visitor. If the two data are nearly identical, the device knows that “visitor” and “owner” are one and the same, and gives access to the person.

Biometric Authentication Methods

There are quite a few types of identifying a user by way of his own body. Below are the most popular biometric technologies that have made their way into users’ hands.

1. Fingerprint Scanners

There are three types of fingerprint scanners: optical, capacitive, and ultrasound.

An optical scanner takes a photo of the finger, identifies the print pattern, and then compiles it into an identification code.

A capacitive scanner works by measuring electrical signals sent from the finger to the scanner. Print ridges directly touch the scanner, sending electrical current, while the valleys between print ridges create air gaps. A capacitive scanner basically maps out these contact points and air gaps, resulting in an absolutely unique pattern. These are the ones used in smartphones and laptops.

Ultrasonic scanners will make their appearance in the newest generation of smartphones. Basically, these will emit ultrasounds that will reflect back into the scanner. Similar to a capacitive one, it forms a map of the finger unique to the individual.

Creating a Fake Finger (Spoofing the Fingerprint)

To open up a smartphone secured with a fingerprint, the attacker will first need to find a high-quality print, that contains a sufficient amount of specific patterns to open up the device. Next, an attacker will lift the fingerprint, place it on a plastic laminate, and then cast a finger to fit this mold.

Once the malicious hacker creates the fake finger, all he has to do is to place it on the scanner, press with his finger to conduct electricity, and then use the unlocked phone.

2. Retina Scanners

Security researchers consider the eye as one of the most reliable body parts for biometric authentication since the retina and iris remain almost completely unchanged during a person’s lifetime. A retinal scan will illuminate the complex blood vessels in a person’s eye using infrared light, making them more visible than the surrounding tissue. Just like fingerprints, no two persons will ever have the same retinal pattern.

3. Iris Scanners

Iris scanners rely on high-quality photos or videos of one or both irises of a person. Irises too are unique to the individual. However, iris scanners have proven to be easy to trick simply by using a high-quality photograph of the subject’s eyes or face. When it comes to biometrics, the iris has several major advantages compared to a fingerprint:

You don’t spread the information around every time you touch something.

The iris stays virtually unchanged throughout a person’s life. A fingerprint, on the other hand, can be dirtied, scarred, or eroded.

You can’t use a fingerprint with dirty or sweaty hands. Irises, however, have no such problem.