Biometric Authentication Techniques
When you think of biometric authentication, sci-fi media may come to mind but in fact, it’s used in real life quite often. From the FBI’s DNA database to your thumbprint lock on your smartphone, biometric authentication is a huge part of present life. This form of security protocol is popular because of its strength. Biometrics are unique to each individual and therefore hard to replicate, making this form of identification security the smartest option. Thumbprints and DNA are not the only way to use biometric authentication. There are several different ways each human can be their own personal password and here is how:
Deoxyribonucleic acid (DNA) is the self-replicating genetic material that is found in nearly all living organisms. Because no DNA is identical, it is the strongest form of individual identification. As well, because a person’s DNA does not change throughout their life, it is the most reliable long-term biometric identifier. Another perk to DNA is that the data is easily digitized and stored.
A professor from the UK was the first to pioneer DNA identity testing in 1985 and not even an entire decade later the FBI developed their DNA database. Nationally recording both DNA from crime scenes, and from convicted Felons. Since then, the database has grown to over 12.6 million profiles.
Handprints & Fingerprints
Hands and fingers have been used as identifiers for much longer than DNA. Fingerprints specifically were characterized as unique in the late 1800’s by Sir Francis Galton and by 1903, a fingerprint made it into a Sherlock Holmes story. Just like sci-fi sometimes accurately predicts our technology, Sherlock did the same and come 1969 the FBI pushed for a fingerprint identification system to be developed. In 1975 fingerprint scanners were developed, also by the FBI and commercial fingerprint identification products started to appear in the late 90’s. Nowadays, fingerprints can be used to gain access to computers, tablets, and smartphones.
Fingerprint scanning technology works by mapping out the unique ridges on the skin of the fingertip. Individuality is found in two ways. First is the location and direction of the ridge’s ending points and second are the splits found along the ridges. To assure fingers are live and not dummy versions, sweat pores are also sometimes factored into the scanning process. Fingerprint technology is increasing in popularity with 52% of consumers wanting banks to use fingerprint scanning as a way to access banking apps.
Similar to fingerprints, palm identification is also common. Originally used as long ago as the late 50’s for employee contracts, palmprints are similar to fingerprints in that ridge characteristics are part of the identification. Additionally palmprints also contain spatial attributes and geometric characteristics. Think hand and finger length and spacing. In 2003, 30% of crime scene prints were handprint and not fingerprints, making it not such a shock that state law enforcement agencies started using palmprint databases in 2004.
Interestingly, fingernails are another up and coming form of biometric authentication. Still being researched, there are two ways fingernail identification would work. Fingernail beds protect the dermal structure underneath of them and this structure may be used as an identifier. Electromagnetic waves will be used to scan the dermal layer below the nail. Research has shown that even identical twins have different fingernail beds. The second way a fingernail could be used as a unique identifier is via the finger nail itself. As a possible identifier with a 2 month lifespan, nail plate surfaces are being researched. Scans would consist of using the ring, middle, and index nail plates.
As well, vascular systems within the hand and knuckles can be used for biometric authentication. Knuckles contain unique patterns that are largely stable over time. Crease uniqueness and inherent geometry of the middle and ring finger knuckles are the best way to establish authenticity. As for vascular identifiers, the year 2000 brought on the first use of blood vessel patterns to identify individuals although the technology had been present since 1992. Use of near infrared light allows blood vessels in the hand to be seen. A person’s individual pattern does not alter over time and would be difficult to forge.
Eyes & Facial Recognition
Next to DNA, retinas the most precise form of biometric authentication. The concept of retinal identification was first published in the New York State Journal of Medicine in 1935, but it wasn’t until the mid 70s that technology began development around the concept. The very first commercial retina scanner came to life in 1981. Retinal scanners identify the unique blood vessel patterns at the back of a person’s eye. It works with a low energy infrared light beam directed towards the eye, scanning the retina. The blood vessels absorb the light easier than tissue, making a reflective imprint of the blood vessel patterns.
Retinas are not the only part of the eye that has the ability to uniquely identify, Iris patterns are also used as biometric authentication and have been the 80’s when the concept was first patented. Near infrared light scans pick up the intricacies of the iris. No person has two identical iris’ nor do twins have matching iris’. An iris scan can read the eye through contact lenses, non-mirrored sunglasses, and eyeglasses. Iris scans became an internationally standardized biometric for e-passports in 2006 and by 2016 India’s government database had enrolled 1 billion iris scans. In the US, the FBI has over 400k iris scans on file since their pilot program began in 2013.
Moving onto the entire face, biometric authentication has come a long way from the 1960’s when facial recognition systems were first deployed. Then, the administrator would have to manually locate facial features, and now there are advances technologies like thermal identification which allows facial features to be recognized under hats or makeup. Traditional methods use facial landmarks to identify, while 3D recognition isn’t interfered with by lighting or angle difference. There is also skin texture analysis which further enhances identifying capabilities. The general public took a stand for privacy in 2006 because of the FBI using facial recognition software to scan Super Bowl attendees and comparing the faces to mugshots. Regardless, by 2016 the FBI facial database held 52 million faces, or approximately ⅓ of American faces.
Behavioural Biometric Authentication
Unlike scans, behavioural authentication is captured over a short period of time. These methods include signature and voice recognition, as well as gait. Here is a break down each identifier:
Using voice for authentication has been around since the U.S Air Force used Texas built voice recognition technology in 1976. The identification process works in multiple ways. Acoustic patterns are identified by the physical structure of the vocal tract and unique behaviours like mouth movements, pitch, and pronunciation. Voice is often a chosen method for remote authentication because of its availability and the capability of phone and computer microphones.
Signatures are used as recognition when compared to stored signatures. The identifying factors include pressure points, visual style comparison qualities, coordinate measures, and pen inclination. Signatures can be used as static identifiers which is largely comparing two signatures in existence, or more comprehensive and accurate dynamic identifiers which records the process as much as the outcome.
A slightly less accurate form of behavioural authentication is keystrokes: identifying individuals based on their typing patterns. This technique has been around since the 60’s and where it isn’t as on point as other methods, it’s a promising way to reassure an identity is correct. As well, a person’s natural gait can be an identifier. One’s gait is their personal movement and stance through walking. Generally, it’s how we carry ourselves. Unfortunately, there are many elements that affect the outcome such as footwear, injuries, and aging with passing of time. These two behavioural biometrics are more purposeful in instilling confidence in the identification process than being positive identifiers on their own.
A person’s earlobe is a stable feature that doesn’t alter as people age. Distinguishing characteristics include the ear’s height, inner ear curve, and all corresponding angles. This type of identification can take place at a bit of a distance, too.Also, a person’s personal odor is an identifier, and one bloodhounds know all about. However, there are many variables that make this canine-skill a hard one to replicate. Secondary odors like diet and environment easily through off the scent, not to mention lotions, soaps, perfumes, and other scented products.
Lips are often used along with facial recognition, but on their own they have unique features to be used as identifiers. Upper and lower lip size, as well as furrows, grooves, and the distance between lines and their edges all make lips completely unique from one person to the next. Lastly, a tongue is a difficult to forge form of biometric authentication. Identification can be based on color, geometric shape, and texture.
Sci-fi aside, biometric authentication has a real world presence that is undeniably useful. New systems and protocols are continuously being developed to enhance the way we use our bodies as unique means to gain access. In the world of technology and biometrics, what will come next?