Common Mistakes when Implementation Biometrics Based Systems

In today’s modern society biometric identification is integral to improved security and information management in both private and government applications to reduce risk and improve business efficiencies.

The 1st step in implementing a biometrics solution is been able to select a suitable biometric system meeting predefined criterions. It is important to understand not just the differences between the biometric systems, but also which factors are the most importance for a particular environment and target population. There are quite a large number of biometric technologies and applications out there. For example, usability may be more important than uniqueness for clocking into an engineering plant, whereas uniqueness is likely to be the main consideration in a corrections facility. The factors to consider are:

Universality – How common is the biometric characteristics? Every individual accessing the application should possess the trait. For example, signature biometrics might not be suitable for illiterate users who may not be able to sign. Similarly, a biometric system may not be able to acquire meaningful biometric data from a subset of individuals resulting in a failure to enroll (FTE) error. For example, a fingerprint system may fail operate on some individuals due to the poor quality of their fingerprints.

Uniqueness – It is desirable that the given trait is sufficiently different across individuals comprising the population. It is critical to understand how similar a biometric characteristic is to that of others and therefore how likely it is to be mistaken for another? One of the most common biometric questions is that of uniqueness, how unique is a human face, human fingerprints or DNA? Such a measure is important for biometric system vulnerabilities, especially as a measure of the strength of cryptosystems and for privacy measures.

Permanence – It is desirable that the biometric trait of an individual is sufficiently invariant over a period of time with respect to the matching algorithm. Therefore it is vital to understand to the extent to which the trait remains unchanged over a lifetime. For example, signature biometrics might low permanence, as the handwritten signature tends to vary along time and vulnerability to direct attacks using forgeries.

Collectability –It is desirable that the biometric trait can easily be captured using suitable devices that do not cause undue inconvenience to the individual. For example, face recognition might be convenient for recognizing suspected criminal from a distance by the authorities while retina scan would be inconvenient for the policy. It is important to further understand if the biometric technology will operate indoors where lighting, temperature and other variables are controlled, or outdoors where things are more variable.

Performance – It is desirable that the associated technology is robust in terms of speed. Different biometric technologies can perform human verification at different speeds. In addition, a biometrics system operating in verification mode is significantly faster than a similar system operating in identification mode. See previous articles for reference.

Acceptability – Individuals in the target population that will utilize the application should be willing to present their biometric trait to the system. It’s important to be familiar with the target population who’ll be using the biometric solution. For example, are they members of the general public with a mix of ethnic and education levels and a variety of attitudes?

Circumvention – How likely it is that a person could find a way around the technology and therefore achieving unauthorised access? This requires a good understanding of the False accept and false reject rate which was introduced in the previous articles.

More information on the implementation of biometrics based solutions can be requested from