The main aim of Biometrics is to solve the limitations of the old traditional access controls to humans. The extent to which biometrics solve the limitations of the old traditional access control can be impacted by how biometrics is implemented, the biometrics algorithms, the algorithm implementer. These are some of the important factors which must not be undermined. More traditional means of access control include token-based identification systems, such as a driver’s license or passport, and knowledge-based identification systems, such as a password or personal identification number. In particular, traditional methods have the following limitations:
Weak passwords are easy to guess (by non legitimate user) and difficult passwords may be hard to remember (by a legitimate user). This could lead to a security breach where personal or business secrets are stolen by an outsider.
Sharing credentials is generally common with colleagues although this is forbidden by policy. A computer user shares his or her password with a colleague who requires access — even though, in most organizations (and in many security-related laws and regulations), this is forbidden by policy.
User convenience may not be possible using traditional security techniques. For example, users maintaining different passwords for different applications may find it challenging to recollect the password associated with a specific application.
Lost key cards can easily be obtained by non legitimate users. Often they have the name of the organization on them, so it’s like finding a key with an address on it, permitting the person who found it a free after-hours tour of the organisation.
Sophisticated Criminals have acquired great expertise in circumventing the old identification systems. This has resulted in a global rise of identity fraud and theft and the use of sophisticated means to evade detection.
It is vital to realise that the above limitations may apply to biometric solution if it is not implemented with strict guidelines and if it does not adhere to international standards.
By using biometrics it is possible to establish an identity based on `who you are’, rather than by `what you possess’ (e.g., an ID card) or `what you remember’ (e.g., a password). Biometrics is based on Physiological and Behavioural characteristics. Physiological characteristics include fingerprints, hand geometry, facial image, retina and iris. The behavioural characteristics are actions carried out by a person in a characteristic way and include signature, voice pattern, keystroke sequences and gait (the body movement while walking).
Researchers at Biometric Research Laboratory (BRL) within Namibia Biometric Systems (NBS) recommend that it is vital to understand biometrics implementation guidelines and international standards prior to implementation. Biometrics should not be treated like a black box. This ensures that the limitations of traditional security methods are eliminated.
More information on the implementation of biometrics based solutions can be requested from firstname.lastname@example.org.