Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Identity ManagementBanking/Finance/Insurance

8 Best Practices for Biometrics Deployment in ATM Applications

By Philip Scarfo
atm-enews
June 14, 2016

While many biometric modalities have been tried at the ATM, fingerprint biometrics has become one of the most widely used, partly because of its long history, but more importantly for its ease of use, performance, interoperability, ability to thwart imposters and low cost. And contrary to many claims or what has been depicted in movies, fingerprint characteristics cannot easily be transferred, socially engineered or guessed. Biometrics is quite simply the simplest and most universal form of personal identity. There are also no literacy, language, race, gender or other barriers to biometrics’ widespread adoption or deployment. User authentication is completed with the simple touch of a finger.

That said, best practices should be observed for the most successful implementation of a secure, convenient and trusted authentication solution. Key focus areas should include the following:

Biometric Sensor Reliability – Sensor reliability is essential. It is critical that sensor technology be capable of working reliably under the broadest range of real world conditions. This is possible using sensors featuring multispectral imaging technology to ensure unique fingerprint characteristics can be extracted from both the surface and subsurface of the skin. Also important is liveness detection capabilities to prevent spoof attacks – the use of fake fingerprints or “spoofs” to impersonate a legitimate user and gain unauthorized access.

Optimized Data Security– Biometrics data must be handled like all sensitive and identifying information. Properly architected system designs will always consider and protect against both internal and external threats and attacks. Beyond the encryption of the data itself, there are now many good alternatives available for building highly secure and well protected systems, including the use of multi-factor and even multi-modal authentication to maintain security even if some identifying data is compromised.

Tamper Protection and Trusted Connections – The biometric used to authenticate the user for each transaction must interoperate with trusted devices at each point of verification. The solution must create a device-independent, trusted physical identity verification process. Additionally, the physical devices themselves must be tamper resistant to ensure that all transaction integrity is preserved.

Scenario Testing – Scenario testing is always recommended in order to evaluate biometric technologies in specific environments and applications.

Linking Mobile Credentials to a Biometric Identity – Because digital credentials are simply aliases for one’s true identity, it is critical to authenticate credentials stored on a user’s personal device and link those credentials back to a true identity with biometrics.

More Robust Biometric Templates – It may be desirable in some application-dependent situations to construct and enforce the use of enhanced biometric templates. The use of a "super template" that uniquely combines biometric data with other information – perhaps even an OTP or other out-of-band data – enables the system to recognize and reject a biometric template that was created from a stolen fingerprint image.

Implementation Policies– Effective authentication solution deployments are supported by appropriate business policies. Well-designed systems can significantly reduce risks and vulnerabilities. However the best system deployments are those that employ effective business policies to control or otherwise ensure the proper use of these systems. Enrollment policy, number of allowed attempts before lockout and basic exception handling are good examples of workflow considerations that will significantly impact security, convenience, and the anticipated return on investment.

Privacy Protection – System design must provide for end-user privacy. The ability to store biometric data on a personal device eliminates the need for a local database or network connection and is one way to ensure privacy. Encryption and tamper resistant devices prevent the interception of private biometric, biographic, and transactional data. Finally, while biometric characteristics are not themselves inherently private, well-designed biometric solutions prevent fraudulent access and allow individuals to control their true identity.

The goal of any transaction at the ATM is to conveniently provide a service while ensuring the identity of the individual to whom the service is being provided. Managing risk is a matter of balancing and, ideally, combining security and convenience. Biometric authentication provides this capability with the highest level of certainty, which is why it is increasingly popular for securing ATM transactions.

However, with new technology adoption comes new risks: as biometric applications become increasingly widespread, and are relied upon for securing personal transactions, deployed solutions are likely to be targeted for attack. Consequently, it will be increasingly important for those deploying biometric authentication to understand that not all biometric devices and solutions are created equal.

We all have only one true identity, and this identity must be protected in a sensible, balanced and efficient way. Nothing in life is without risk but there are no longer valid technical or business reasons to rely on outdated security systems and practices. Biometrics offers us the ability to make productive use of the myriad of digital credentials that we use and manage today – and to do so in a manner that is more secure and convenient, and actually protects our true identity. We no longer should have to choose between greater security or convenience, when with biometrics we can get both.

KEYWORDS: ATM security bank security biometric access management biometric security fingerprint biometrics theft prevention

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Philip J. Scarfo, Senior Vice President of Sales and Marketing, Lumidigm (Part of HID Global)

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Columns
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • computer-code.jpg

    8 identity management best practices to have in place

    See More
  • Exclusives Feature Image

    Safety in the Cloud - Best Practices for Private and Public Models

    See More
  • IAM-cyber-freepik1170x658v7.jpg

    8 best practices to harden identity and access management permissions

    See More

Related Products

See More Products
  • Photonic-Sensing.gif

    Photonic Sensing: Principles and Applications for Safety and Security Monitoring

  • 9780367221942.jpg

    From Visual Surveillance to Internet of Things: Technology and Applications

  • 9780815378068.jpg.jpg

    Biometrics, Crime and Security

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing