Biometrics and the Case for True Identity Management
Identity theft is the fastest growing crime in the United States, according to the Secret Service and the Federal Trade Commission. It is also an ever-increasing threat to businesses as the sophistication level of hackers continues to evolve. To combat this risk, organizations are fighting back with new biometric technologies that play a vital role in confirming and managing identities.
Included among the fast, highly accurate, non-contact biometric identity verification technology solutions are iris readers. The iris pattern has the most desirable properties for verification compared to other biometrics because of its uniqueness, stability over time and relatively easy accessibility. It also has the highest accuracy among all biometrics. An iris cannot be lent or stolen, and iris readers cannot be fooled by makeup, hair or clothing changes. Some can be read through eyeglasses, sunglasses, contact lenses, even in outdoor environments.
Optimizing Access Control
These are just a few of the reasons why iris recognition systems that deliver confirmed identity are trending upwards as a way to optimize access control and protect an organization’s staff, data and assets. And by integrating iris recognition readers with other modes of authentication such as a PIN or even another biometric authentication such as a fingerprint, a higher level of identity management and accuracy is achieved.
This type of multi-factor authentication confirms identities in three ways to establish absolute certainty or “True Identity” – something they have (i.e. an access card), something they know (i.e. a password) and something they are (i.e. iris recognition). Multi-factor authentication requires the presentation of two or more of the three authentication factors.
In common access control systems, access is authorized either by the reader/controller or by the reader/server based on presentation by the individual of a pre-programmed access card (something they have). Without physical identity verification however, the reader does not have the ability to confirm that the user is in fact the individual assigned to that card.
To reduce the chances of loss or theft of a card, other security systems use “something you know” as a confirmation of identity and authorization, most commonly a password or passcode. Unfortunately, they are vulnerable to guessing or hacking and they can be easy to forget. And, they remain easy to “loan” to another person just by telling them.
Multimodal biometric systems are definitely more secure than other types of authentication systems because they are physically linked to a person. This connection between identity and permissions is critical for identifying the individual and matching them with the correct authorities and permissions. The inclusion of biometric identity verification presents several advantages that can strengthen security including accuracy, flexibility, redundancy and resilience.
- Accuracy – As previously stated, iris recognition technology has the highest accuracy among all biometrics and as such control is significantly improved because it is difficult if not impossible to falsify iris information. When combined with additional authentication factors, identity accuracy is increased. Identification accuracy also need not hamper or delay sign-in/log-in procedures as the gap between convenience and security is quickly closing. New systems on the market offer high-speed capability, allowing scanning of up to 30 people per minute.
- Flexibility – The availability of multiple authentication factors allows for a greater range of security levels but it’s important to remember that factors used in an authentication solution should match the security strength required for access. For example, a lower-security application could accept either one of two provided modes – either a fingerprint or an iris reading along with an access card – to allow entry during work hours, but require both to match outside of normal hours. This approach also better accommodates single reading failures (acquisition errors), or differing staff needs such as a team member with a physical disability.
- Redundancy – Providing multiple biometric/authentication modes can also eliminate a single point of failure. If one reader fails, then the alternative reader(s) can still be used (security level permitting). As well, multi-modal biometric solutions can help eliminate the limitations of a single biometric where there is a greater chance to spoof the system using artificial materials.
- Resilience – The addition of a biometric authentication factor can substantially increase the difficulty for the would-be hacker by creating a level of defense that usually cannot be faked. Further, requiring multiple biometric readings, particularly simultaneous readings, eliminates such spoofing vulnerabilities. Based on this premise, multi-factor authentication, including biometrics, is as an ideal solution for identity-based authentication of computer users as it is for securing a computer facility.
As an identity management solution, iris readers have been deployed in environments as diverse as federal, state and local law enforcement, correctional facilities, travel and border security, healthcare, financial services as well as sports and entertainment venues, in addition to mainstream security locations. Whether used in security or business applications however, multi-modal biometrics are making a meaningful difference in systems security and authorization.