bio metrics lecture 2008 pd workshop
TRANSCRIPT
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
1/41
1
BIOMETRICSBIOMETRICS
Presentation to 2008 AFCEA PD Workshop
CAL CLUPP BSC CISSPCAL CLUPP BSC CISSPDirector, Risk Management ConsultingDirector, Risk Management Consulting
Bell CanadaBell Canada
(613) 597(613) 597--23362336
[email protected]@bell.ca
Source: http://www.banking.com/aba/january.htm
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
2/41
2 Bell Restricted03 June 2008
OUTLINE
DEFINITION
BRIEF HISTORY
APPLICATIONS
HOW BIOMETRIC DEVICES WORK
TYPES OF DEVICES BIOMETRICS TESTING
EXAMPLE APPLICATIONS
AREAS OF IMPLEMENTATIONS
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
3/41
3 Bell Restricted03 June 2008
DEFINITION
Biometrics - (Classical Definition) Identification of
living things based on physiological and/orbehavioral characteristics
Biometrics - (ISO Definition) A measurable, physicalcharacteristic or personal behavioral trait used torecognize the identity, or verify the claimed identity,of an enrollee.
Biometric System (ISO Definition) An automatedsystem capable of: capturing a biometric sample from an end user;
extracting biometric data from that sample;
comparing the biometric data with that contained in one or
more reference templates; deciding how well they match; and
indicating whether or not an identification or verification ofidentity has been achieved.
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
4/41
4 Bell Restricted03 June 2008
HISTORY OF BIOMETRICS
Used since man first walked upright
We all use facial recognition on a daily basis
We use voice recognition during conversations to identify
the other party (e.g. Telephone)
Fingerprints have been used in forensics for over 100years by police investigators
Babies registered at birth using palm/foot prints
Dental records and X-rays have long been used toidentify decomposed bodies
The hand written signature is a form of behavioral
biometric identification DNA is one of the latest advances used in
identification
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
5/41
5 Bell Restricted03 June 2008
HISTORY (continued)
Modern technologies have made it possible tomechanically and automatically convert physical andbehavioral characteristics into digital electronic form
Early biometric systems were slow, expensive,proprietary and unreliable
They were considered as science fiction orspy toysand not likely to be used by ordinary people in dailytransactions
Today costs are coming down, speed and reliability
are increasing and biometric devices are starting tobecome part of our daily lives
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
6/41
6 Bell Restricted03 June 2008
BIOMETRIC APPLICATIONS
Depending on the application, biometrics can be used for
security, privacy, convenience, fraud reduction, or to deliverenhanced services. Applications include:
Physical security and access control (e.g. borders, airports)
Computer/Network logins (e.g. laptops with fingerprint sensors built in)
Business transactions (e.g. ATM withdrawals)
Credit and debit card protection Voting
Receiving government benefits (e.g. welfare, pension)
Healthcare services (e.g. patient ID)
Law enforcement (e.g. drivers licenses, vehicle registration, smart
guns, criminal identification systems)
Identification Documents (e.g. Visas, passports, SIN cards,
Military/Govt/Corporate ID cards)
Registering race horses, research animals, pets and other wildlife
Data protection (e.g. biometric tokens)
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
7/41
7 Bell Restricted03 June 2008
HOW BIOMETRIC DEVICES WORK
With all biometric systems there are 3 steps (i.e. datacapture, signal processing, and decision) which definethe process flow:
Data Capture
All biometrics start with a piece of raw analogue data (e.g.fingerprint, voice sample, face/hand/retina image)
Signal Processing
This raw data is digitized so that computers can process it
The computer software extracts the critical features (e.g.minutiae) and discards those elements that are irrelevant tomaking a successful comparison (i.e. creates template)
Decision The stored and live templates are compared and if they
match (i.e. within set threshold) user will be accepted
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
8/41
8 Bell Restricted03 June 2008
HOW DEVICES WORK (continued)
During enrollment the template is created and stored(sizes from 9Bytes to 1KByte)
Source: SCA Biometrics May 2002
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
9/41
9 Bell Restricted03 June 2008
HOW DEVICES WORK (continued)
During verification the first 2 steps are repeated with
the resulting representation being the live scan ortemplate.
Source: SCA Biometrics May 2002
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
10/41
10 Bell Restricted03 June 2008
HOW DEVICES WORK (continued)
Compare Template
The live scan is compared to the stored template.
Decide Match
If they match within a set statistical range, it is accepted as valid
Source: SCA Biometrics May 2002
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
11/41
11 Bell Restricted03 June 2008
HOW BIOMETRIC DEVICES WORK
DATA
CAPTURE
SIGNAL
PROCESSING
DECISIONTEMPLATE / BIR
STORAGE
Biometric System
Controller
Signal Detection
Extract Features
Create Template*
Compare
Template
Decide Match
Decide
Acceptance
INPUT / OUTPUT INTERFACES
User Administrator Portal
BiometricSensor
QUALITY CONTROL
Present Biometric Sample
*Template = Processed Biometric Sample
The Create Template process may also include the creation of the Biometric Identification Record (BIR)
Set Threshold
Creation of BIR (Enrollment)
Grant Privileges
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
12/41
12 Bell Restricted03 June 2008
TYPES OF DEVICES
Physiological (i.e. physical) Characteristic Devices
Finger/thumb print readers
Hand/Finger geometry readers
Facial Verification Systems
Eye Scanners Retina Scanners
Iris Scanners
DNA Identification Systems
Voice Verification1
Note 1: Voice verification can also be considered a Behavioral Characteristic device
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
13/41
13 Bell Restricted03 June 2008
DEVICES (continued)
Behavioral Characteristic Devices Voice Verification1
Signature Dynamics Analysis
Keystroke Dynamics Analysis
Gait Analysis
Note 1: Voice verification can also be considered a Physiological Characteristic device
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
14/41
14 Bell Restricted03 June 2008
FINGER/THUMB PRINT READERS
Most widely used
Most systems rely on classifying the differencesbetween ridges and valleys in the patterns of the printand at ridge bifurcations or ridge endings (i.e.minutiae)
Produces one of the largest templates (aprox 1KByte)depending on the method used
Devices are very reliable in use but in some casesother techniques may be required
Several types (e.g. optical, capacitive, ultrasound, RF)
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
15/41
15 Bell Restricted03 June 2008
FINGERPRINT (continued)
Fingerprint matching techniques can be placed into two
categories: minutiae-based and correlation based. Minutiae-based techniques first find minutiae points and then map
their relative placement on the finger. However, there are some
difficulties when using this approach.
It is difficult to extract the minutiae points accurately when thefingerprint is of low quality.
Also this method does not take into account the global pattern ofridges and furrows.
More subject to wear and tear, and false minutiae.
The correlation-based method is able to overcome some of the
difficulties of the minutiae-based approach. However, it has some
of its own shortcomings. Correlation-based techniques (i.e. pattern matching) require the
precise location of a registration point and are affected by imagetranslation and rotation.
Larger templates (often 2 3 times larger than minutiae-based)
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
16/41
16 Bell Restricted03 June 2008
FINGERPRINT (continued)
Intrusive procedure
In 1997 the stamp-sized fingerprint reader on amicrochip was introduced which has led to thepotential for many new applications (e.g. securingsmartcards)
A much smaller scrolling sensor is now availablewhich has made even more applications possibleand has addressed some of the security concernswith latent prints
Some more advanced readers can differentiate
between live and dead tissue by checking for pulse
by sensing oxygen level
by checking capacitance of the biometric sample
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
17/41
17 Bell Restricted03 June 2008
FINGERPRINT (continued)
Print showing various types of MinutiaePrint showing various types of Minutiae
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
18/41
18 Bell Restricted03 June 2008
FINGERPRINT (continued)
To reduce the search time and computational complexity, it is
desirable to classify fingerprints in an accurate and consistent
manner so that the input fingerprint is required to be matched
only with a subset of the fingerprints in the database.
Special algorithms have been developed to classify fingerprints
into five classes, namely, whorl, right loop, left loop, arch, and
tented arch.
Most often used in forensics, rarely in authentication systems
Source: biometrics.cse.msu.edu/info.html
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
19/41
19 Bell Restricted03 June 2008
FINGERPRINT (continued)
Source: Various websites
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
20/41
20 Bell Restricted03 June 2008
FINGERPRINT (continued)
Source: Protective Technologies Website
USDime
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
21/41
21 Bell Restricted03 June 2008
HAND/FINGER GEOMETRY READERS
The first modern biometric device was a handgeometry reader that measured finger length
These devices use a 3D or stereo camera to mapimages of the hands and/or fingers to measure size,shape and translucency
Actual sensor devices are quite large in size
Templates are typically small (approx 10 Bytes)
High acceptance rate among users
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
22/41
22 Bell Restricted03 June 2008
HAND/FINGER GEOMETRY (continued)
Source: Biometrics Store Website
Source: biometrics.cse.msu.edu/info.htmlSource: http://recognitionsystems.schlage.com/products/
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
23/41
23 Bell Restricted03 June 2008
FACIAL RECOGNITION
Considered by some as an intrusive system
Uses high resolution cameras (several types) to takepictures of the face for comparison
The four primary methods traditionally employed by
facial scan vendors to identify and verify subjectsinclude eigenfaces, feature analysis, neural network,and automatic face processing
New systems are being developed that measurethree dimensional characteristics of the face
One of the fastest growing areas in biometricindustry
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
24/41
24 Bell Restricted03 June 2008
FACIAL (continued)
Typical EigenfacesTypical Eigenfaces
Utilizes two dimensional,
global grayscale images
representing distinctivecharacteristics of
a facial image
Variations of eigenface are
frequently used as the basisof other face recognition
methods.
Source: MIT Face Recognition Demo Page
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
25/41
25 Bell Restricted03 June 2008
FACIAL (continued)
Eigenface: "one's own face," a technology patented at MIT thatuses 2D global grayscale images representing distinctivecharacteristics of a facial image. Most faces can bereconstructed by combining features of 100-125 eigenfaces.During enrollment, the user's eigenface is mapped to a seriesof numbers (coefficients). Upon a 1:1 match, a "live" templateis matched against the enrolled template to obtain a coefficient
variation. This variation either accepts or rejects the user. Local Feature Analysis (LFA): also a 2D technology, though
more capable of accommodating changes in appearance orfacial aspect (e.g., smiling, frowning). LFA uses dozens offeatures from different regions of the face; incorporates the
location of these features. Relative distances and angles of the"building blocks" of the face are measured. LFA canaccommodate 25-degree angles in the horizontal plane and 15degrees in the vertical plane. LFA is a derivative of theeigenface method and was developed by Visionics, Corp.
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
26/41
26 Bell Restricted03 June 2008
FACIAL (continued)
Automatic Face Processing (AFP): This 2D technology uses
distances and distance ratios between eyes, nose, and cornersof mouth. Not as robust as the other technologies, but may bemore affective in dimly lit, frontal image capture situations.
Neural Networks: use algorithms that use as much of the face aspossible. These algorithms run as the human brain would in
cognition to learn about facial features. Neural networks are astep up from LFA.
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
27/41
27 Bell Restricted03 June 2008
FACIAL (continued)
New Volumetric-based 3D Processing Systems: Create a templateof the face that is based on tens-of-thousands of points on theface, thus forming a very high-resolution interpretation of thesubject.
A 3D laser camera takes a picture of the face and represents it within a
virtual cube.
The input starts as a digital image and does not need to beconverted
The secret to a true 3D method lies in the ability to use direct
measurements to compare individuals.
That is, rather than the traditional method of an indirect searchfor facial features on an image, these systems look at specific
points within a millimeter apart..
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
28/41
28 Bell Restricted03 June 2008
FACIAL (continued)
Varying light (i.e. outdoors) can affect accuracy Some systems can compensate for minor changes
such as puffiness and water retention
Smiling, frowning, etc can affect accuracy
Some systems can be confused by glasses, beards,
etc
Human faces vary dramatically over long term(aging) and short term (facial hair growth, differenthair styles, plastic surgery)
Expected high rate of acceptance as people arealready used to being photographed or monitored
Best method for identification systems (e.g. airports)
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
29/41
29 Bell Restricted03 June 2008
FACIAL (continued)
Source: MIT Face Recognition Demo Page
Source: biometrics.cse.msu.edu/info.html
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
30/41
30 Bell Restricted03 June 2008
RETINA SCANNERS
Rely on the uniqueness of the pattern of bloodvessels lining the retina
Users place their eyes a few inches from anincandescent light beam and the sensor maps thecapillary pattern by measuring reflected light
People with high blood pressure, diabetes orglaucoma may give inconsistent readings
Template aprox 35 Bytes and extremely reliable
Primary use is in high security access control
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
31/41
31 Bell Restricted03 June 2008
RETINA SCANNERS (continued)
CameraCamera Enrollment deviceEnrollment device
Source: Biometrics Store Website
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
32/41
32 Bell Restricted03 June 2008
RETINA SCANNERS (continued)
Main retina featuresMain retina features Actual photo of retinaActual photo of retina
Source: American Academy of Ophthalmology
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
33/41
33 Bell Restricted03 June 2008
VOICE VERIFICATION
A completely non-intrusive technique
Examines tonal wave patterns that cannot beimitated by other individuals (voice patterns ofimpersonators are different than the real voicepattern)
Analog recordings cannot reproduce accurate tonepatterns, but digital recordings may be able to do so Random question and answer techniques, and pattern
matching (i.e. comparing successive voice samples) mayhelp to prevent reply attacks based on digital voicerecordings
Most appropriate method for telephone use
People with colds & laryngitis can affect FRR although slight variations can be compensated for
Signal quality can introduce errors (e.g. bad phoneline, noise in background)
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
34/41
34 Bell Restricted03 June 2008
VOICE VERIFICATION (continued)
It is these well-formed, regularpatterns that are unique toevery individual. These patternsare created from the size andshape of the physical structure
of a person's vocal tract. Sinceno two vocal tracts are exactlythe same, no two signalpatterns can be the same.
A complete signal has an
overall pattern, as well as amuch finer structure, calledthe frame. This frame is theessence of voice verificationtechnology.
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
35/41
35 Bell Restricted03 June 2008
VOICE VERIFICATION (continued)
These unique featuresconsist of cadence,pitch, tone, harmonics,and shape of vocal tract.
The image at rightshows howcharacteristics of voiceactually involve much
more of the body thanjust the mouth.
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
36/41
36 Bell Restricted03 June 2008
SIGNATURE ANALYSIS
These devices quantify speed, pressure, angle-of-attack and stroke characteristics (40 plus)
A typical system will take up to 100 elements ofspeed, pressure, etc to characterize an individual
User stress can affect the accuracy of this device
Signatures tend to change over time
These types of devices are now starting to make theirway into practical everyday use
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
37/41
37 Bell Restricted03 June 2008
SIGNATURE ANALYSIS (continued)
Built-in sensors register the dynamics of the act of writing. These dynamics
include the 3D-forces that are applied, the speed of writing, and the angles invarious directions.
This signing pattern is unique for each individual, and thus allows for strong
authentication. It also protects against fraud since it is practically impossible to
duplicate "how" someone signs.Source: Biometrics Store Website and Smart Pen
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
38/41
38 Bell Restricted03 June 2008
EXAMPLE IMPLEMENTATIONS
Otay Mesa, California/Mexico border crossing
facial recognition of drivers who frequently cross border
Japanese Racing Association
uses iris scanning to identify over 10,000 race horses
Walt Disney World, Florida
seasons ticket holders gain entrance by finger geometry Coca Cola is using hand geometry to prevent
workers from buddy punchingat the time clock
Lotus employees must pass hand geometry scanbefore picking up their kids at the company daycare
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
39/41
39 Bell Restricted03 June 2008
IMPLEMENTATIONS (continued)
Several states use voice recognition for parolees onhome detention
US Immigration and Naturalization Service
Frequent travelers between Canada and Montana use
voice verification to access an automated border crossing
system
A leading ATM manufacturer in Tokyo, OKI ElectricIndustry Co has implemented iris scanners in ATMmachines of Japanese banks
ICAO using facial recognition as mandatory identifier
and fingerprints & iris as optional identifiers onMRTDs
Aeroplan Voice Recognition System for AccountAccess
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
40/41
40 Bell Restricted03 June 2008
IMPLEMENTATIONS (continued)
Terminal 3 at Pierson Airport uses hand geometry to
identify frequent travelers between US and Canada Canadian Airlines uses voice recognition to control
access at two of its hangars
Citizenship and Immigration Canada - $3.5 millionbiometric pilot project
Transport Canada and the Canadian Air TransportSecurity Authority (CATSA) new restricted areaidentification card
Facial Recognition Project at the Passport Office
Bell Canada Maintenance Technician Voice
Verification Bell Canada Client Account Access Voice Verification
(My voice is my password)
-
8/3/2019 Bio Metrics Lecture 2008 PD Workshop
41/41
41 Bell Restricted03 June 2008
Summary
Today's powerful computers and microelectronics make biometric
identification and verification systems a reality Biometric advocates still face uphill battle to convince the skeptical
public, legislators, lawyers & security professionals that systems are
safe, reliable and worth implementing
In the aftermath of 9/11, Biometrics has seen a resurgence in
interest and is now being seriously considered by governments andother organizations as part of their solution for ensuring the identity
of individuals and protecting their assets
Biometrics by itself is not the solution, only one part of it
Biometrics has the potential to be utilized in any application where
authentication and verification is required and it is only a question oftime before we start to see these systems used in our daily lives
Use of Biometrics is not the main contributor to security and privacy
risks, only the inappropriate or inadequate implementation of it is