emerging biometric applications expectations and reality (in 25 minutes or less!)
TRANSCRIPT
-
Emerging BiometricApplicationsExpectations and Reality(in 25 minutes or less!)
-
An Emerging Technology
-
What are Biometrics?The term biometrics refers to a science involving the standard analysis of biological characteristics.
A biometric is a unique, measurable characteristic or trait of a human being for automatically recognising or verifying identity.
-
Who are you?No, who are you, really???
-
Authentication Methods in Network & Internet SecuritySomething you areBiometrics Positive identificationNever lost or stolenSomething you knowPasswordsPINsMothers maiden name Something you haveATM cardSmart cardDigital certificate
-
BiometricsInnateIrisRetinaEarFingerprintPalm / handFace (visual & heat)Skin detail / veinsDNA / Blood / Saliva / anti-bodiesHeart rhythmFootprintLipsBehavioralGaitSignatureTyping style
MixedVoiceBody odour
-
Why Biometrics?Biometric identification (e.g., fingerprints, face and voice) will emerge as the only way to truly authenticate an individual, which will become increasingly important as security and privacy concerns grow.
- Gartner Group 26th April 2000
-
How do Biometrics Work?Enrolment: Add a biometric identifier to a database
Fingerprint, Voice, Facial or IrisVerification: Match against an enrolled record
-
Fingerprint Image Identification
-
Randomness
-
Accuracy v. Affordability v. Acceptability01234Accuracy >>Affordability >>Courtesy, Veridicom Corp.
-
Benefits for the Consumer
-
Benefits of BiometricsBiometrics link a particular event to a particular individual, not just to a password or token, which may be used by someone other than the authorized user
-
Business ScenariosThe password problemRemote accessWho is using our fee-based web-site?Challenge-response tokensToo many physical-access devicesProtecting the single-sign-on vault
-
The Password ProblemTheyre either too easy or theyre written down somewhere!
Users forget them!
Help Desk has to sort out the mess!
-
The Password Problem
Write it Down4728816% of respondentsNeverOccasionallyOftenAlwaysSource: CCH
-
The Password Problem
Resets per YearSource: CCH
-
The Password ProblemIdentifiable costsLost productivityFlow-on productivity lossesSupport teamManagement and infrastructure
US research - $340 per incident*
Anecdotal some incidents over $AU10,000*BioNetrix Corp - www.bionetrix.com/inserts.pdf
-
Choosing Technologies and Partners
-
Privacy Concerns and EthicsCriminal stigma3rd party use of dataSold or given for other than intended purposeProvided to law enforcementUnauthorized accessIdentity theftTracking of actions through biometricsReligious objections - Mark of the Beast
-
Australian Privacy ActNPP 4 Data Security
An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.
-
Privacy Policy Recommendations5 basic principlesNotice disclose ALL data capturedAccess anyone can view their stored dataCorrection MechanismInformed Consent no 3rd-party involvementReliability & Safeguarding
-
Who would use BiometricsStrong identification and authenticationMedium high data securityNon-repudiation (I didnt do it!)
-
Who would use BiometricsThe last metreFee-for-service web sites e-Commerce transaction verification
-
Selecting Biometric TechnologiesUser / environment considerations
Technology factors
-
Technology Comparison
-
AccuracyFalse rejection rateMeasures how often an authorized user, who should be recognized by the system, is not recognized.I am not recognised as me!
False acceptance rateMeasures how often a non-authorized user, who should not be recognized by the system, is falsely recognized.You are pretending to be me!
-
Matching vs. Non-Matching Prints
-
Selecting a Biometric SolutionWho can help?
-
Your Vendor / ConsultantExisting relationshipAbility to integrate biometrics into existing platformAbility to draw on other experience
-
Australian Biometric Testing OrganisationRecently incorporatedImpartial testerEducation sourceGovernment & industry funded
www.biomet.org/[email protected]
Introduction to Biometrics 1-day course August 30th
-
What problem are we solving?If biometrics is the answer, whats the question?
-
Evaluation StrategyDefine the requirementsTesting & trialingManagement buy-inInternal champion (not the IT Manager)
-
Who is using it?Connecticut Dept Social WelfareHealth ApplicationABN-AMRO
-
What are some of the products?
-
Give Passwords the Finger!