Biometric

Eikon Digital Privacy Manager - Fingerprint reader - USBThere are several forms of biometric identification employed in access control: fingerprint, hand geometry, iris and face recognition. The use of biometric technology significantly increases security level of systems because it eliminates such problems as lost, stolen or loaned ID cards, and forgotten or guessed PINs. The operation of all biometric readers is alike: they compare the template stored in memory to the scan obtained during the process of identification. If the probability that the template in the memory and the live scan belong to the same person is high enough, the ID number of that person is sent to a control panel. The control panel then checks permissions of the user and makes the decision whether to grant access or not. The communication between the reader and the control panel is usually done in the industry standard Wiegand protocol. The only exception is intelligent biometric readers that do not require any panels and directly control all door hardware.

Biometric templates may be stored in the memory of readers, in which case the number of users is limited by reader memory size. Readers currently available in the market may store up to 50,000 templates. Template of each user may also be stored in the memory of his/her smart card. This option removes all limits to the number of system users, but it requires each user to have a card and makes finger-only identification impossible. Biometric templates may also be stored in the memory of a central server PC. This option is called "server-based verification". Readers simply read biometric data of users and forward it to the main computer for processing. Such systems support large number of users, but they are very much dependent on the reliability of the central server and communication lines.

1-to-1 and 1-to-many are the two possible modes of operation of a biometric reader.

* In the 1-to-1 mode a user must first identify himself/herself to the reader by either presenting an ID card or entering a PIN. The reader then looks up the template of the user in the database and compares it with the live scan. The 1-to-1 method is considered more secure and is generally faster as the reader needs to perform only one comparison. Most 1-to-1 biometric readers are "dual-technology" readers: they either have a built-in proximity, smart card or keypad reader, or they have an input for connecting an external card reader.
* In the 1-to-many mode a user presents his finger (or hand, eye, etc.) and reader needs to compare the live scan to all the templates stored in the memory. This method is preferred by most end-users, because it eliminates the need to carry ID cards or use PINs. On the other hand this method is slower, because the reader may have to perform thousands of comparison operations until it finds the match. An important technical characteristic of 1-to-many readers is the number of comparisons that can be performed in one second, which is considered the maximum time that users can wait at a door without noticing a delay. Currently most 1-to-many readers are capable of performing 2000-3000 matching operations in one second. (wikipedia.org)

No comments:

Post a Comment