Bio-metrics has become a vital part of the newly emerging technologies. In simple terms, bio-metrics refer to any metrics corresponding to and connected with human features.The most used examples of bio-metrics would be the iPhone’s fingerprint, and facial recognition technology. As a newly emerging technology, bio-metrics can bring about convenience by replacing passwords.
Bio-metrics is a method to measure a person’s physical characteristics to verify their identity. They can include psychological traits, such as fingerprints and eyes, or behavioral traits, such as a unique way a person completes a puzzle.To be useful, bio-metric data must be complete, exclusive, and collectible. Once these aspects have been measured, information is correlated to a database. For example, every time a phone is unlocked with a fingerprint, or facial recognition software, that is the use of bio-metrics. These are the everyday uses of bio-metrics technology.
However, there are other uses of bio-metrics as well. For example, the police may collect DNA and fingerprints at crime scenes or may refer to video surveillance to analyse a suspect’s features. Certain exams might include retinal scans or genetic tests.
There can be many types of bio-metric data. Some of them are:
· Face Recognition: This type of bio-metric data measures the different features of a person’s face by contemplating and evaluating his facial features. It is mainly used in security and law enforcement, but also as a method to validate identity and unlock devices like smartphones and laptops.
· Iris Recognition: This type of bio-metric data identifies the exclusive patterns of a person’s iris. This kind of data mostly has use in security applications.
· Fingerprint scanner:This type of bio-metric data captures the patterns of ridges on an individual’s finger. This has widespread use in case of smartphones and sometimes, laptops.
· Voice recognition: This type of bio-metric data captures the sound waves in a person’s voice as she speaks onto a device. Banks may use voice recognition to verify a person’s identity, or the individual may use it while giving instructions to a smart speaker like Amazon Alexa.
Bio-metric data can be stored on servers, on an end-user’s device, or through a distributed data model – storing a part of it on the device, and another part on the servers. There are certain risks associated with storing of this bio-metric data. Centralized storage of bio-metric data on a server makes it a target for hackers who only need to break into the server to collect information. One such instance occurred in 2015 where 5.6 million sets of fingerprints were among the personal data stolen from the United States Office Personnel Management (OPM). Storing the data on an end-user device does not create any problem as such. Unless hackers are looking for information on a particular person, the end-user’s device is of far less importance to them. The most secure method of storing the data is through the distributed data model. Using visual cryptography, the bio-metric data is broken up into files of code upon introduction. Some of that data is stored on servers, and some on the end-user’s device. To prove identity, the data on the device is checked to see if it matches with the data stored on the network. This becomes a digital version of two people who don’t know each other using the halves of a torn document to prove who they are.
It is difficult to use bio-metric data to cheat a system. There are facial and iris recognition softwares that have been spoofed by photographs. In 2016, researchers at Vkansee, a mobile security firm, unlocked an iPhone with fingerprints collected from Play-Doh. To overcome such shortcomings, bio-metric systems are making use of a method in order to detect “liveness”. For example, there are fingerprint scanners that can now detect a pulse and facial recognition software that can gauge “depth of field”. There are techniques to detect blood flow underneath the skin of an individual.
However, these methods are more applicable on an individual, and not on a wholesale level. This brings forth another advantage of bio-metric security. While there have been instances of large amounts of bio-metric data being stolen (such as the OPM case), there aren’t any noted cases of that data being used on a large scale. Compared to this data, there have been more instances of frauds being committed using data from stolen password protected systems. The data stored in a bio-metric database is more vulnerable than any kind of data, because, even though passwords can be changed, a person’s fingerprint or iris scan cannot. This proves to be highly vulnerable, since, if bio-metric data is compromised once, it may no longer be in the individual’s control.