Introduction

Biometrics are automated methods of identifying a person or verifying the identity of a person
based on a physiological or behavioral characteristic. Biometric-based authentication is the
automatic identity verification, based on individual physiological or behavioral characteristics, such
as fingerprints, voice, face and iris. Since biometrics is extremely difficult to forge and cannot be
forgotten or stolen, Biometric authentication offers a convenient, accurate, irreplaceable and high
secure alternative for an individual, which makes it has advantages over traditional cryptography-
based authentication schemes. It has become a hot interdisciplinary topic involving biometric and
Cryptography. Biometric data is personal privacy information, which uniquely and permanently
associated with a person and cannot be replaced like passwords or keys. Once an adversary
compromises the biometric data of a user, the data is lost forever, which may lead to a huge
financial loss. Hence, one major concern is how a person’s biometric data, once collected, can be
protected.

HISTORY AND DEVELOPMENT OF BIOMETRICS

The idea of using patterns for personal identification was originally proposed in 1936 by
ophthalmologist Frank Burch. By the 1980’s the idea had appeared in James Bond films, but it still
remained science fiction and conjecture. In 1987, two other ophthalmologists Aram Safir and
Leonard Flom patented this idea and in 1987 they asked John Daugman to try to create actual
algorithms for this iris recognition. These algorithms which Daugman patented in 1994 are the basis
for all current iris recognition systems and products.
Daugman algorithms are owned by Iridian technologies and the process is licensed to several other
Companies who serve as System integrators and developers of special platforms exploiting iris
recognition in recent years several products have been developed for acquiring its images over a
range of distances and in a variety of applications. One active imaging system developed in 1996 by
licensee Sensar deployed special cameras in bank ATM to capture IRIS

images at a distance of up to 1 meter. This active imaging system was installed in cash machines
both by NCR Corps and by Diebold Corp in successful public trials in several countries during I997
to 1999. a new and smaller imaging device is the low cost “Panasonic Authenticam” digital camera
for handheld, desktop, e-commerce and other information security applications. Ticket less air
travel, check-in and security procedures based on iris recognition kiosks in airports have been
developed by eye ticket. Companies in several, countries are now using Daughman’s algorithms in a
variety of products.

TYPES OF BIOMETRICS
Fingerprints: The patterns of friction ridges and valleys on an individual's fingertips are unique to
that individual. For decades, law enforcement has been classifying and determining identity by
matching key points of ridge endings and bifurcations. Fingerprints are unique for each finger of a
person including identical twins. One of the most commercially available biometric technologies,
fingerprint recognition devices for desktop and laptop access are now widely available from many
different vendors at a low cost. With these devices, users no longer need to type passwords –
instead, only a touch provides instant access.

Face Recognition: The identification of a person by their facial image can be done in a number of
different ways such as by capturing an image of the face in the visible spectrum using an
inexpensive camera or by using the infrared patterns of facial heat emission. Facial recognition in
visible light typically model key features from the central portion of a facial image. Using a wide
assortment of cameras, the visible light systems extract features from the captured image(s) that
do not change over time while avoiding superficial features such as facial expressions or hair.
Speaker Recognition:. Speaker recognition uses the acoustic features of speech that have been
found to differ between individuals. These acoustic patterns reflect both anatomy and learned
behavioral patterns .

Speaker recognition: This incorporation of learned patterns into the voice templates has earned
speaker recognition its classification as a "behavioral biometric." Speaker recognition systems
employ three styles of spoken input: text-dependent, text-prompted and text independent. Most
speaker verification applications use text-dependent input, which involves selection and enrollment
of one or more voice passwords. Text-prompted input is used whenever there is concern of
imposters. The various technologies used to process and store voiceprints include hidden Markov
models, pattern matching algorithms, neural networks, matrix representation and decision trees.

Iris Recognition: This recognition method uses the iris of the eye which is the colored area that
surrounds the pupil. Iris patterns are thought unique. The iris patterns are obtained through a
video-based image acquisition system. Iris scanning devices have been used in personal
authentication applications for several years. Systems based on iris recognition have substantially
decreased in price and this trend is expected to continue. The technology works well in both
verification and identification modes.

Hand and Finger Geometry: To achieve personal authentication, a system may measure either
physical characteristics of the fingers or the hands. These include length, width, thickness and
surface area of the hand. One interesting characteristic is that some systems require a small
biometric sample. It can frequently be found in physical access control in commercial and
residential applications, in time and attendance systems and in general personal authentication
applications.

Signature Verification: This technology uses the dynamic analysis of a signature to authenticate a
person. The technology is based on measuring speed, pressure and angle used by the person when
a signature is produced. One focus for this technology has been e-business applications and other
applications where signature is an accepted method of personal authentication.

APPLICATIONS
Iris-based identification and verification technology has gained acceptance in a number of different
areas. Application of iris recognition technology can be limited only by imagination. The important
applications are those following:--
Used in ATM’s for more secure transaction.

Used in airports for security purposes.

Computer login: The iris as a living password.

Credit-card authentication

Secure financial transaction (e- commerce, banking).

“Biometric—key Cryptography “for encrypting/decrypting messages.

Driving licenses and other personal certificates.

Entitlements and benefits authentication.

Forensics, birth certificates, tracking missing or wanted person.

ADVANTAGES AND DISADVANTAGES

A critical feature of this coding approach is the achievement of commensurability among iris codes,
by mapping all irises into a representation having universal format and constant length, regardless
of the apparent amount of iris detail. In the absence of commensurability among the codes, one
would be faced with the inevitable problem of comparing long codes with short codes, showing
partial agreement and partial disagreement in their lists of features.

Advantages
It is an internal organ that is well protected against damage by a highly transparent and
sensitive membrane. This feature makes it advantageous from finger print.

Flat , geometrical configuration controlled by 2 complementary muscles control the

diameter of the pupil makes the iris shape more predictable .

An iris scan is similar to taking a photograph and can be performed from about 10 cm to a
 few meters away.

Encoding and decision-making are tractable .

Genetic independence no two eyes are the same.

Disadvantages
The accuracy of iris scanners can be affected by changes in lightning.
Obscured by eyelashes, lenses, reflections.
Deforms non-elastically as pupil changes size.

Iris scanners are significantly more expensive than some other form of biometrics.

As with other photographic biometric technologies, iris recognition is susceptible to poor

image
quality, with associated failure to enroll rates
As with other identification infrastructure (national residents databases, ID cards, etc.), civil
rights
activists have voiced concerns that iris-recognition technology might help governments to track
individuals beyond their will.

Biometrics and Privacy

Whenever biometric identification is discussed, people always want to know about the implications
for personal privacy. If a biometric system is used, will the government, or some other group, be
able to get personal information about the users? Biometric measures themselves contain no
personal information. Hand shape, fingerprints or eye scans do not reveal name, age, race, gender,
health or immigration status. Although voice patterns can give a good estimation of gender, no
other biometric identification technology currently used reveals anything about the person being
measured. More common identification methods, such as a driver’s license, reveal name, address,
age, gender, vision impairment, height and even weight! Driver’s licenses, however, may be easier to
steal or counterfeit than biometric measures.
Biometric measures can be used in place of a name, Social Security number or other form of
identification to secure anonymous transactions. Walt Disney World sells season passes to buyers
anonymously, then uses finger geometry to verify that the passes are not being transferred. Use of
iris or fingerprint recognition for anonymous health care screening has also been proposed. A
patient would use an anonymous biometric measure, not a name or Social Security number, when
registering at a clinic. All records held at the clinic for that patient would be identified, linked and
retrieved only by the measure. No one at the clinic, not even the doctors, would know the patient’s
“real” (publicly recognized) identity.
The real fear is that biometric measures will link people to personal data, or allow movements to be
tracked. After all, credit card and phone records can be used in court to establish a person’s
activities and movements. There are several important points to be made on this issue.
Phone books are public databases linking people to their phone number. These databases are even
accessible on the Internet. Because phone numbers are unique to phone lines2, “reverse” phone
books also exist, allowing a name to be determined from a phone number. Even if a number is
unlisted, all information on calls made from that number may be available to law enforcement
agencies through the subpoena process. There are no public databases, however, containing
biometric identifiers, and there are only a few limited-access government databases. Five US states
have electronic fingerprint records of social service recipients (Arizona, California, Connecticut,
New York and Texas); six states (Cali- fornia, Colorado, Georgia, Hawaii, Oklahoma and Texas)
maintain elec- tronic fingerprints of all licensed drivers3; nearly all states maintain copies of driver’s
license and social service recipient photos; the FBI and state governments maintain fingerprint
databases on convicted felons and sex offenders; and the federal government maintains hand
geometry records on those who have voluntarily requested border crossing cards General access to
this data is limited to the agencies that collected it .

but like credit card and phone “toll records”, this information can be released or searched by law
enforcement groups acting under court order. Unlike phone books, however, databases of biometric
measures cannot
generally be reversed to reveal names from measures because biometric measures, although
distinctive, are not unique. Fingerprint, retinal and iris databases may be exceptions, allowing
reversal if the biometric data was carefully collected. But general biometric measures do not serve
as useful pointers to other types of data. The linking of records is always done by unique identifiers
such as Social Security and credit card numbers. Bio- metric measures are not generally useful in
this regard, even if databases linking information to measures were to exist. For these reasons,
biometric measures are not useful for tracking the movements of people, as is already possible
using telephone and credit card numbers.
Databases of biometric images, and the numerical models or templates derived from them, are
often encrypted with the intention of inhibiting their compromise in bulk. But compromise of
individual measures cannot always be prevented by protecting databases and transmission
channels because biometric measures, although privately owned, are sometimes publicly
observable (e.g. a photo of a person’s face can be taken with a camera or downloaded from a web
page). In general, biometric measures are not secret, even if it might be quite complicated to
acquire usable copies (e.g. a retinal map) without the cooperation of the owner. When used for
security, bio- metric characteristics are more like public keys than private keys. Unlike public keys,
however, biometric measures cannot be revoked if stolen or mimicked. The industry is currently
working on methods for “live-ness testing” and revocation, hoping to ameliorate these problems
The privacy issues raised by the use of biometrics.

1.Unlikemorecommonformsofidentification,biometricmeasurescontainno
personal information and are more difficult to forge or steal.

2.BiometricmeasurescanbeusedinplaceofanameorSocialSecuritynumberto secure anonymous

transactions.

3.Some biometric measures(faceimages,voicesignalsand“latent”fingerprintsleft on surfaces) can be

taken without a person’s knowledge, but cannot be linked to an identity without a pre-existing
invertible database.

4.ASocialSecurityorcreditcardnumber,andsometimesevenalegalname,can identify a person in a large

population. This capability has not been demonstrated using any single biometric measure.

5.Liketelephoneandcreditcardinformation,biometricdatabasescanbesearched outside of their

intended purpose by court order.

6.Unlike credit card,telephoneorSocialSecuritynumbers,biometriccharacteristics change from one

measurement to the next.

7.Searchingforpersonaldatabasedonbiometricmeasuresisnotasreliableor efficient as using better

identifiers, like legal name or Social Security number.

8.Biometricmeasuresarenotalwayssecret,butaresometimespubliclyobservable and cannot be

revoked if compromised.

A System Model
Although these devices rely on widely different technologies, much can be said about them in
general.

Data Collection
Biometric systems begin with the measurement of a behavioral/physiolog- ical characteristic. Key to
all systems is the underlying assumption that the measured biometric characteristic is both
distinctive between individuals and repeatable over time for the same individual. The problems in
mea- suring and controlling these variations begin in the data collection subsystem.
The user’s characteristic must be presented to a sensor. The presentation of any biometric
characteristic to the sensor introduces a behavioral (and, consequently, psychological) component
to every biometric method. This behavioral component may vary widely between users, between
applica- tions, and between the test laboratory and the operational environment. The output of the
sensor, which is the input data upon which the system is built, is the convolution of: (1) the
biometric measure; (2) the way the mea- sure is presented; and (3) the technical characteristics of
the sensor. Both the repeatability and the distinctiveness of the measurement are negatively
impacted by changes in any of these factors. If a system is to be open, the presentation and sensor
characteristics must be standardized to ensure that biometric characteristics collected with one
system will match those collected on the same individual by another system. If a system is to be
used in an overt, non-cooperative application, the user must not be able to will- fully change the
biometric or its presentation sufficiently to avoid being matched to previous records.

Transmission
Some, but not all, biometric systems collect data at one location but store and/or process it at
another. Such systems require data transmission. If a great amount of data is involved, compression
may be required before transmission or storage to conserve bandwidth and storage space. Figure
1.1 shows compression and transmission occurring before the signal pro- cessing and image
storage. In such cases, the transmitted or stored com- pressed data must be expanded before
further use. The process of compression and expansion generally causes quality loss in the restored
signal, with loss increasing with increasing compression ratio. The com- pression technique used
will depend upon the biometric signal. An inter- esting area of research is in finding, for a given
biometric technique, compression methods with minimum impact on the signal-processing
subsystem.
If a system is to be open, compression and transmission protocols must be standardized so that
every user of the data can reconstruct the original signal. Standards currently exist for the
compression of fingerprints (Wavelet Scalar Quantization), facial images (JPEG), and voice data
(Code Excited Linear Prediction).
Signal Processing
Having acquired and possibly transmitted a biometric characteristic, we must prepare it for
matching with other like measures. Figure 1.1 divides the signal-processing subsystem into four
tasks: segmentation, feature extraction, quality control, and pattern matching.
Segmentation is the process of finding the biometric pattern within the transmitted signal. For
example, a facial recognition system must first find the boundaries of the face or faces in the
transmitted image. A speaker verification system must find the speech activity within a signal that
may contain periods of non-speech sounds. Once the raw biometric pattern of interest has been
found and extracted from larger signal, the pattern is sent to the feature extraction process.
Feature extraction is fascinating. The raw biometric pattern, even after segmentation from the
larger signal, contains non-repeatable distortions caused by the presentation, sensor and
transmission processes of the system. These non-controllable distortions and any non-distinctive
or redundant elements must be removed from the biometric pattern, while at the same time
preserving those qualities that are both distinctive and repeatable. These qualities expressed in
mathematical form are called “fea- tures”. In a text-independent speaker recognition system, for
instance, we may want to find the features, such as the mathematical frequency relation- ships in
the vowels, that depend only upon the speaker and not upon the words being spoken, the health
status of the speaker, or the speed, volume and pitch of the speech. There are as many wonderfully
creative mathemat- ical approaches to feature extraction as there are scientists and engineers in
the biometrics industry. You can understand why such algorithms are always considered
proprietary. Consequently, in an open system, the “open” stops here.
In general, feature extraction is a form of non-reversible compression, meaning that the original
biometric image cannot be reconstructed from the extracted features. In some systems,
transmission occurs after feature extraction to reduce the requirement for bandwidth.
After feature extraction, or maybe even before, we will want to check to see if the signal received
from the data collection subsystem is of good quality. If the features “don’t make sense” or are
insufficient in some way, we can conclude quickly that the received signal was defective and
request a new sample from the data collection subsystem while the user is still at the sensor. The
development of this “quality control” process has greatly improved the performance of biometric
systems in the last few short years. On the other hand, some people seem never to be able to
present an accept- able signal to the system. If a negative decision by the quality control module
cannot be overridden, a “failure to enroll” error results.
The feature “sample”, now of very small size compared to the original signal, will be sent to the
pattern matching process for comparison with one or more previously identified and stored feature
templates or models. We use the term “template” to indicate stored features. The features in the
template are of the same type as those of a sample. For instance, if the sample features are a
“vector” in the mathematical sense, then the stored template will also be a “vector”. The term
“model” is used to indicate the construction of a more complex mathematical representation
capable of generating features characteristic of a particular user. Models and features will be of
different mathematical types and structures. Models are used in some speaker and facial
recognition systems. Templates are used in finger- print, iris, and hand geometry recognition
systems.
The term “enrollment” refers to the placing of a template or model into the database for the very
first time. Once in the database and associated with an identity by external information (provided by
the enrollee or others), the enrollment biometric data is referred to as the template or model for the
individual to which it refers.
The purpose of the pattern matching process is to compare a presented fea- ture sample to the
stored data, and to send to the decision subsystem a quanti- tative measure of the comparison. An
exception is enrollment in systems allowing multiple enrollments. In this application, the pattern
matching pro- cess can be skipped. In the cooperative case where the user has claimed an identity
or where there is but a single record in the current database (which might be a magnetic stripe
card), the pattern matching process might only make a comparison against a single stored
template. In all other cases, such as large-scale identification, the pattern matching process
compares the present sample to multiple templates or models from the database one at a time, as
instructed by the decision subsystem, sending on a quantitative “distance” measure for each
comparison. In place of a “distance” measure, some systems use “similarity” measures, such as
maximum likelihood values.
The signal processing subsystem is designed with the goal of yielding small distances between
enrolled models/templates and later samples from the same individual and large distances between
enrolled models/tem- plates and samples of different individuals. Even for models and samples from
the same individual, however, distances will rarely, if ever, be zero, as there will always be some
non-repeatable biometric-, presentation-, sensor- or transmission-related variation remaining after
processing.
Storage
The remaining subsystem to be considered is that of storage. There will be one or more forms of
storage used, depending upon the biometric system. Templates or models from enrolled users will
be stored in a database for comparison by the pattern matcher to incoming feature samples. For
sys- tems only performing “one-to-one” matching, the database may be distrib- uted on smart
cards, optically read cards or magnetic stripe cards carried by each enrolled user. Depending upon
system policy, no central database need exist, although in this application a centralized database
can be used to detect counterfeit cards or to reissue lost cards without re-collecting the biometric
pattern.
The database will be centralized if the system performs one-to-N matching with N greater than one,
as in the case of identification or “PIN- less verification” systems. As N gets very large, system
speed requirements dictate that the database be partitioned into smaller subsets such that any
feature sample need only be matched to the templates or models stored in one partition, or indexed
by using an appropriate data structure which allows the templates to be visited in an advantageous
order during the retrieval [61]. These strategies have the effect of increasing system speed and
decreasing false matches, at the expense of increasing the false non- match rate owing to
partitioning errors. This means that system error rates do not remain constant with increasing
database size and identification systems do not scale linearly. Consequently, database partitioning/
indexing strategies represent a complex policy decision [56].
If it may be necessary to reconstruct the biometric patterns from stored data, raw (although
possibly compressed) data storage will be required. The biometric pattern is generally not
reconstructable from the stored templates or models, although some methods [41] do allow a
coarse recon- struction of patterns from templates. Further, the templates themselves are created
using the proprietary feature extraction algorithms of the system vendor. The storage of raw data
allows changes in the system or system vendor to be made without the need to re-collect data from
all enrolled users.
Decision
The decision subsystem implements system policy by directing the data- base search, determines
“matches” or “non-matches” based on the distance or similarity measures received from the
pattern matcher, and ultimately makes an “accept/reject” decision based on the system policy. Such
a deci- sion policy could be to reject the identity claim (either positive or negative) of any user
whose pattern could not be acquired. For an acquired pattern, the policy might declare a match for
any distance lower than a fixed threshold and “accept” a user identity claim on the basis of this
single match, or the policy could be to declare a match for any distance lower than a user-
dependent, time-variant, or environmentally linked threshold and require matches from multiple
measures for an “accept” decision. The policy could be to give all users, good guys and bad guys
alike, three tries to return a low distance measure and be “accepted” as matching a claimed
template. Or, in the absence of a claimed template, the system policy could be to direct the search
of all, or only a portion, of the database and return a single match or multiple “candidate” matches.
The decision policy employed is a management decision that is specific to the operational and
security requirements of the system. In general, lowering the number of false non-matches can be
traded against raising the number of false matches. The optimal system policy in this regard
depends both upon the statistical characteristics of the comparison distances coming from the
pattern matcher, the relative penalties for false match and false non-match within the system, and
the a priori (guessed in advance) probabilities that a user is, in fact, an impostor. In any case, in the
testing of biometric devices, it is necessary to decouple the performance of the signal processing
subsystem from the policies implemented by the decision subsystem.