V.
T
HE SOURCE OF THE PROBLEMS
Learning about and assessing the deployment of over 100
biometric identification systems since 1998, it may be
assumed that generally a luck factor decided whether the
system worked or not in the particular application. The
main problem is that within the field of personal
identification systems, biometry is the first technology
that operates with probabilities. Identification a person
with 100% certainty for biometry is practically
impossible. While this is not an issue for a knowledge or
possession based system – as they identify the object, thus
one in possession of the knowledge or the item may
always pass through the access point – this is not the case
with biometry. A further problem is that environmental
factors also have to be taken into account, as they
influence success rates.
These problems lead to another one: when deploying a
biometric system in a security project, selection is done
entirely on a subjective basis. For example, a known
partner suggests something or the customer chooses an
already well-advertised system from a well-known
company.
This lack of knowledge characterises the whole delivery
chain. The manufacturers say something about the
products, the distributor will
acquire them by certain
subjective price/value parameters and the designer and
future customer will also use this data to select the system.
There are no independent and authentic sources that may
provide useful data about whether a system is able to
perform a certain task or not. Even security professionals
and services are stumbling around in the darkness, and
often perform the required tests themselves. However,
most of these companies lack the time, resources and
know-how to perform such test scientifically in a
reproducible way. Many companies only learn from their
own mistakes whether a system was
able or unable to
perform the task set forth for it. We know of a 1000
employee company in Hungary that has so far deployed 3
different fingerprint scanning systems and neither of them
worked.
VI.
S
UMMARY
In this paper, I explored several problems and issues that
make introducing biometric identification
systems
difficult at best for one who has no accurate knowledge of
the true capabilities of the particular devices, and at worst,
a monetary failure. After discovering the pitfalls, let us
turn back to the case studies, and explore what were the
problems and what should have been done.
In the first case study, a well working system with 30
users was suddenly flooded with a lot of other users, and
in the second, a system was introduced which after a short
while, was proven to be improper for the particular
application. We may list several factors that were likely
not considered, while they are crucial for proper
operation. These are listed below:
Maximum user number
Technological limitations and environmental
factors
o
Increased maintenance requirements
User willingness for cooperation
Any device has only so much user capacity and processing
power. While manufacturers often give these limits in the
range of 1000s, we have to consider a small fact here:
many biometric devices operate in 1:N mode, which
means that if a person performs an identification
transaction, the sample presented is matched against the
whole database every time. No independent
studies exist
which prove that identification times and error rates are
the same for 1 and for 1000 users, for example. One must
consider this and conduct tests before significantly
inflating the user number to determine whether an upgrade
is necessary. For systems that operate in 1:1 mode, this
problem is restricted to the effective maximum user
number, since in that case, the sample is only matched to a
pre-selected template.
The second problem is that fingerprint recognition
technology is not useful for everyone. Apart from the
obvious issue of lacking fingers, 1-3% of the population
lack fingerprints. The prints may also be damaged by
abrasive or caustic materials so much that they become
useless for optical recognition. Others may have
permanent scars that also impede proper operation. While
this is impossible to fully circumvent, if there are factors
that suggest future problems, one should consider
deploying a different technology that suit the users and the
operational environment.
On a side note, we must also consider that every device
requires regular maintenance, with the intervals depending
on several factors, including the frequency of use.
Obviously, with a significantly larger user number, one
needs to clean the devices more often to ensure proper
operation.
Finally, one has to gauge whether the users are willing to
use the system. For example, with a small company (the
30 employee one in our example), all personnel might
consider usage of an accurate attendance tracking system
as their best interest. At a large company, it is at least
plausible that some employees have reservations
regarding the system, let it be a misconception or a
malicious intention (i.e. cheating with attendance times).
Failure to determine user willingness for cooperation and
selecting the devices and other access control systems
without considering this factor will ultimately lead to an
unusable system.
I have summarised the biometric technologies accessible
nowadays and introduced their advantages and
disadvantages. Through practical applications, I have also
explored what should be done better when introducing
biometric systems. As a follow up, I will aim my research
to produce a methodology that takes into account the user
number, security environment
and business environment
in order to determine whether a biometric system will be
proper for a certain task.
R
EFERENCES
[1] ABI – Applied Biometrics Institute. www.abibiometrics.org (Óbuda
University, Donát Bánki Faculty, 2011)
[2]. ISO. ISO/IEC 19795-6. Information technology - Biometric
performance testing and reporting. Switzerland, 2012. ISO/IEC
19795-6:2012.
[3]. Tibor, Prof. Dr. Kovács. Basics of Biometrics. 2010.
[4].
Krisztina FÖLDESI, Tibor KOVÁCS, SPECIFICATION IN THE
PRACTICE OF LAW ENFORCEMENT (APPLICATION OF
BIOMETRY).
ACTA
TECHNICA
CORVINIENSIS
–
BULLETIN of ENGINEERING. 2015
[5]. Zoltan Rajnai: Un portrait militaire au reflet de l’insurrection
hongroise ORIENTS (ISSN: 1769-6321) 2013: (10) pp. 93-96.
(2013)
[6]. Csaba Otti. Comparison of hand geometry and fingerprint based
identification. 2015
View publication stats