Biometrics: not as difficult as it seems

Today, much is said about multifactor identification, as a way to qualitatively increase the level of security. Moreover, not every project considers biometric factors as an additional level of protection. But in vain. Worth it! Because today reliable and reliable methods of working with biometric information are available that can be implemented in existing infrastructure without high costs.

Despite the fact that access control and management systems (ACS) are used today in most manufacturing companies, government agencies and business centers, for the most part these solutions are based on old-generation RFID cards. The HID Prox plastic badge familiar to everyone serves as a companion to employees when moving across different zones, but it’s already obvious to everyone that one RFID card does not provide the proper level of security, because it can be stolen, lost, forgotten or simply faked.

Yes, there are more advanced cards, such as multi-functional iClass with encryption support, and even including a random password generator. Together with a cell phone, they may well provide multi-factor identification, but they do not differ in the advantages that biometric methods provide - the latter do not allow you to steal something from an employee in order to gain access. Of course, it is possible to cut off a hand, but it will be a much more serious crime, and imitation of a 3D person in general is still a matter of science fiction films.



Precisely because the card can be stolen, many companies use photo verification methods. Usually they are implemented in manual mode, when a security officer checks a photo on a document with the face of a person using this pass. But a person needs considerable time to check compliance, and errors are not excluded. And according to the results of research by NIST (National Institute of Standards and Technology), the current level of development of automated photo-identification algorithms that have emerged from the practice of neural networks can significantly improve accuracy and reduce recognition speed to a fraction of a second.

Types of biometric identification

Thanks to the advent of affordable terminals, biometric technologies have become increasingly common. Proof of this is the presence of fingerprint readers in smartphones. If you put a sensor in there without much appreciating the device, this is not a problem for corporate infrastructure. Today, the creation of three types of biometric identification systems looks quite real:

• By fingerprint - the reader is installed on the entrance or near the door and allows you to fix the entrance and exit of a person without any additional documents
• By voice - voice analysis can occur anywhere in the room, or a person may be required to call a specific number from his phone.
• In appearance - a completely non-contact identification method as a result of comparing a face image obtained in a video stream with a stored template.

The development of these technologies, and especially the latter, can greatly change the work of social objects. For example, photo verification of the owner of a single transport card with a reduced cost of travel will allow you to not let a person who does not own a card through the validator simplify the control of the operation of transport systems in the capital and other cities. Similar scenarios can be applied in production and in business centers.

To introduce or not to introduce?

As we all know well, technological and organizational barriers are relevant for any project. Today we can confidently say that from a technological point of view, biometric systems are fully ready to work in a wide range of applications. But difficulties arise with the organizational moment.

However, when users get a choice, they begin to see and appreciate the benefits of biometric identification. For example, in the technology park of Naberezhnye Chelny, one-factor identification was implemented, but with a choice - visitors can use either an RFID card or a fingerprint. Watching this project, we noticed that initially only 5-10% of visitors used the second method, but after a year the ratio was 50 × 50. Perhaps this is the best way to let staff get used to it - give them the choice to use the old system or the new one.

Convergent systems

But while many are considering how to strengthen multi-factor authentication, technologies continue to evolve, and biometrics are used simultaneously for access control systems and information systems. We believe that Identity Access Management (IAM) tools will soon be integrated with security tools for physical access.

How will it work? There are many scenarios. In particular, at the entrance to the office, you can take a picture of yourself with a mobile device (for example, using the HID Mobile application), and in case of confirmation of the person’s conformance, he gets access to the RFID reader to attach his card. Such an approach will make it possible to completely forget what a pass office is, while increasing access security at times.

It is also possible to configure voice authentication to obtain one-time passwords for access to information systems. What could be simpler is to call the desired number, repeat the phrase after the robot and receive the code in SMS. At the same time, the theft of the phone will not work - after all, authorization takes place both by number and by voice of the user.

Implementation cost

So, if you already have an ACS, the transition to biometric identification, as a rule, implies the replacement of readers. If you are thinking about fingerprinting, then the issue is resolved within $ 200 per terminal, but there is no need to maintain outdated passes and be responsible for security risks.

From an organizational point of view, visitors only need to fill out an application in advance and agree to the processing of personal data. After providing the necessary information directly on the organization’s website, a person is given access according to the biometric feature used in the system. In addition to fingerprint sensors, you can install video cameras, and if you have already deployed a video surveillance system, set up analytical tools for working with a picture. Thus, the introduction of biometrics is much simpler than many other methods of multifactor authentication, while at the same time making the lives of employees and visitors more comfortable.