Biometrics 101

There is much interest in the use of biometrics for verification, identification, and screening applications, collectively called biometric authentication. This interest has been heightened because of the threat of terrorism. Biometric authentication systems offer advantages over systems based on knowledge or possession such as unsupervised (legacy) authentication systems based on password/PIN and supervised (legacy) authentication systems based on driver's licences and passports. The most important advantage is increased security: when a person is authenticated based on a biometric, the probability that this person is the originally enrolled person can be statistically estimated or computed in some other way. When a person is authenticated based on a password or even based on human observation, no such probabilities can be determined. Of course, the mere capability to compute this probability is not sufficient, what is needed is that the probability of correct authentication is high and the error probabilities are low. Achieving this probabilistic linking by introducing biometrics in authentication systems brings along many design choices and may introduce additional security loopholes. This document studies the many aspects of biometric applications that are an issue even before a particular biometrics has been selected; it further studies many issues that are associated with the currently popular biometric identifiers, namely, finger, face, voice, iris, hand (geometry) and signature.