PART 2:What are biometric systems used for?

Reliable user authentication is essential. The consequences of insecure authentication in a banking or corporate environment can be catastrophic, with loss of confidential information, money, and compromised data integrity. Many applications in everyday life also require user authentication, including physical access control to offices or buildings, e-commerce, healthcare, immigration and border control, etc.

Currently, the prevailing techniques of user authentication are linked to passwords, user IDs, identification cards and PINs (personal identification numbers). These techniques suffer from several limitations: Passwords and PINs can be guessed, stolen or illicitly acquired by covert observation.

In addition, there is no way to positively link the usage of the system or service to the actual user. A password can be shared, and there is no way for the system to know who the actual user is. A credit card transaction can only validate the credit card number and the PIN, not if the transaction is conducted by the rightful owner of the credit card.

This is where biometrics systems provide a more accurate and reliable user authentication method, as can be summarised in the table underneath:

Existing user authentication techniques include:

• Something you know, e.g. password or PIN. The issue is that many password are easy to guess, and can also be easily forgotten.
• Something you have, e.g. key or car. They can be lost, stolen or duplicated.
• Something you know and have, e.g. card + PIN.
• Something you are, e.g. fingerprint, hand, iris, retina, voice. You cannot lose them, are unique for each individual and are difficult to forge.