Retinal Scan

Retinal scans measure the blood vessel patterns in the back of the eye. Retinal scan templates are typically 40 to 96 bytes. Because users perceive the technology to be somewhat intrusive, retinal scanning has not gained popularity with end-users. The device involves a light source shined into the eye of a user who must be standing very still within inches of the device. Because the retina can change with certain medical conditions, such as pregnancy, high blood pressure, and AIDS, this biometric might have the potential to reveal more information than just an individual’s identity.

Emerging biometric technologies:

Many inventors, companies, and universities continue to search the frontier for the next biometric that shows potential of becoming the best. Emerging biometric is a biometric that is in the infancy stages of proven technological maturation. Once proven, an emerging biometric will evolve in to that of an established biometric. Such types of emerging technologies are the following:

• Brainwave Biometric
  

• DNA Identification
  

• Vascular Pattern Recognition
  

• Body Odor Recognition
  

• Fingernail Bed Recognition
  

• Gait Recognition
  

• Handgrip Recognition
  

• Ear Pattern Recognition
  

• Body Salinity Identification
  

• Infrared Fingertip Imaging & Pattern Recognition
  

SECURITY ISSUES:

The most common standardized encryption method used to secure a company’s infrastructure is the Public Key Infrastructure (PKI) approach. This approach consists of two keys with a binary string ranging in size from 1024-bits to 2048-bits, the first key is a public key (widely known) and the second key is a private key (only known by the owner). However, the PKI must also be stored and inherently it too can fall prey to the same authentication limitation of a password, PIN, or token. It too can be guessed, lost, stolen, shared, hacked, or circumvented; this is even further justification for a biometric authentication system. Because of the structure of the technology industry, making biometric security a feature of embedded systems, such as cellular phones, may be simpler than adding similar features to PCs. Unlike the personal computer, the cell phone is a fixed-purpose device. To successfully incorporate Biometrics, cell-phone developers need not gather support from nearly as many groups as PC-application developers must.

Security has always been a major concern for company executives and information technology professionals of all entities. A biometric authentication system that is correctly implemented can provide unparalleled security, enhanced convenience, heightened accountability, superior fraud detection, and is extremely effective in discouraging fraud. Controlling access to logical and physical assets of a company is not the only concern that must be addressed. Companies, executives, and security managers must also take into account security of the biometric data (template). There are many urban biometric legends about cutting off someone finger or removing a body part for the purpose of gain access. This is not true for once the blood supply of a body part is taken away, the unique details of that body part starts to deteriorate within minutes. Hence the unique details of the severed body part(s) is no longer in any condition to function as an acceptable input for scanners. The best overall way to secure an enterprise infrastructure, whether it be small or large is to use a smart card. A smart card is a portable device with an embedded central processing unit (CPU). The smart card can either be fashioned to resemble a credit card, identification card, radio frequency identification (RFID), or a Personal Computer Memory Card International Association (PCMCIA) card. The smart card can be used to store data of all types, but it is commonly used to store encrypted data, human resources data, medical data, financial data, and biometric data (template). The smart card can be access via a card reader, PCMCIA slot, or proximity reader. In most biometric-security applications, the system itself determines the identity of the person who presents himself to the system. Usually, the identity is supplied to the system, often by presenting a machine-readable ID card, and then the system asked to confirm. This problem is "one-to- one matching." Today's PCs can conduct a one-to-one match in, at most, a few seconds. One-to-one matching differs significantly from one-to-many matching. In a system that stores a million sets of prints, a one-to-many match requires comparing the presented fingerprint with 10 million prints (1 million sets times 10 prints/set). A smart card is a must when implementing a biometric authentication system; only by the using a smart card can an organization satisfy all security and legal requirements. Smart cards possess the basic elements of a computer (interface, processor, and storage), and are therefore very capable of performing authentication functions right on the card. The function of performing authentication within the confines of the card is known as ‘Matching on the Card (MOC)’. From a security prospective MOC is ideal as the biometric template, biometric sampling and associated algorithms never leave the card and as such cannot be intercepted or spoofed by others (Smart Card Alliance). The problem with smart cards is the public-key infrastructure certificates built into card does not solve the problem of someone stealing the card or creating one. A TTP (Trusted Third Party) can be used to verify the authenticity of a card via an encrypted MAC (Media Access Control).

CULTURAL BARRIERS/PERCEPTIONS:

People as diverse as those of variable abilities are subject to many barriers, theories, concepts, and practices that stem from the relative culture (i.e. stigma, dignity or heritage) and perceptions (i.e. religion or philosophical) of the international community. These factors are so great that they could encompass a study of their own. To that end, it is also theorized that to a certain degree that the application of diversity factors from current theories, concepts, and practices may be capable of providing a sturdy framework to the management of employees with disabilities. Moreover, it has been implied that the term diversity is a synonymous reflection of the initiatives and objectives of affirmative action policies. The concept of diversity in the workplace actually refers to the differences embodied by the workforce members at large. The differences between all employees in the workforce can be equated to those employees of different or diverse ethnic origin, racial descent, gender, sexual orientation, chronological maturity, and ability; in effect minorities.

ADVANTAGES OF BIOMETRIC TECHNOLOGIES:

Biometric technologies can be applied to areas requiring logical access solutions, and it can be used to access applications, personal computers, networks, financial accounts, human resource records, the telephone system, and invoke customized profiles to enhance the mobility of the disabled. In a business-to-business scenario, the biometric authentication system can be linked to the business processes of a company to increase accountability of financial systems, vendors, and supplier transactions; the results can be extremely beneficial. The global reach of the Internet has made the services and products of a company available 24/7, provided the consumer has a user name and password to login. In many cases the consumer may have forgotten his/her user name, password, or both. The consumer must then take steps to retrieve or reset his/her lost or forgotten login information. By implementing a biometric authentication system consumers can opt to register their biometric trait or smart card with a company’s business-to-consumer e-commerce environment, which will allow a consumer to access their account and pay for goods and services (e-commerce). The benefit is that a consumer will never lose or forget his/her user name or password, and will be able to conduct business at their convenience. A biometric authentications system can be applied to areas requiring physical access solutions, such as entry into a building, a room, a safe or it may be used to start a motorized vehicle. Additionally, a biometric authentication system can easily be linked to a computer-based application used to monitor time and attendance of employees as they enter and leave company facilities. In short, contactless biometrics can and do lend themselves to people of all ability levels.

DISADVANTAGES OF BIOMETRIC TECHNOLOGIES:

Some people, especially those with disabilities may have problems with contact biometrics. Not because they do not want to use it, but because they endure a disability that either prevents them from maneuvering into a position that will allow them to make use the biometric or because the biometric authentication system (solution) is not adaptable to the user. For example, if the user is blind a voice biometric may be more appropriate.

BIOMETRIC APPLICATIONS:

Most biometric applications fall into one of nine general categories:

• Financial services (e.g., ATMs and kiosks).
  

• Immigration and border control (e.g., points of entry, precleared frequent travelers, passport and visa issuance, asylum cases).
  

• Social services (e.g., fraud prevention in entitlement programs).
  

• Health care (e.g., security measure for privacy of medical records).
  

• Physical access control (e.g., institutional, government, and residential).
  

• Time and attendance (e.g., replacement of time punch card).
  

• Computer security (e.g., personal computer access, network access, Internet use, e-commerce, e-mail, encryption).
  

• Telecommunications (e.g., mobile phones, call center technology, phone cards, televised shopping).
  

• Law enforcement (e.g., criminal investigation, national ID, driver’s license, correctional institutions/prisons, home confinement, smart gun).
  

CONCLUSION:

Currently, there exist a gap between the number of feasible biometric projects and knowledgeable experts in the field of biometric technologies. The post September 11 th, 2002 attack (a.k.a. 9-11) on the World Trade Center has given rise to the knowledge gap. Post 9-11 many nations have recognized the need for increased security and identification protocols of both domestic and international fronts. This is however, changing as studies and curriculum associated to biometric technologies are starting to be offered at more colleges and universities. A method of closing the biometric knowledge gap is for knowledge seekers of biometric technologies to participate in biometric discussion groups and biometric standards committees. The solutions only needs the user to possess a minimum of require user knowledge and effort. A biometric solution with minimum user knowledge and effort would be very welcomed to both the purchase and the end user. But, keep in mind that at the end of the day all that the end users care about is that their computer is functioning correctly and that the interface is friendly, for users of all ability levels. Alternative methods of authenticating a person’s identity are not only a good practice for making biometric systems accessible to people of variable ability level. But it will also serve as a viable alternative method of dealing with authentication and enrollment errors. Auditing processes and procedures on a regular basis during and after installation is an excellent method of ensuring that the solution is functioning within normal parameters. A well-orchestrated biometric authentication solution should not only prevent and detect an impostor in instantaneous, but it should also keep a secure log of the transaction activities for prosecution of impostors. This is especially important, because a great deal of ID theft and fraud involves employees and a secure log of the transaction activities will provide the means for prosecution or quick resolution of altercations.

REFERENCES:

• Pankanti S, Bolle R & Jain A, Biometrics:The Future of Identification
  

• Nalwa V, Automatic on-line signature verification
  

• Biometric Consortium homepage, WWW.biometrics.org
  

K.Murali graduated from St.Peter’s Engineering College, affiliated to Chennai University, India in Electronics and Communication Engineering in 2004. He has started his career as a Technical Engineer in M L Telecom, Chennai, India. He has presented technical papers on Bio-Medical Engineering, Digital Wireless Communication, Tele-Medicine, and Spread Spectrum Techniques. His current research interests are in the areas of Biometrics and Wireless Mobile Internet.

AUTHOR CONTACT INFO:

ADDRESS: 1/A, THIRU VENKATACHARI STREET,

VENKATAPURAM, AMBATTUR,

CHENNAI-53,

TAMIL NADU STATE, INDIA

PHONE NUMBER: +91-0416-2297260

+91-0-9841242284(mobile)

EMAIL ID: murali_waves@yahoo.co.in