Biometric procedures are used to determine a person’s identity. In access controls, they therefore offer an effective alternative to knowledge-based methods that use passwords or ownership-based methods with keys or tokens.
Everyone knows Columbo, the scruffy TV detective in the beige trench coat, cigar in the corner of his mouth, who solves crimes in his own inimitable way. In the episode “Suitable for Framing,” art critic Dale Kingston shoots his uncle in order to inherit a large art collection, and has a number of tricks up his sleeve to mislead the investigators. But Columbo uncovers the deception, finding fingerprints where they shouldn’t have been...
Biometric passport control
Anyone who has traveled to the United States recently will be familiar with the procedure: At the airport, the prints of both index fingers are scanned and a digital portrait photo is taken. The “US-VISIT” program is not only used to combat terrorism, but also to monitor residence permits. Under pressure from the United States, the Council of the European Union has decided to include biometric data in the member states’ passports. Biometrics also play an important role in connection with the “ePass.” For example, the passport photo has been stored electronically in German passports since 2005, and from 2007 this will be extended to include electronic fingerprints as well. As yet, it is unclear what the new Federal German ID (eID) will look like, but the plan is to incorporate an RFID chip and biometric reference data – and also to allow its use for authentication purposes when accessing e-government services online.
Tell me who you are
To authenticate a person, their personal features are compared with data stored in a document, such as a passport, or in a database. The aim is to determine whether the person and data uniquely match. Biometric systems are either verification or identification systems. In the case of identification, the idea is to determine a person’s identity, while the purpose of verification is to confirm or refute a person’s identity.
The principle of biometric identification is the same in all systems – regardless of their particular technological structure. The user first identifies or registers in the system. The biometrically relevant properties of this person are then recorded and converted to data records. If the user wants to pass the check, the system compares the current data with the stored data. If both match, the system "recognizes" the person and lets him or her in.
Two-dimensional – lacking a dimension
People have long been successfully applying the biometric procedure, by looking at and recognizing the faces of others and reacting accordingly. However, while people intuitively analyze additional information such as body shape and size, in addition to facial features, a computer-based does not initially have such capabilities. To date, systems have usually used a conventional photographic or video camera as a sensor to take two-dimensional frontal pictures. Before these can be processed, the “real face” must first be identified in the camera picture. A new hairstyle, natural aging, beard, and glasses make identification more difficult. It is therefore important to first identify the facial “landmarks”. These are characteristic points such as the corners of the eyes, center of the eyes, corners of the mouth, chin, or the point at which the nose begins.
In 2D facial recognition, particularly, the quality of the image must be extremely high. If certain criteria (Textbox 3) are not met, the biometric system may recognize the person very slowly, or not at all. But it is rare for the direction and expression of the face and criteria such as lighting to be identical in the reference picture and subsequent control. Another disadvantage is that 2D facial recognition is not 100 percent reliable. In real life, as in many a science fiction film, many control sensors can be deceived – by holding a photo up to the camera or playing a video of the authorized person on a laptop. In experiments, even the image quality offered by a cell phone with camera was enough to enable the checks to be passed. In addition, there are few systems that include “life recognition” to prevent the faking of an identity using an inanimate object. Devices that do not offer life recognition should therefore only be used in monitored environments.
A lot of information, improved accuracy
3D facial recognition, currently a hot topic in academic and industrial research laboratories, offers greater reliability. Compared to a simple frontal image, the three-dimensional model is better able to identify a person, even if the head is turned or the camera angle is less than ideal. Here, too, the facial landmarks are required so that the comparison and reference model can be identically aligned and similarity measurements determined. The latter are based on information such as local flexions or distances between geometric surfaces.
One key advantage of three-dimensional images: In the case of 2D images, the unknown distance between person and camera leads to images of different sizes. Three-dimensional models, on the other hand, are metrically correct. Basic head measurements such as the distance between the eyes are not lost during conversion to standardized formats or distances. 3D facial recognition also collects far more information than the 2D procedure. This increases the level of detail for the classification procedure and improves accuracy. However, the required procedures are still in the research stage.
The future is 3D
In future, though, more and more people will be confronted with biometric systems, even if they are not at all widespread today. For example, biometric systems enable access to security areas to be controlled more reliably. Examples include critical infrastructures particularly in need of protection, such as energy supply facilities, nuclear power stations, or computer centers of social importance, such as emergency services control rooms. The advantage of biometric authentication is that it reduces the risk of information being intentionally or unintentionally passed on to unauthorized persons and of access authorizations being stolen, because in contrast to purely ownership- or knowledge-based procedures, the characteristics of an individual such as physical features or patterns of behavior are directly tied to a person, usually over the long term.
In addition to enabling access controls for physical institutions, a digital ID also opens up new opportunities for logical access controls, for example for e-government or e-business applications. An ID of this kind is linked with the electronic signature and can thus safeguard electronic contracts, for example. Biometric authentication ensures that the signature key is activated in accordance with the Digital Signature Act.
Quelle: SAP Info, 06.03.2006
