There are a number of biometric controls that are used today; below we have the major implementations and their specific pros and cons with regards to access control security.
Fingerprints are the most widely used biometric control available today. Smartcards can carry fingerprint information.
Many U.S government office buildings rely on fingerprint authentication for physical access to the facility. Examples which include smart keyboards, which do requires the user to preset the fingerprint to unlock the computer’s screen saver.
The data which is probably used for storing the each person’s fingerprint must be of a small enough size to be used for authentication. This data is mathematical representation of fingerprint minutiae, which include specific details of fingerprint friction ridges like whorls, ridges, and bifurcation, among others.
A retina scan is the laser scan of the capillaries that feed the retina of the back of the eye. This can seem personally intrusive because the light beam must directly enter the pupil, and the user usually needs to press their eye to a laser scanner eyecup.
The laser scan maps the blood vessels of the retina. Health information of the user can be gained through a retina scan. Condition such as pregnancy and diabetes can be determined, which may raise legitimate privacy issues. Because of the need for close proximity of the scanner in a retina scan, exchange of bodily fluids is possible when using the retina scanning as a means of access control.
Retina scans are rarely used because of health risks and privacy issues. Alternatives should be considered for biometric controls that risk exchange of bodily fluid or raise legitimate privacy concerns.
An iris scan is a passive biometric control. A camera takes a picture of the iris, the colored portion of the eye, and then compares photos within the authentication database.
This can is able to work even if the individual is wearing contact lenses or glasses. Each person’s irises are unique, including the twins rises.
Benefits of iris scans include high-accuracy and passive scanning, which may be accomplished without the subject’s knowledge.
There is no exchange of bodily fluids the length, width, thickness, and surface area of an individual’s hand while guided on a plate.” Hand geometry devices are fairly as simple and it can store information using as few as 9 bytes.
Keyboard dynamics refer to how hard a person presses each key and the rhythm in which the key are pressed. Surprisingly, this type of access control is cheap to implement and can be effective.
As people learn how to type and use a computer keyboard, they develop specific habits that are difficult to impersonate, although not impossible.
Dynamic signature measure the process by which someone signs his/her name. This process is very similar to keyboard dynamics, except that this method measures the hand writing of the subject while they sing their name.
Measuring time, pressure, loops in the signature, and beginning and ending points all help to ensure the user is authentic.
A voiceprint measures the subject’s tone of voice while stating a specific sentence or phrase. This type of access control is vulnerable to reply attacks (replying a recorded voice), so other access controls must be implemented along with the voice print.
One such control requires subjects to state random works, which protects against an attacker playing prerecorded specific phrases.
Another issue is that people’s voices may substantially change due to illness, resulting in a false rejection.
Facial Scan technology has greatly improved over the last few years. Facial scanning (also called facial recognition) is the process of passively taking a picture of subject’s face and comparing that picture to a list stored in a database.
Although not frequently used for biometric authentication control due to the high cost, law enforcement, and security agencies use facial recognition and scanning technologies for biometric identification to improve the security of high-valued, publicly accessible targets.