A Biometric Access Control System recognizes patterns as a method of authentication based on specific types of biometric data from a person.
What is Authentication?
Authentication is the process of verifying the identity of a person or device. It is a security measure that is used to ensure that only authorized individuals or devices are able to access certain resources or perform certain actions.
There are various methods of authentication that can be used, depending on the context and the level of security that is required. Some common methods of authentication include:
-
Password: This is the most common form of authentication and involves the user providing a password that they have previously set up.
-
Two-factor authentication: This involves the use of two different authentication methods, such as a password and a security token, to confirm the user's identity.
-
Biometric authentication: This involves the use of a physical characteristic of the user, such as their fingerprint or facial features, to confirm their identity.
-
Token-based authentication: This involves the use of a physical token, such as a security key or a one-time password, to confirm the user's identity.
Authentication is an important part of computer and network security, as it helps to prevent unauthorized access to sensitive data and systems.
Factors to consider when choosing the right system:
Age Range of Users and Work Environment
Some biometric technologies are age dependent. For instance: A biometric fingerprint reader does not well with young or old people. This is from a combination of two major factors. The reference points for a biometric fingerprint reader are the fine lines/minutia of the finger. Young hands/fingers have immature prints and the reference points across the finger are immature or poorly defined. Similarly fingerprints of “older” people / staff may be worn down to the point that like the children’s fingerprints – they are poorly defined. This is also NOT exclusive to these two groups, and there are about 3-4% of the population that have “bad” prints. Also another dynamic is the work environment; where a person may have occluded prints because of calluses on their fingers from hard hand usage this might prevent a reasonable image from being captured by the reader.
Environment- Inside/Outside
Certain technologies lend themselves to certain environments. Outdoor cold and wet environments prevent hand geometry readers from working well as they require heat, otherwise the image may be occluded by rain, snow, sleet, ice, etc... This can often happen to fingerprint readers; if they are not in a sheltered environment. Lighting effects good facial images and similarly requires thought in placement, usage and throughput.
Environment- Biologically Clean
Certain sites require care in the type of biometric sensor that is to be deployed. Hospitals and Medical Centers have concerns for and require a biologically clean environment. Any sensor that requires direct contact, either in a 2D or 3D environment will be problematic. Similarly in schools where many students might use the same device for access, there is a risk of spreading infections by direct transfer with the biometric device.
Throughput- Number of Anticipated Users
Certain biometric readers take time to use and are more suited to areas where traffic is light. As a rule of thumb, think 3 seconds for standard entry with Two factor authentication. If the client needs Three factor authentication, allow 5 seconds if it is a fingerprint. Facial recognition is faster, as is Iris scan – but it takes more training and may not be suitable given its higher initial cost, and the parameters of the installed site.
Access In and Out
Where/when high security requires tight control; the end-user may require biometric access readers in and out of the facility. This is often required in unmanned remote sites, where the transactions are subsequently linked to a Time and Attendance report or “on-site” report.
Lighting, Ambient or Controlled
Some biometric devices need good light – thus both Facial Recognition and though less so, Iris Scan readers, need consistent light at the readers. Poor reads may limit throughput and validity of the transaction.
Offsite Management and Storage
Be aware that biometric readers create a larger template data size than a normal access credential by a factor of as much as 10:1 . That storage, and the transmission of the data, requires forethought as historical records and the sheer size of the initial image take up room either at the controller or the server. Thus fewer people may be able to be stored in the local controller and mass storage devices need to be larger to accommodate the larger amount of data. In some later generation biometrics applications; the “biometric” template is stored on the card. This significantly reduces the online storage costs.
Risk, Government Contracts and R&D Development
Certain R & D sites and Government entities might require additional security beyond the standard TWIC/PIV card. These may include areas where very tight control may limit the types of biometric solutions that can be deployed. A full containment suit does not lend itself to a biometric fingerprint. In those environments, an IRIS recognition reader may be the only practical biometric solution, reading through say a gas mask. It is critical that the environment is known and the associated “security risk” is recognized before deployment.
Security
Most of the “passive” card technologies have been copied and equipment is available to duplicate these cards from suppliers such as Amazon and Alibaba, to name a few. Passive and active cards can also be “sniffed” and “echoed”.