Over the past few years, biometrics has rapidly expanded into consumer applications, like the financial market for customer authentication, to payment services and withdrawing cash from ATMs in high-fraud markets. However, its adoption as an additional authentication factor for physical access control systems (PACS) and other enterprise applications, hasn’t been as rapid. But this is changing.

Biometrics offers numerous benefits at the door and throughout the enterprise. With the advent of new anti-spoofing capabilities, and its integration into secure trust platforms that protect privacy and support a variety of RFID credential technologies, biometric authentication is poised to deliver a much higher matching speed and better overall performance. This will dramatically improve an organisation's security, whilst enhancing user convenience.Newer solutions are overcoming security and convenience hurdles to help realise the full potential of biometrics

Challenges for biometric authentication

Biometrics fuses convenience and security while validating “true identity” versus identity that is associated to the possession of an ID card. As an example, biometrics prevents a user from taking someone else’s card and obtaining access to privileged resources. This adds the human element to traditional methods of authentication, strengthening security by combining something the user “is” with something the user “has” or “knows.”

According to the firm ABI Research in its May 2018 study, Biometric Technologies and Applications, the total fingerprint sensor shipments for the entire consumer market is “estimated to reach 1.2 billion worldwide for 2018, thus ensuring its market dominance.It has been far too easy for fraudsters to create a fake fingerprint and present it to a reader

Despite the benefits of fingerprint authentication in numerous consumer applications, there have been impediments to its broader adoption in the enterprise. While price has been one big roadblock, there have also historically been other reasons for its slower-than-expected growth.

First, many technologies are still vulnerable to spoofs and hacking. It has been far too easy for fraudsters to create a fake fingerprint and present it to a reader. Equally troublesome, older products have not been able to move users through the doors as fast as a simple ID card and reader. In general, all fingerprint capture technologies are not equal amongst older products, and there can be significant differences in performance.

Developing Technology Performance

Newer solutions are overcoming these security and convenience hurdles to help realise the full potential of biometrics. Their development has focused on three key areas:

  1. How fingerprint images are captured – if the image can’t be properly captured, the rest of the process fails
  2. The implementation of liveness detection to enhance trust – even in the case when the image is properly captured, if it is fake the system cannot be trusted
  3. Optimising performance through a combination of new technology and algorithms, whilst ensuring interoperability so the performance can be trusted.
The top-performing solutions capture usable biometric data on the first attempt for every user. They also speed the process of determining that the biometric data is not a fake
The skin is illuminated at different depths to deliver much richer data about the surface and sub-surface features of the fingerprint

Optimising capture

The quality of the captured image is critical, across all types of fingerprints and environments. Many customers choose sensors that use multispectral imaging because it collects information from inside the finger to augment available surface fingerprint data. The skin is illuminated at different depths to deliver much richer data about the surface and sub-surface features of the fingerprint The skin is illuminated at different depths to deliver much richer data about the surface and sub-surface features of the fingerprint.

Additionally, the sensor collects data from the finger even if the skin has poor contact with the sensor, because of environmental conditions such as water or finger contamination. Multispectral sensors work for the broadest range of people with normal, wet, dry or damaged fingers, across the widest range of usage conditions – from lotions or grease to sunlight to wet or cold conditions. The sensors also resist damage from harsh cleaning products and contamination from dirt and sunlight.

Liveness detection

Liveness detection is the ability to determine that the biometric data captured by the fingerprint reader is from a real living person, not a plastic fake or other artificial copy. An increasingly visible dimension of biometric performance in commercial applications, liveness detection is critical for preserving trust in the integrity of biometrics authentication. At the same time, it must not impede performance or result in excessive false user rejections.While liveness detection optimises performance, it is also important to ensure that this performance can be trusted

The most trusted multispectral imaging fingerprint sensors with liveness detection provide a real-time determination that the biometric captures are genuine and are being presented by the legitimate owner, rather than someone impersonating them. This capability leverages the image-capture approach of using different colors or spectrum of light to measure the surface and subsurface data within a fingerprint.

In addition to this optical system, the biometrics sensor features several core components, including an embedded processor that analyses the raw imaging data to ensure that the sample being imaged is a genuine human finger rather than an artificial or spoof material. Advanced machine learning techniques are used so the solution can adapt and respond to new threats and spoofs as they are identified.

While liveness detection and the underlying capture technology optimises performance, it is also important to ensure that this performance can be trusted. This requires adequate testing to ensure interoperability with template matching algorithms.

Extensive interoperability testing must be performed by skilled and independent third parties like the National Institute of Standards and Technology (NIST) so that performance data can actually be trusted in all template-matching modes, and not simply a vendor claim.
The first requirement for incorporating biometrics into a physical access control solution is a secure trust platform

Trusted performance

The top-performing solutions capture usable biometric data on the first attempt for every user. They also speed the process of determining that the biometric data is not a fake, and they quickly perform template matching to reject impostors and match legitimate users.The card/mobile plus finger mode is one of the fastest-growing two-factor authentication use cases for securing access to both physical and digital places To trust this performance, though, the focus must be elsewhere: on interoperability with template-matching algorithms. Extensive interoperability testing must be performed by skilled and independent third parties like the National Institute of Standards and Technology (NIST) so that performance data can actually be trusted in all template-matching modes, and not simply a vendor claim.

Template matching modes

  • Template-on-card and card/mobile + finger modes using “1:1” template-matching profiles authenticates a person’s identity by comparing the person’s captured biometric template with one that is pre-stored in a database.
  • Template-on-device mode for finger-only authentication using “1:N” matching compares the person’s captured biometric template against all stored biometric templates in the system).

The card/mobile plus finger mode is one of the fastest-growing two-factor authentication use cases for securing access to both physical and digital places.Cryptography prevents any man-in-the-middle attacks while also protecting the biometric database

As an example of how to deliver trusted performance, HID Global uses the top-ranked NIST certified MINEX III minutia algorithm to ensure interoperability with industry-standard fingerprint template databases. This interoperability ensures that today’s systems, which are based on much more powerful hardware than in the past, will perform accurate 1:N identification of a full database in less than a second.

Physical access control integration

The first requirement for incorporating biometrics into a physical access control solution is a secure trust platform designed to meet the concerns of accessibility and data protection in a connected environment. The platform should leverage credential technology that employs encryption and a software-based infrastructure to secure trusted identities on any form factor for physical access control, access to IT networks and beyond.

Cryptography prevents any man-in-the-middle attacks while also protecting the biometric database. This system also must encompass remote management of all readers and users, spanning all onboarding as well as template loading and enrolment activities for supported authentication modes.

Biometrics data must be handled like all sensitive and identifying information, and properly architected system designs will always consider and protect against both internal and external threats and attacks
Properly implemented, biometrics solutions with liveness detection also protect privacy – if you can’t use a fake finger, it is meaningless

Other important focus areas include configuration and administration, plus all logs, reports and monitoring.New system architectures and data models have been created to protect personal information and maintain user privacy It should be possible to manage biometric readers as groups or individually over the network, and tools should be available to allow system administrators to manage all configuration settings from time and data to language, security and synchronisation. The system should enable continuous live monitoring of authentication, alerts and system health, and provide a rich set of associated reporting tools.

There are also backend implementation decisions to be made, including how a biometric authentication system will be seamlessly integrated into third-party systems. This is another major pain point of biometric technology. To simplify deployment, application programming interfaces (APIs) should be available for direct integration of the biometrics authentication solution with the access control infrastructure.

Privacy considerations

Properly implemented, biometrics solutions with liveness detection also protect privacy – if you can’t use a fake finger, then even if you did obtain someone’s fingerprint data, it is meaningless. Strong and updatable liveness protection is critical if biometrics are to eliminate the need to use PINs or passwords.Strong and updatable liveness protection is critical if biometrics are to eliminate the need to use PINs or passwords

Biometrics data must be handled like all sensitive and identifying information, and properly architected system designs will always consider and protect against both internal and external threats and attacks. New system architectures and data models have been created to protect personal information and maintain user privacy.

Beyond the encryption of the data itself, there are now many good alternatives available for building highly secure and well protected systems, including the use of multi-factor and even multi-modal authentication to maintain security even if some identifying data is compromised.

Today’s modern fingerprint authentication solutions are on a fast track to deliver a unique combination of ease of use, availability and convenience and higher security to physical access control systems.

With their latest improvements in liveness detection, system architectures, performance and ability to be easily incorporated into access control solutions, they seamlessly combine security and convenience to make them a viable option when accessing a facility, networks and services. These solutions deliver a higher confidence of “who” is being admitted through the building’s front door, where it really matters.

Download PDF version Download PDF version

Author profile

Wayne Pak Director of Product Marketing, Physical Access Control Solutions, HID Global

In case you missed it

The EU called for a ban on police use of facial recognition but not commercial use. Why?
The EU called for a ban on police use of facial recognition but not commercial use. Why?

Recently, the European Parliament called for a ban on police use of facial recognition. In the US, too, some cities have restricted police use of facial recognition. The first question that comes to mind is - why ban police from using technology that is allowed to private companies? Point of difference The key difference between the way police use facial recognition and the way commercial facial recognition products work is that: The police get a picture of a suspect from a crime scene and want to find out: "Who is the person in the picture?" That requires as wide a database as possible. Optimally - photos and identities of all the people in the world. Commercial facial recognition products such as those used by supermarkets, football stadiums, or casinos answer different questions: "Is the person in the picture on the employees' list? Is the person in the picture on a watch-list of known shoplifters?" To answer these questions doesn't require a broad database but rather a defined list of employees or a watch-list of specific people against whom there is an arrest warrant or a restraining order. Use of facial recognition AnyVision helps organisations leverage facial recognition ethically to identify known persons of interest "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". This is exactly the subject of the open letter sent by AnyVision, to the British Biometrics and Surveillance Camera Commissioner, Prof. Fraser Sampson, titled: "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". AnyVision recently raised $235M from Softbank and another leading VCs is a visual AI platform company that helps organisations across the globe leverage facial recognition ethically to identify known persons of interest, including shoplifters, felons, and security threats. Ethical use of facial recognition AnyVision CEO Avi Golan wrote, "The ethical use of facial recognition is a thorny one and requires a nuanced discussion. Part of that discussion has to explain how facial recognition works, but, just as important, the discussion must also involve how the technology is used by police departments and what checks and balances are built into their processes.” “We recommend building their watchlists from the ground up based on known felons, persons of interest, and missing persons. Some facial recognition solution providers have scrapped billions of photos and identities of people from social networks, usually without their consent." "Unfortunately, this method of facial recognition has justifiably angered privacy groups and data protection agencies around the globe and damaged the public trust in accuracy and reliability of facial recognition systems.” Preventing invasion of citizen’s privacy We believe an unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced" “We believe that lists of suspects should be limited and justified. In this way, unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced and public confidence in technology can be increased.” Golan added: "AnyVision is willing to share its industry insights and best practices from our vast research experience with leading global players, including name-brand retailers, global hospitality and entertainment companies, and law enforcement agencies from around the world.” Balancing public order and crime prevention “If the regulations set forth by Surveillance Camera Code of Practice are committed to the principles outlined above, then law enforcement agencies can strike the right balance between the need to maintain public order and prevent crime with the rights of every person to privacy and non-discrimination before the law." Recently Clearview AI CEO told Wired; the company has scraped 10 billion photos from the web - 3 times more than was previously known.

Dahua Technology shows how intelligent cameras enhance safety in nursing homes
Dahua Technology shows how intelligent cameras enhance safety in nursing homes

Patient falls in nursing homes are a serious problem. In the United States, for example, around 1,800 elderly people, living in nursing facilities, die each year from injuries related to falls, according to the Nursing Home Abuse Center. Those patients who survive their injuries often have a reduced quality of life and suffer some form of permanent disability. Rise in nursing home patient falls Figures show that between 50% and 75% of nursing home residents suffer falls each year, twice the chances of falling when compared to seniors who live in a regular residential community. It has been a prevalent challenge to detect falls quickly and effectively, especially when these occur in residents’ bedrooms. In the United Kingdom, the Care Quality Commission has recognised that the use of CCTV may be one of the best ways to ensure safety and quality of care. However, using video surveillance also brings into question other security issues, such as privacy and data protection. Dahua’s WizMind technologies WizMind embraces human-based AI (Artificial Intelligence), for a whole host of applications across verticals This is where Dahua Technology’s WizMind technologies come into play. WizMind embraces human-based AI (Artificial Intelligence), for a whole host of applications across verticals, such as retail, energy, finance, transportation and of course, health and social care. Specific to the health and social care sector are deep-learning algorithms, to protect the privacy of the face and body in real-time, and stereo analysis, which combines dual-lens cameras with three-dimensional scene analysis, in order to detect sudden physical movement, such as falls. Stereo video analysis The growth of AI applications has enabled the greater availability of 3D scene analysis solutions, thereby enabling objects and people to be analysed in three dimensions. Dahua Technology’s stereo analysis uses two lenses, in order to capture separate images of the same scene. It then computes the ‘optical parallax’ of spatial points in the two images, providing 3D information of the scene. The stereo vision mimics the depth of view that comes from humans having two eyes, known as binocular vision. Combined with deep-learning algorithm Combined with a deep-learning algorithm, stereo analysis can recognise event patterns, such as falls and other movement-based behaviours, such as people approaching, the detection of an abnormal number of people in an area, and violent behaviour. In nursing and care homes, stereo analysis cameras can help staff monitor residents, in case of emergency and respond to residents’ problems, such as tripping and falls. The cameras can view all three dimensions of subjects and together with its deep-learning algorithm, can immediately alert staff to any unusual or sudden movement, such as would be evident in a fall. Cameras in communal areas and bedrooms With cameras situated both in communal areas and in bedrooms, the staff is able to respond quickly to incidents With cameras situated both in communal areas and in bedrooms, the staff is able to respond quickly to incidents, which may otherwise stay undiscovered for hours. An example of such a scenario is a nursing home in Singapore, which has a capacity of around 400 beds and is divided into 14 separate living environments, with each designed to be a home-like living area. Dahua cameras with intelligent fall detection technology Dahua cameras, such as IPC-HDW8341X-BV-3D with intelligent fall detection technology were installed, including the provision of 167 stereo analysis cameras inside each bedroom. These trigger an alarm, in the case of incidents, such as a fall, allowing immediate response by staff. Not only does this enhance the well-being and safety of residents, but it also can reduce the nursing home’s labour costs. In addition, Stereo Analysis can also be applied in other application scenarios. An underground unmanned bicycle parking garage in Amsterdam, for instance, has installed Dahua Technology’s behaviour analysis cameras, to detect abnormal events and prevent accidents, such as people tripping and falling, or suspicious individuals wandering around the area. Privacy Protection 2.0 technology While monitoring their situation inside the nursing home, Dahua also adopts Privacy Protection 2.0 technology that features masking of human face and body, to protect the residents’ privacy. It involves the restriction of what can be seen in video images and applies equally to live, and recorded images. Digital masking takes place on the front-end device (e.g. network camera). Dahua’s Privacy Protection 2.0 provides real-time occlusion of the body and face and enables users to access recorded videos, without having to overlay faces with mosaic masks. It also offers additional occlusion options, such as irregular polygons, mosaics and coloured blocks, and allows code exporting based on specified targets, ensuring the privacy of subjects. Privacy and security in evidence collection Stereo video analysis and privacy protection come into their own in nursing homes and healthcare facilities Benefits offered include non-pixelated human targets, allowing for privacy and security in evidence collection. The technology also allows for face and human attributes analysis, without breaching people’s privacy, making it ideal for nursing homes. Stereo video analysis and privacy protection come into their own in nursing homes and healthcare facilities. It allows the close monitoring of residents or patients to help ensure their well-being and safety, while at the same time protecting the privacy of often vulnerable individuals. Dahua TechMonth As part of the Dahua TechMonth, this blog highlights how Dahua’s stereo analysis technology, combined with privacy protection, can provide a valuable tool to help staff respond to incidents quickly and efficiently, including falls, without infringing on people’s data protection rights. In the next blog, Dahua Technology will be discussing the WizMind application of human metadata, enabling users to maximise situational awareness and analysis of events. 

Eagle Eye’s Uncanny Vision deal highlights value of combining AI and cloud
Eagle Eye’s Uncanny Vision deal highlights value of combining AI and cloud

The trend of video customers moving to the cloud has reached a tipping point. At the same time, artificial intelligence (AI) is being adopted on a massive scale. Combining the two trends adds a higher level of value than either component individually. Merging the power of AI and the cloud is a driving force behind cloud surveillance company Eagle Eye Networks’ acquisition of Uncanny Vision, an AI and video analytics company headquartered in Bangalore, India. Expensive AI resources Cloud systems empower customers to leverage AI without having to install and program complicated and expensive hardware, in effect stripping away the barriers to entry that customers face when seeking to embrace AI. The cloud also enables customers to share expensive AI resources. One of the key components is ease of deployment – click, click and turn on the AI for any camera" Simplicity of implementation is crucial to the combined value proposition of Eagle Eye Networks and Uncanny Vision. “One of the key components is ease of deployment – click, click and turn on the AI for any camera (in a cloud system),” says Dean Drako, Eagle Eye Networks CEO. There is also a benefit of having AI systems networked, enabling 25 banks to perform facial recognition of customers from a single cloud-based system, he adds. A transition is also under way in the perception of AI. Video surveillance applications While previously it was seen as an add-on to surveillance systems, now it is seen as a very desirable feature on any system. “Centralised management of the cloud benefits the AI database,” says Drako. “In a project built around licence plate recognition (LPR), for example, all the data goes up to the cloud into a single database, and the customer can get a mobile view of everything going on across the world. You can’t do that without the cloud. And AI for LPR is more accurate.” Uncanny Vision’s targeted focus on AI for video surveillance applications was one factor that attracted Eagle Eye Networks to make the acquisition, says Drako. In contrast, some other companies have embraced broader applications of video AI. Uncanny Vision also has more customers using their system in real-world applications than competitors. Finally, the acquisition will help to expand Eagle Eye Networks’ presence in the LPR market, where Uncanny Vision is especially strong. Improving business operations The 60 employees at Uncanny Vision are mostly engineers and programmers Uncanny Vision’s deep learning algorithms enable recognition, identification, and prediction, improving business operations, customer service, and site safety. Applications include smart parking, retail, smart cities, ATM monitoring, worker safety and perimeter security. The 60 employees at Uncanny Vision are mostly engineers and programmers. “These guys understand how to translate AI algorithms to run very efficiently on various types of hardware,” says Drako. “They optimise how they get the code to run so we can implement in the cloud cost-effectively. They do it at a modest cost to make it more accessible. They understand how to deploy software for high performance on low-cost hardware.” For Uncanny Vision, the new ownership provides more reach. “We have a huge channel and a huge brand,” says Drako. “They are strong technical guys who need a sales and solution channel.” Video analytics solutions Even in light of the acquisition, Eagle Eye Networks will continue to provide a selection of third-party AI and video analytics solutions to customers. Use of AI and video analytics is specific to the application and business needs of each customer. Use of AI and video analytics is specific to the application and business needs of each customer In addition to AI functionality, systems need a ‘business logic’ component that drives how that capability is integrated into a system. System needs vary widely by vertical market, and many third-party vendors are focused on a specific vertical and how AI can benefit that market. Recurring monthly revenue “Third parties can provide analytics and the business logic, which is different for a factory, an office building or for a drive-thru restaurant,” says Drako. “The market is looking for many solutions, and one company couldn’t own a majority of them.” To ensure flexibility, Eagle Eye Networks will accommodate third party solutions, deploy their own analytics, or leverage analytics embedded in cameras. For Eagle Eye Networks’ dealer and integrator customers, the expansion into AI presents a new opportunity for recurring monthly revenue (RMR) and provides greater value to customers. Drako says the impact of the acquisition will be global as AI applications grow in popularity worldwide.