Download PDF version Contact company
Identity is a foundational concept for the entire security industry – perhaps even for the entire concept of security
Accurately confirming a person’s identity is one key to improving security for
our workplaces, communities, and our nation

Perhaps I’m sensitised to the term, but it seems to me that I’m hearing the word “identity” a lot lately.  

Identity comes up in current news stories about Syrian refugees, for example. Candidates for the U.S. presidency debate how long it should take to confirm the identity of immigrants before allowing them to enter the country. Identity theft is a hot news topic too, with many stories and mentions each week.  

In truth, I’m happy for the increased awareness of the importance of identity, because in a general sense, identity is a foundational concept for the entire security industry – perhaps even for the entire concept of security. And accurately confirming a person’s identity is one key to improving security for our workplaces, communities, and our nation. 

The importance of identity

The concept of identity is a security fundamental – and affects almost every facet of the topic. Who is allowed into our country? Individual citizens, and individuals with permission. Who is allowed into a building, or controlled area? Authorised individuals. Who can give that permission or authorisation? Again, individuals with the authority to do so. Who can access a computer network, or specific stored information? Once again, individuals with permission.  

In every case, physical and electronic security in a general sense depend on the ability to connect authorities and permissions to the particular individual or individuals who hold them. This connection between identity and permissions is critical for triggering real-world actions: opening a particular door, allowing visitors, issuing keys, accessing money or materials, etc. So, maintaining security depends on correctly identifying the individual and matching them with the correct authorities and permissions. This is exactly why identity recognition in security systems is so important. 

Consider access control, for example. Many, if not most, access control systems for retail and business facilities today use card readers to enable access. In a real sense, these systems are using the card as the confirmation of the identity of the person carrying the card. Fairly obviously, this represents a very low level of identity verification, and thus translates into a low level of physical access security. This is because the link between an access card and the true identity of the individual who is carrying that card is both tenuous and vulnerable. These facilities made the determination that the relatively low level of security that can be achieved using card readers was sufficient for that facility. For these organisations, the truth is that every member of their staff is a potential weak link for criminals to gain entry.  

Security access controls systems typically use a company badge, proximity tokens, and even garage door openers
Security confirmation of an individual’s identity is based on something they have, something they know, or something they are

Confirming visitors’ and employees’ identities

How can a person’s identity be confirmed? In a general sense, there are only three ways that have been used to confirm the authorisation – and the identity – of a person for security purposes: something they have, something they know, or something they are. 

The card reader mentioned above is an example of “something they have” – in that case, an access card. Other examples commonly used in security systems, and particularly automated access control systems, include a company badge, proximity tokens, and even garage door openers. For guarded (staffed) lobbies and checkpoints, documents such as driver’s licenses, and passports are used. The weakness of each of these items is that they can be lost, stolen, or loaned to another person. 

To reduce the chances of loss and theft, other security systems use “something you know” as a confirmation of identity and authorisation, most commonly a password or passcode. In some cases, the answer to security questions can also be used. These codes are harder to misplace in such a way that they can be used by thieves, but they are vulnerable to guessing or hacking, and they can be easy to forget – particularly if they are strong passwords. And, they remain easy to ‘loan’ to another person just by telling them. 

Biometrics is based on “something you are”

The third approach, “something you are” is now more commonly known by the term “biometrics”. Common examples here include fingerprints, palm veins, facial features, and one or both irises. Biometrics have two great security advantages; they can offer higher accuracy and security than the previous methods, and they are much more difficult to lose, steal, or lend. 

Of all these approaches, the category of biometrics has the strongest link to an individual’s actual identity. It is difficult if not impossible to falsify your biometric information. In our daily lives, we almost always confirm the identity of the people that we know using a version of biometrics – we recognise the face, the body size and shape, and the voice of our friends, family and coworkers. It is only for those people we don’t know that we shift to other methods; for example, airport security screeners look at your driver’s license or passport. But even in that case, only the photo versions of these documents are accepted, because it includes near-biometric information – your photograph – that allows the screener to link you to the document.

Biometrics has the strongest link to an individual’s actual identity as it is difficult to falsify biometric information
Biometrics offer higher accuracy and security than tradition verification methods, and they
are much more difficult to lose, steal, or lend than cards or passwords

Challenges facing biometric security

If we know that biometrics work better than any other type of identity verification, why are they not the standard? Implementing more accurate identity readers would increase the level of security at any facility or secure location, including workplaces, medical facilities, and borders. The challenge has been that the higher accuracy readers also came at a higher cost, and in the past, the general security posture of most firms was lower than it is today. 

Until recently, the affordability and basic effectiveness of card readers and keypads were considered “good enough” for most applications. The higher cost and complexity of the available biometric readers, which deliver a higher level of security, were reserved for high-security facilities, such as nuclear plants or classified work.  

Now, improved technologies have made biometric identification much more available at competitive costs. Even consumer-level devices such as tablet computers and mobile phones are available with biometric sensors (fingerprints, for example) for authorising access. With many organisations now giving more attention to managing risk, cost effective biometric readers are starting to be implemented in a growing number of security systems, displacing card readers and keypads, to provide a higher level of security.  

Iris recognition next big thing in identity verification

Among all the available biometrics, the one most rapidly gaining ground is iris recognition. It is as fast, simple and safe as taking a selfie, and does not require any physical contact with a sensor. And, it has the highest accuracy among all biometrics –approximately 1000 times more accurate than fingerprint sensors. An iris cannot be shared or stolen, and iris readers cannot be fooled by makeup, hair or clothing changes. Some can even read through eyeglasses and sunglasses, in diverse weather conditions, outdoors or inside. With all these advantages, it is easy to see how iris readers could be the next big thing in access control and identity verification. 

Real security improvements

Improved security does not need to be a burden or barrier. But current identity devices may be giving a false impression of security – by not actually providing the level of protection that users are expecting. Upgrading low-accuracy identity devices such as card readers with higher-accuracy biometric identity devices would deliver a significant real increase in security without adding any burden to users, and result in a safer environment for all.

Download PDF version Download PDF version

Author profile

In case you missed it

The EU called for a ban on police use of facial recognition but not commercial use. Why?
The EU called for a ban on police use of facial recognition but not commercial use. Why?

Recently, the European Parliament called for a ban on police use of facial recognition. In the US, too, some cities have restricted police use of facial recognition. The first question that comes to mind is - why ban police from using technology that is allowed to private companies? Point of difference The key difference between the way police use facial recognition and the way commercial facial recognition products work is that: The police get a picture of a suspect from a crime scene and want to find out: "Who is the person in the picture?" That requires as wide a database as possible. Optimally - photos and identities of all the people in the world. Commercial facial recognition products such as those used by supermarkets, football stadiums, or casinos answer different questions: "Is the person in the picture on the employees' list? Is the person in the picture on a watch-list of known shoplifters?" To answer these questions doesn't require a broad database but rather a defined list of employees or a watch-list of specific people against whom there is an arrest warrant or a restraining order. Use of facial recognition AnyVision helps organisations leverage facial recognition ethically to identify known persons of interest "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". This is exactly the subject of the open letter sent by AnyVision, to the British Biometrics and Surveillance Camera Commissioner, Prof. Fraser Sampson, titled: "Facial Recognition Apps Should Be Provided to the Police with an Empty Database". AnyVision recently raised $235M from Softbank and another leading VCs is a visual AI platform company that helps organisations across the globe leverage facial recognition ethically to identify known persons of interest, including shoplifters, felons, and security threats. Ethical use of facial recognition AnyVision CEO Avi Golan wrote, "The ethical use of facial recognition is a thorny one and requires a nuanced discussion. Part of that discussion has to explain how facial recognition works, but, just as important, the discussion must also involve how the technology is used by police departments and what checks and balances are built into their processes.” “We recommend building their watchlists from the ground up based on known felons, persons of interest, and missing persons. Some facial recognition solution providers have scrapped billions of photos and identities of people from social networks, usually without their consent." "Unfortunately, this method of facial recognition has justifiably angered privacy groups and data protection agencies around the globe and damaged the public trust in accuracy and reliability of facial recognition systems.” Preventing invasion of citizen’s privacy We believe an unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced" “We believe that lists of suspects should be limited and justified. In this way, unjustified invasion of citizens' privacy can be prevented, false arrests can be reduced and public confidence in technology can be increased.” Golan added: "AnyVision is willing to share its industry insights and best practices from our vast research experience with leading global players, including name-brand retailers, global hospitality and entertainment companies, and law enforcement agencies from around the world.” Balancing public order and crime prevention “If the regulations set forth by Surveillance Camera Code of Practice are committed to the principles outlined above, then law enforcement agencies can strike the right balance between the need to maintain public order and prevent crime with the rights of every person to privacy and non-discrimination before the law." Recently Clearview AI CEO told Wired; the company has scraped 10 billion photos from the web - 3 times more than was previously known.

Sensor data fusion for more reliable intrusion alarm systems
Sensor data fusion for more reliable intrusion alarm systems

Intrusion alarm systems are currently facing a growing number of potential error sources in the environment. At the same time, alarm systems must comply with increasingly demanding legal requirements for sensors and motion detectors. As a future-proof solution, detectors equipped with Sensor Data Fusion technology raise the level of security while reducing the risk of cost- and time-intensive false alarms. This article provides a comprehensive overview of Sensor Data Fusion technology. Anti-masking alarms A cultural heritage museum in the South of Germany for decades, the installed intrusion alarm system has provided reliable protection on the premises. But suddenly, the detectors trigger false alarms every night after the museum closes. The system integrators are puzzled and conduct extensive tests of the entire system. When they finally identify the culprit, it’s unexpected: As it turns out, the recently installed LED lighting system in the museum’s exhibition spaces radiates at a wavelength that triggers anti-masking alarms in the detectors. Not an easy fix situation, since a new lighting system would prove far too costly. Ultimately, the integrators need to perform extensive detector firmware updates and switch to different sensor architecture to eliminate the error source.  This scenario is by no means an isolated incident, but part of a growing trend. Need for reliable detector technology Legal requirements for anti-masking technology are becoming stringent in response to tactics by criminals The number of potential triggers for erroneous alarms in the environment is on the rise. From the perspective of system operators and integrators, it’s a concerning development because every false alarm lowers the credibility of an intrusion alarm system. Not to mention steep costs: Every false call to the authorities comes with a price +$200 tag.   Aside from error sources in the environment, legal requirements for anti-masking technology are becoming more stringent in response to ever more resourceful tactics employed by criminals to sidestep detectors. What’s more, today’s detectors need to be fortified against service outages and provide reliable, around-the-clock operability to catch intruders in a timely and reliable fashion. Sensor Data Fusion Technology In light of these demands, one particular approach has emerged as a future-proof solution over the past few years: Sensor Data Fusion technology, the combination of several types of sensors within one detector – designed to cross-check and verify alarm sources via intelligent algorithms – holds the keys to minimising false alarms and responding appropriately to actual alarm events. This generation of detectors combines passive infrared (PIR) and microwave Doppler radar capabilities with artificial intelligence (AI) to eliminate false alarm sources without sacrificing catch performance. Motion detectors equipped with Sensor Data Fusion technology present a fail-proof solution for building security “It’s not about packing as many sensors as possible into a detector. But it’s about including the most relevant sensors with checks and balances through an intelligent algorithm that verifies the data for a highly reliable level of security. The result is the highest-possible catch performance at the minimum risk for erroneous alarms,” said Michael Reimer, Senior Product Manager at Bosch Security Systems. Motion detectors with sensor data fusion Looking ahead into the future, motion detectors equipped with Sensor Data Fusion technology not only present a fail-proof solution for building security. The comprehensive data collected by these sensors also unlock value beyond security: Constant real-time information on temperature and humidity can be used by intelligent systems and devices in building automation. Integrated into building management systems, the sensors provide efficiency improvements and lowering energy costs Integrated into building management systems, the sensors provide the foundation for efficiency improvements and lowering energy costs in HVAC systems. Companies such as Bosch support these network synergies by constantly developing and optimising intelligent sensors. On that note, installers must be familiar with the latest generation of sensor technology to upgrade their systems accordingly, starting with a comprehensive overview of error sources in the environment. Prominent false alarm triggers in intrusion alarm systems The following factors emerge as frequent triggers of false alarms in conventional detectors: Strong temperature fluctuations can be interpreted by sensors as indicators of a person inside the building. Triggers range from floor heating sources to strong sunlight. In this context, room temperatures above 86°F (30°C) have proven particularly problematic. Dust contamination of optical detectors lowers the detection performance while raising susceptibility to false alarms. Draft air from air conditioning systems or open windows can trigger motion sensors, especially when curtains, plants, or signage attached to the ceilings (e.g. in grocery stores) are put in motion. Strong light exposure directly on the sensor surface, e.g. caused by headlights from passing vehicles, floodlights, reflected or direct sunlight – all of which sensors may interpret as a flashlight from an intruder. Extensive bandwidth frequencies in Wi-Fi routers can potentially confuse sensors. Only a few years ago, wireless routers operated on a bandwidth of around 2.7GHz while today’s devices often exceed 5GHz, thereby catching older detectors off guard. LED lights radiating at frequencies beyond the spectrum of visible light may trigger sensors with their infrared signals. Regarding the last two points, it’s important to note that legislation provides clear guidelines for the maximum frequency spectrum maintained by Wi-Fi routers and LED lighting. Long-term security But the influx of cheap and illegal products in both product groups – products that do not meet the guidelines – continues to pose problems when installed near conventional detectors. For this reason, Sensor Data Fusion technology provides a reliable solution by verifying alarms with data from several types of sensors within a single detector. Beyond providing immunity from false alarm triggers, the new generation of sensors also needs to comply with the current legislature. These guidelines include the latest EN50131-grade 3, and German VdS class C standards with clear requirements regarding anti-masking technology for detecting sabotage attempts. This is exactly where Sensor Data Fusion technology provides long-term security. Evolution of intrusion detector technology Initially, motion detectors designed for intrusion alarm systems were merely equipped with a single type of sensor; namely passive infrared technology (PIR). Upon their introduction, these sensors raised the overall level of building security tremendously in automated security systems. But over time, these sensors proved limited in their catch performance. As a result, manufacturers began implementing microwave Doppler radar capabilities to cover additional sources of intrusion alarms. First step detection technology In Bosch sensors, engineers added First Step detection to trigger instant alarms upon persons entering a room Over the next few years, sensors were also equipped with sensors detecting visible light to catch flashlights used by burglars, as well as temperature sensors. In Bosch sensors, engineers added proprietary technologies such as First Step detection to trigger instant alarms upon persons entering a room. But experience in the field soon proved, especially due to error sources such as rats and other animals, that comprehensive intrusion detection demands a synergetic approach: A combination of sensors aligned to cross-check one another for a proactive response to incoming signals. At the same time, the aforementioned bandwidth expansion in Wi-Fi routers and LED lighting systems required detectors to implement the latest circuit technology to avoid serving as ‘antennas’ for undesired signals. Sensor data fusion approach At its very core, Sensor Data Fusion technology relies on the centralised collection of all data captured by the variety of different sensors included in a single detector. These data streams are directed to a microprocessor capable of analysing the signals in real-time via a complex algorithm. This algorithm is the key to Sensor Data Fusion. It enables the detector to balance active sensors and adjust sensitivities as needed, to make truly intelligent decisions regarding whether or not the data indicates a valid alarm condition – and if so, trigger an alarm. Advanced verification mechanisms The current generation of Sensor Data Fusion detectors, for instance from Bosch, feature advanced verification mechanisms, including Microwave Noise Adaptive Processing to easily differentiate humans from false alarm sources (e.g. ceiling fans or hanging signs). For increased reliability, signals from PIR and microwave Doppler radar are compared to determine whether an actual alarm event is taking place. Additionally, the optical chamber is sealed to prevent drafts and insects from affecting the detector, while the detector is programmed for pet and small animal immunity. Sensor cross-verification Further types of sensors embedded in current and future generations of Sensor Data Fusion detectors include MEM-sensors as well as vibration sensors and accelerometers. Ultimately, it’s important to keep in mind that the cross-verification between sensors serves to increase false alarm immunity without sacrificing the catch performance of actual intruders. It merely serves to cover various indicators of intrusion. Protecting UNESCO World Cultural Heritage in China Intelligent detectors equipped with Sensor Data Fusion are protecting historic cultural artifacts in China from theft and damage. At the UNESCO-protected Terracotta Warriors Museum site, one hundred TriTech motion detectors from Bosch with PIR and microwave Doppler radar technology safeguard the invaluable treasures against intruders. To provide comprehensive protection amid the specific demands of the museum site, the detectors have been installed on walls and ceilings to safeguard the 16,300-square-meter museum site. To ensure an optimal visitor experience without interference from glass walls and other barriers, many detectors are mounted at a height of 4.5 meters (15 feet) above ground under the ceiling. Despite their height, the detectors provide accurate data around the clock while exceeding the performance limits of conventional motion detectors, which clock out at a mere 2 meters (6 feet) catchment area. Integrated video systems The site also presents additional error sources such as large amounts of dust that can contaminate the sensors, as well as visitors accidentally dropping their cameras or mobile phones next to museum exhibits. To distinguish these events from actual criminal activity, the intrusion alarm system is integrated with the museum’s video security system. This allows for verifying alarm triggers with real-time video footage at a fast pace: In the case of an actual alarm event, the system alerts the on-site security personnel in the control room in less than two seconds. Added value beyond security Sensor Data Fusion technology provides a viable solution for the rising number of error sources in the environment As of today, Sensor Data Fusion technology already provides a viable solution for the rising number of error sources in the environment while providing legally compliant building security against intruders. In light of future developments, operators can leverage significant added value from upgrading existing systems – possibly without fundamentally replacing current system architecture – to the new detector standard. Added value how? On one hand, the detectors can integrate with access control, video security, voice alarm, and analytics for a heightened level of security. These synergetic effects are especially pronounced on end-to-end platforms like the Bosch Building Management system. On the other hand, the data streams from intelligent detectors also supply actionable intelligence to building automation systems, for instance as the basis for efficiency improvements and lowering energy consumption in HVAC systems. New backward-compatible detectors Bosch will release a new series of commercial detectors by end of 2021, based on the latest research on risk factors for false alarm sources in the environment and line with current legislation and safety standards. Throughout these developments, installers can rest assured that all new detectors are fully backward compatible and work with existing networking/architecture. With that said, Sensor Data Fusion technology emerges as the key to more secure intrusion alarm systems today and in the future. TriTech detectors from Bosch For reliable, fail-proof alarms the current series of TriTech detectors from Bosch relies on a combination of different sensor data streams, evaluated by an integrated algorithm. These Sensor Data Fusion detectors from Bosch combine up to five different sensors in a single unit, including: Long-range passive infrared (PIR) sensor Short-range PIR sensor Microwave sensor White light sensor Temperature sensor Equipped with these sensors, TriTech detectors are capable of detecting the most frequent sources of false alarms; from headlights on passing cars to a mouse passing across the room at a 4.5-meter distance to the detector. What’s more, TriTech detectors provide reliable performance at room temperatures above 86°F (30°C) while fully guarding against actual intrusion and sabotage attempts from criminals.

Get the most from investments in building security
Get the most from investments in building security

From analogue to digital, from stand-alone to interlinked, building systems are in a state of transition. Moreover, the rate of change shows no sign of slowing, which can make it difficult to keep up to date with all the latest developments. If asked to pinpoint the single biggest driver of this revolution, one could point out the growing clamour for platform convergence. A security guard in a building doesn’t want to use different systems to check video cameras, fire alarms or if someone has entered a restricted area: – it simply isn’t efficient. For similar reasons, a building manager wants a single interface to control heating and lighting to match fluctuating occupancy levels, particularly in a hybrid working model. Applying the digital glue The demand from end-users for system convergence is growing, but to achieve full interoperability you still need to apply some ‘digital glue’ and that requires expertise. Yet bringing together disparate systems from different manufacturers can be problematic. Just as you get things to work, someone upgrades their solution and your carefully implemented convergence can start to come unstuck. Managing an implementation can quickly become more complicated, today’s quick-fix can become tomorrow’s headache This is one of the principal issues with all types of new technology; not everyone will choose the same path to reach the desired goal – it’s the old VHS/Betamax argument updated for building management and security systems. Managing and maintaining an implementation can quickly become more complicated than it first appears and without proper oversight, today’s quick-fix can become tomorrow’s technical headache. Effective support for a hybrid workforce Today’s hybrid workforce is a response to the pandemic that looks set to become an established part of working life for many companies across the world. Security systems have a massive role to play in facilitating this transformation that goes beyond simple intrusion detection, access control, and video monitoring. They can identify the most densely populated areas in a building to comply with social distancing guidelines and provide efficient use of space. The insights gathered from a security system can also be used to identify patterns of behaviour, which can then be used for planning and directing the use of building space to help create the best possible working environment while also minimising heating, lighting, and air conditioning expenditures. Identity credentials can help manage compliance with industry regulations by limiting access to certain areas Similarly, identity credentials – either biometric or mobile-based – can help manage compliance to industry regulations by limiting access to certain areas only to approved employees. Creating and maintaining the appropriate level of functionality requires a combination of innovative solutions and industry experience. The complete security package It’s not just physical security that’s important – cybersecurity is a major focus, too. Bringing together both the physical security and cybersecurity realms is increasingly becoming a ‘must have’ capability. What is evident is that the pace of technological change is faster than ever. Today’s functionality simply wouldn’t have been possible just a few years ago, while today’s leading-edge developments may seem commonplace in five years.