Download PDF version Contact company

Biometrics help secure airports around the world, but the protection doesn’t stop there.  Nathan Cummings explores the application of Biometrics further.

Travel to the United States, and chances are good that at the gate, you’ll be greeted by a machine rather than a person. Like a customs agent reading a passport, these machines use physical features to confirm that you really are who you claim to be – except that unlike a person, they can’t be fooled, bribed or cajoled.

That’s exactly the high level of security that today’s airports demand.  It’s also why the United States isn’t alone in aggressively adopting biometrics.  Hong Kong, for example, plans to begin issuing passports with digital fingerprints in early 2007 so that their citizens comply with the security requirements of other countries, including the United States.

Travellers aren’t the only people at airports who are carrying biometric identification. Between 12 and 15 million U.S. Transportation Security Administration employees will receive biometric smart cards.  Some airports already use biometrics to control access to restricted areas such as tarmacs and baggage loading. For example, in 2002, the Greater Rochester International Airport in New York deployed a facial-recognition system that uses biometric information stored on smart cards supplied by HID.

The United States’ neighbors also are adopting biometrics.  In 2004, the Canadian Air Transport Security Authority began deploying biometric smart cards at the country’s major airports as part of its two-year-old Restricted Area Identification Card program.  The initiative includes 200,000 multi-technology contactless smart cards from HID, with features such as anticounterfiting measures, upgradeable contact chips and write/erase/rewrite capabilities.

Why Biometrics?

Biometrics are ideal for a wide variety of applications besides transportation security.  For example, many enterprises use biometric information such as fingerprints, irises, retinas and voices to control access to buildings and to computers.  The appeal is hard to miss:  Users can’t misplace a body part or have it stolen, the system is authenticating a person rather than a card, and the authentication process is fast and easy.  The faster and easier that a security process is, the less likely users are to try to find a way to circumvent it.  If biometrics weren’t convenient, the U.S. Department of Homeland Security’s “Registered Traveller” program for frequent fliers wouldn’t be using biometrics to streamline the checkpoint process without compromising security. 

The business case also is attractive because biometrics help reduce overhead costs. Nearly 40% of calls to corporate help desks are about lost or missing passwords, according to Compaq.  Biometric-based smart cards significantly reduce those calls, yet the technology actually improves security in the process because unlike passwords, users can’t tape biometric information to the bottom of their keyboard, be tricked into divulging it or forget to change it periodically.

Biometrics and Smart Cards

Although biometrics provide high security on their own, they’re often paired with other technologies.  For example, suppose that to enter a secure area, a company requires employees to swipe a smart card and then have their fingerprint scanned.  If that biometric information is stored in the company’s database, the second stage of this two-factor authentication process can be completed much more quickly because the system knows which archived fingerprint to look at rather than searching the entire database for a match.   Regardless of the technology it uses, the faster and easier that a security process is, the less likely users are to try to find a way to circumvent it.

Although biometrics provide high security on their own, they’re often paired with other technologies.  For example, suppose that to enter a secure area, a company requires employees to swipe a smart card and then have their fingerprint scanned.  If that biometric information is stored in the company’s database, the second stage of this two-factor authentication process can be completed much more quickly because the system knows which archived fingerprint to look at rather than searching the entire database for a match.   Regardless of the technology it uses, the faster and easier that a security process is, the less likely users are to try to find a way to circumvent it.

Biometric information also can be stored on the smart card by using templates to reduce the amount of memory required.  For example, a complete fingerprint image takes up 50-100 kilobytes, depending on the resolution, but the template version requires less that 2 kilobytes.  By using minimal memory, the cost of the smart card can be reduced, and other applications have more memory to work with. 

Cost and flexibility are two more reasons why biometrics are often paired with smart cards.  For example, although biometrics are deployed in places such as airports, the network of support infrastructure is still developing and hasn’t yet reached the point of ubiquity.  Biometric smart cards dovetail nicely with that trend because they do double duty, enabling biometric-based security in places where the technology is deployed and working with established, widely deployed authentication systems.

Smart cards also give biometric systems more flexibility to evolve.  As a 2004 Frost & Sullivan report noted, “A secure ID system using smart card and biometric technology provides improved system return on investment through the flexibility and upgradation that smart cards provide, allowing support of different authentication methods and multiple evolving applications.”

Finally, smart cards can carry information that biometrics can’t.  For example, a fingerprint can’t provide that person’s account number or employee ID, but a smart card can.

Balancing Security and Privacy

Airports highlight the balancing act that today’s security solutions must achieve.  As a mainstream application, biometric passports must be convenient and user-friendly, or else travellers and airport personnel may be tempted to look for ways to circumvent their security features.  At the same time, convenience isn’t an excuse to compromise security.

Biometric smart cards also deftly balance privacy and security.  For example, smart cards have enough processing power and storage capability to be considered mini computers.  As a result, they’re able to engage in a peer-to-peer relationship with other secure devices.  This approach offers greater protection of the cardholder’s private information than if it were stored in a database, which could be compromised.  When smart cards store biometric information, users literally hold control over when, where and how their personal identity information is shared.  That control is key for winning public support for security mandates that use biometrics.

Standards and Selection

For companies and government agencies looking to deploy biometric security, the good news is that there are plenty of hardware and software choices.  For example, the BioAPI Consortium currently has more than 90 members, including hardware vendors, systems integrators and application developers.  This growing ecosystem ensures that customers have a wide, comprehensive selection, so they don’t have to cobble together solutions on their own. (For a detailed list of biometrics vendors, see www.biometrics.org/html/examples/examples.html)

Companies and government agencies also benefit from standardization.  For example, the BioAPI Consortium began developing an application programming interface (API) in April 1998 and released the first version in September 2000.  Now an American National Standards Institute (ANSI) standard, the API helps application developers and users by creating a platform that works across all BioAPI-compliant devices and with multiple operating systems. (More information about BioAPI is available at www.bioapi.org.)

This flexibility means that an application can use multiple types of biometric devices, so developers get a write-once, run-many environment.  Meanwhile, business users and consumers can use their biometric smart cards to access everything from buildings to bank accounts – and without having to wonder whether their smart card will work with one application but not another. 

The worldwide biometric market is expected to grow from $1.4 billion in 2004 to more than $4 billion by 2007, according to the International Biometric Group, a research firm.  Biometrics wouldn’t be enjoying that success if it didn’t provide the right mix of security, user-friendliness and privacy.  That’s why although airports might be the first place that you encounter biometrics in the United States, they won’t be the last.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

What are the challenges and benefits of mobile access control?
What are the challenges and benefits of mobile access control?

There is a broad appeal to the idea of using a smartphone or wearable device as a credential for physical access control systems. Smartphones already perform a range of tasks that extend beyond making a phone call. Shouldn’t opening the door at a workplace be among them? It’s a simple idea, but there are obstacles for the industry to get there from here. We asked this week’s Expert Panel Roundtable: What are the challenges and benefits of mobile access control solutions? 

Securing a sustainable future
Securing a sustainable future

The UK Government has set out an ambitious ten-point plan, known as the green industrial revolution, with an aim “to forge ahead with eradicating its contribution to climate change by 2050.” This makes our government the first major economy to embrace such a legal obligation. Green recovery Acknowledging climate change and meeting net-zero is a demanding challenge especially for those affected by the pandemic. But the UK Government, with the launch of its aspiring strategy, is investing everything in its power to promote a ‘green recovery.’ Here, Reece Paprotny, Commercial Manager and Sustainability Champion at Amthal, highlights how the fire and security industry has an opportunity to use the current recovery period to explore its own sustainable journey and embrace the significance of environment, economic and social collaboration, transparency, and accountability. Employing sustainable technologies Pressure is mounting on construction to find ways to reduce emissions and help meet net-zero targets The perception is that COVID-19 presents a once-in-a-lifetime opportunity to re-write the existing rulebook. This is riding on the significance of changing public support for more environmentally friendly living opportunities, with associated cost savings, efficiencies, and cleaner industries. Innovative sustainable technologies are the key to kickstart this route to success.  Nowhere can this be seen more than in the built environment, which currently contributes to 40% of the UK's carbon footprint. Pressure is mounting on construction to find ways to reduce emissions and help meet net-zero targets. This is through the entire life cycle of a building, to reduce their impact on the environment from planning stages, through build and demolition. Building the right environment By creating the right policy environment, incentives for innovation and infrastructure, the Government can encourage companies to seize the sustainable opportunities of new technologies and value chains linked to green sectors. They can accelerate the shift of current carbon-intensive economic and industrial structures onto greener trajectories, enabling the UK to meet global climate and development goals under the Paris Agreement on climate change and the 2030 Agenda for Sustainable Development. Transparent working practices Each industry sector is expected to engage and pledge its support to achieve the significant deadlines. Every company can make a difference, even with small steps towards a sustainable future. So whilst elements such as safety and security represent just one component of building the right sustainable environment, it paves the way to opening up our sector to greater efficiencies, transparent working practices, and encourages collaborative use of resources. Sustainability in security The security sector has a significant opportunity to incorporate ‘going green’ into its practices In fact, the security sector has a significant opportunity to incorporate ‘going green’ into their processes, and practices. This is right from product lifecycles to more environmentally friendly work practices when it comes to maintenance and monitoring services. When integrating environmentally friendly practices, starts with the manufacturing and production of the wide variety of systems in operation for the security sector. And some certifications and guidelines can be achieved, such as the ISO 14000 which looks into eliminating hazardous materials being used which in turn will reduce carbon footprint.  Upgrading supply chain process Observing the complete supply chain and working with partners to reduce unnecessary travel, shipments, and transportation of products, can all contribute and create sustainable processes.  In the maintenance and monitoring of products, it is essential installers and security specialists consider their own environmental impacts. Simple changes such as switching company vehicles to electric options for site visits can make a significant difference to climate change and improving air quality. Presenting sustainable ways of disposing of products at the end of their natural lifecycle is key to change in our sector. This is especially in the security industry where many customers will need a complete overhaul of outdated solutions or need systems upgrading due to changing threat levels. Sustainable evolution Progress is being made, specifically in the fire and security industry, in its sustainable evolution. Businesses are trying to develop a reputation for “sustainability” or “good corporate citizenship.” And it has gone well beyond the theory to the practical, where companies recognise activities have an impact on the environment and are also reviewing the social and economic influences. Three pillars of sustainability In a recent interview, Inge Huijbrechts, the Global Senior Vice President for safety and security and Responsible Business at Radisson Hotel Groups sees her vision to combine safety, security, and sustainability. Inge focuses on three pillars, namely, Think People, Think Community, and Think Planet. Think People means that we “always care for the people in our hotels and our supply chain.” So, in outwards communications, safety and security were always part of the Think People focus area. Think Community is caring and contributing in a meaningful way to communities where we operate. Finally, Think Planet makes sure that “our footprint on the environment is as light as it can be in terms of energy, water, waste, and carbon, and making sure that we incorporate sustainability into our value proposition.” Moving forward Apprenticeship schemes are integral to ‘think people’ and have a role to play in the social impact on the security industry There are immediate actions that can be taken by companies in the security industry to support sustainable development, working right from within a company to supporting industry-wide initiatives. From a social perspective, at a foundation level, “Think People’ can see the Living Wage Foundation as an example of a commitment to a team.  This is for businesses that choose to go further and pay a real Living wage based on the cost of living, not just the Government minimum. Apprenticeship schemes are also integral to ‘think people’ and have a pivotal role to play on the social impact on the security industry.  It addresses the sector-wide issue of finding employees with the right mix of skills to collaborate and meet discerning consumer demands for increasingly smart security solutions for homes and businesses. Impact of the full lifecycle of products From an environmental view, or ‘think planet,’ we need to collectively look at all elements of our industry, with a desire to analyse the impact of ingredients used, supply chain, or manufacturing alone, and also consider the full lifecycle of our selected products from creation to end of life. As Jamie Allam, CEO Amthal summarises, “This is a long-term, sustainable investment in our people, our products, and our business based on our values.” “When put together, a social team which feels empowers and operates in environmental optimum working conditions is in a position to provide a great experience to our customers, creating an economic positive difference. It forms the basis of a sustainable sector vision for the security industry-wide to adopt.” Taking action Amthal is taking action based on the ready-made universally agreed UN 17 Sustainable Development Goals. Also known as Global Goals, these are at the heart of the 2030 Agenda for Sustainable Development, adopted by all United Nations Member states. This agenda is a plan of action for people, the planet, and prosperity. By being an early adopter, we believe we can engage with customers, partners, and suppliers on these issues and generate opportunities to innovate for mutual and industry sector benefit. Together, we can contribute to building a more sustainable security sector and future, and contribute to the UK Government’s green industrial revolution.

What is the impact of privacy concerns on physical security?
What is the impact of privacy concerns on physical security?

Adoption of General Data Protection Regulation (GDPR) by the European Union in 2016 set a new standard for data privacy. But adherence to GDPR is only one element, among many privacy concerns sweeping the global security community and leaving almost no product category untouched, from access control to video to biometrics. Because privacy concerns are more prevalent than ever, we asked this week’s Expert Panel Roundtable: What is the impact on the physical security market?