Hector Hoyos

Facial and body behavior analytics can identify people “without interferingwith the pace of life” Biometrics companies throughout the security marketplace are expanding the functionality of their systems for a variety of uses. This article will take a look at what several companies are up to. SRI International’s identity solutions seek to bring convenience, speed and security to existing workflows. SRI’s Iris on the Move (IOM) biometric systems can add the value of knowing precisely “who” to an organisation’s specific applications – from physical access control and workforce management to logical access to digital content – without altering typical user behaviour or existing workflows. The multimodal systems are deployed globally in a wide variety of environments, including government facilities, corporate and college campuses, construction sites, and mission-critical data centers. SRI’s IOM biometric solutions deliver the accuracy of iris recognition to many form factors. The systems meet the growing demand for seamless and convenient authentication in markets such as security, transportation and healthcare, according to the company. Non-invasive biometric identification FST Biometrics provides identity management solutions that deliver a high level of security “without interfering with the pace of life.” FST Biometrics’ In Motion Identification (IMID) technology uses a fusion of facial recognition and body behaviour analytics to deliver accurate, non-invasive biometric identification of authorised users to facilitate seamless access to entry points.   Implementing FST Biometrics’ IMID system is not significantly more complicated than a card-based system, according to the company. Both types of systems require equipment to be installed and users to be registered. IMID says it is considerably more accurate than traditional systems, with a standard margin of error of three false accepts per 10,000 entries. The threshold can be adjusted to be more stringent depending on client needs. HID Global's biometric solutions are used in a variety of applications, includingaccessing ATMs, securing access to controlled medicines and medicalrecords, and securing borders HID Global’s biometric authentication makes it possible to know with certainty who is performing a transaction. Biometrics is the only authentication factor that can be directly coupled with a person’s unique physical identity and unequivocally validates it, according to the company. HID Biometrics offers this certainty along with greater security and convenience, and no additional complexity for the user. The company’s solutions are used worldwide in a variety of applications, including accessing ATMs, securing access to controlled medicines and medical records, and securing borders. Solutions include sensors and modules that use the company’s patented multispectral imaging technology that improves reliability, performance and security by using multiple sources and types of light. Advanced polarisation techniques extract additional, unique fingerprint characteristics from both the surface and subsurface of the skin. Solutions also feature liveness detection capabilities that ensure proof of presence by preventing the use of fake fingerprints or “spoofs.” Readers, panels and portable scanners ZKTeco designs and manufactures a variety of biometric readers and panels, distributed through a global network of resellers. Complementing an RFID product line, ZKTeco’s biometrics product lines consists of 1) stand-alone indoor and outdoor fingerprint readers; 2) access control panels that can store and match fingerprint templates on the panel itself; 3) non-intelligent slave fingerprint readers that merely forward fingerprints to the panel for subsequent matching and door-unlock decisions; and 4) two multi-biometric stand-alone readers— one recognises face and fingerprint, and the other recognises finger-vein and fingerprint. Most models can either be connected directly to a door lock (stand-alone) or they can be connected to a ZKTeco panel (or any third party access control panel) via Wiegand protocol. Zwipe’s core technology of a low-power, biometric algorithm enables the company to incorporate its product into several form factors, including credentials, credit cards and wearables. Zwipe has taken global leadership in creating unique, low-energy, biometric algorithms, powered by internal battery or by advanced radio frequency energy harvesting technology. Without the need of a battery on board, the product can be implemented in products that previously would not have been able to have a biometric element. Zwipe’s portable access control device provides the benefits of biometricswithout needing to change out existing door readers Zwipe’s access control product is essentially a small, portable biometric scanner that can fit in your pocket. The device provides the benefits of biometrics without needing to change out existing door readers, which saves the customer installation and integration cost that is usually more than the cost of the new reader. The only change is replacing the user’s current credential with the Zwipe Access card. Zwipe’s ability to utilise the energy from the RF field, be it from POS terminals or any NFC/ISO14443 reader to conduct authentication directly on the batteryless device, has expanded its market reach. Plus, the biometric template data for that card owner only resides on the Zwipe device, not some external system database that can be hacked into or a wall-mounted reader that has hundreds of templates that can be stolen. Higher “degrees of freedom”, better biometrics The accuracy of biometrics depends on each biometric’s “degrees of freedom,” says Hoyos Labs. For example, the voice has 5 degrees of freedom; the face provides 20 degrees of freedom, while one fingerprint can provide 30 degrees of freedom. At the higher end of the spectrum, an iris scan can provide 245 degrees of freedom, enabling identification of one person among 10 million. Combining biometrics measures adds to the scope of accuracy. Scanning two eyes provides an iris scan accuracy of more people than the population of the planet. Hoyos Labs has a system that scans four fingerprints to provide 150 degrees of freedom. “The higher the degrees of freedom, the better the biometric,” says Hector Hoyos, CEO of Hoyos Labs, which provides software to enable every major biometric – face, iris, voice and fingerprint – to be captured with a smart phone and applied across a myriad of industries.  

Are smart phones poised to replace all biometrics hardware in the next several years? That’s the bold prediction of Hector Hoyos, CEO of Hoyos Labs, one of the pioneers of biometrics technology who owns 59 patents (pending and issued) related to the field. The advent of the smart phone, which amounts to everyone carrying a computer in the palm of their hand, provides all the ability anyone needs to capture biometric information to use for verification, he says. Breakthrough in technology “Proprietary biometrics-based hardware will go away in the next three to five years,” Hoyos says. “You don’t need a proprietary sensor with smart phones getting more sophisticated. The time for proprietary hardware for biometrics is over – killed by the mobile industry. The technology is obsolete.” Instead of biometrics readers costing “thousands of dollars,” capabilities of smart phones will continue to develop to provide the same level of security, says Hoyos. For example, related to physical access control, the smart phone will communicate with an electronic lock using near field communication (NFC). It’s an extension of the idea we have already seen in the market of using a smart phone as a credential. Many current smart phones have fingerprint authentication, but phones can also be used for other types of biometrics, including face recognition and even iris scanning, says Hoyos. You don’t need a proprietary sensor with smart phones getting more sophisticated. The time for proprietary hardware for biometrics is over – killed by the mobile industry Hoyos Labs has also introduced a proprietary four-finger authentication technology – 4F ID – that uses a smartphone’s rear camera and LED flash light, without additional hardware, to capture a person’s four fingerprints to increase reliability and security for the user. In fact, Hoyos Labs has enabled every major biometric – face, iris, voice and fingerprint – to be captured with a smart phone and applied across a myriad of industries. In addition to physical access control, the technologies can be used for financial services, healthcare, and telecommunications. Hoyas says Microsoft’s three new Lumia smart phones will feature an iris scanner and facial recognition capabilities right on the device. Addressing security concerns “On the consumer side, the reality is that all you need is an electronic lock, and your smart phone device becomes the biometric,” says Hoyos. If greater security is required, applications can deploy hybrid, multi-authentication systems, such as fingerprint combined with a facial or iris scan, he says. Keeping individual biometric credentials encrypted on smart phones is a more secure option than storing them in a centralised database on a server, which could be subject to hacking despite best efforts to keep it secure. Biometrics contained on smart phones is the best approach to providing verification. However, in applications that require absolute proof of identification, such as banking applications, a central database is needed and must be protected. A centralised database can ensure that someone doesn’t open multiple accounts at a variety of banks using different names, for example. Keeping individual biometriccredentials encrypted on smartphones is a more secure optionthan storing them in a centraliseddatabase on a server Protecting biometrics data Three years ago, Hoyos Labs developed the BOPS (Biometrics Open Protocol Standard) framework, providing a global infrastructure ensuring end-to-end authentication of biometrics data for applications worldwide. In effect, it is the “back-end” technology for a range of biometrics used in any market. Hoyos says the framework is a vendor-agnostic infrastructure to support and protect use of biometrics data on the Internet and mobile devices. “Anybody’s train can run on those tracks, any type of biometric,” says Hoyos. “Our infrastructure is agnostic; we provide the plumbing that everybody needs to plug into.” Among the protections BOPS provides for centralised biometrics required for identification are encryption, secure storage and the practice of dividing a biometric into two parts – stored in different locations – so that violation of any single database would not provide a complete biometric. BOPS protocols also enable secure communication of biometrics to various devices, so a person could use a biometric to secure an Internet of Things device without having to reprogram a user name and password. The BOPS framework has been contributed to IEEE and has been published as the IEEE 2410-2015 standard. [IEEE is the Institute of Electrical and Electronics Engineers.] Hoyos says several physical access control companies are in the process of integrating BOPS into their products. Also, 20 of the Fortune 100 companies are using the standard, which he says is essential for use of biometric data to secure the coming Internet of Things (IoT).