Common myths about biometrics demystified
Source: William Pao, a&s International
More and more, biometrics
have been used as an effective tool for identify management
. However, there are some myths about biometrics, and a blogpost
by M2SYS seeks to demystify them.
Biometrics are the “what you are” factor in authentication – in addition to passwords (what you know) and cards/keyfobs
(what you have). “Over the years biometric identification technology developed, and nowadays it is no longer a topic to be shown in a sci-fi movie. It has become a reality and changed the landscape of secure identification in different industries,” the post said.
However, it mentions there are certain myths about biometrics. “Most people think of the conventional notion about biometric identification,” the post said. “Many myths about biometric identification are getting busted nowadays with the increased adoption rate and the reality shows the positive impact of technology in different sectors.”
The myths about biometrics and how they are demystified, according to 2MSYS, are summarized as follows.
Biometric data can be stolen or hacked from the system
According to the post, most people think that if they enroll their biometric data in any system, the administrator can use that image of their biometric data to spoof their identity. “But the reality is when someone scans his/her biometric, the scanners transform the biometric data to an encrypted binary code only using 1’s and 0’s to build a template. The biometric matching engine then uses that template to identify someone. So, biometric data could not be stolen or hacked from the system,” it said.
Iris scanning relies on genetic information
enrollment, the system only takes two different images of iris; one is a usual one and another one is using infrared light, the post said. “The combination of these two images is analyzed by the biometric system to create an identifiable visual pattern named iris code,” it said. “There is no genetic information considered during the identification process, and it can also differentiate the irises of identical twins also.”
Iris and retinal scanning is the same
According to the post, there are some significant differences between iris and retinal scanning. “First of all, the iris scanning is possible to perform from a distance but the retinal scanning requires the scanner close to the eyes. The iris scanning requires a lower energy infrared light for scanning than the retina scanning. And finally, the measurement of iris doesn’t change for any disease, whereas the retina scanning does,” it said.
Biometric can be spoofed, so why replace ID/password
Nothing can be further from the truth, the post said. “Live detection enabled in some scanners can identify the fake or replicated biometric identity. Biometric has been used worldwide for exact identification which is most secure and non-transferrable. For example, a biometric time clock eliminates buddy punching and time theft in the workplace, whereas an ID/ password system is easily used for the purpose,” it said.
Implementation of biometric is expensive
While it is often assumed that the implementation of biometrics is a matter of huge investment and is only seen in government or large scale projects, the post argues that biometric technology passed this stage a few years ago. “Now through biometrics-as-a-service, small and medium-sized enterprises can deploy the biometric solution at an affordable investment. It eliminates the need for huge development costs and specialized IT facilities,” it said. “In addition, the use of biometric technology eliminates the administrative expenses thereby reducing the use of papers and stationeries, dedicated manpower, buddy punching, time theft and increases employee productivity. All of these impacts on a positive return on investment.”