Biometrics: not as difficult as it seems

Today they talk a lot about multifactor identification, as a way to qualitatively increase the level of security. At the same time, not every project considers biometric factors as an additional level of protection. And in vain. It would be worth it! Because today there are reliable and reliable ways to work with biometric information that can be embedded in existing infrastructure without high costs.

Despite the fact that access control systems (ACS) are used today in most manufacturing companies, government agencies and business centers, for the most part, these solutions are based on the old generation RFID cards. The familiar HID Prox plastic badge serves as a companion for employees when moving through different zones, but it is already obvious to all that one RFID card does not provide an adequate level of security, because you can steal it, lose it, forget it or just fake it.
')
Yes, there are more advanced cards, such as multifunctional iClass with encryption support, and even including a random password generator. Together with a cell phone, they may well provide multi-factor identification, but they do not differ by the advantages that biometric methods provide - the latter do not allow to steal something from an employee in order to gain access. Of course, it is possible to chop off a hand, but this will be a far more serious crime, and imitation of a 3D-person in general is still a matter of science fiction films.



Precisely because the card can be stolen, many companies use photo-identification methods. Usually they are implemented in manual mode, when the security officer checks the photograph on the document with the face of the person using the pass. But a person needs considerable time to verify compliance, and mistakes are not excluded. And according to NIST (National Institute of Standards and Technology) research, the current level of development of automated photo-ID algorithms that have gone out of the practice of neural networks can significantly improve the accuracy and reduce the recognition rate to just a fraction of a second.

Types of biometric identification

With the advent of accessible terminals, biometric technology has become increasingly common. Proof of this - the presence of fingerprint readers in smartphones. If a sensor was already inserted there without a significant increase in the cost of the device, this is not a problem for corporate infrastructure. Today, the creation of three types of biometric identification systems looks quite real:

• By fingerprint - the reader is installed at the entrance or near the door and allows you to record the entrance and exit of a person without any additional documents
• By voice - voice analysis can occur anywhere in the room, or a person may need to call a specific number from your phone.
• In appearance - a completely contactless method of identification as a result of comparing the image of a person received in a video stream with a stored template.

The development of these technologies, and especially the latter, can greatly change the work of social objects. For example, the photo-verification of the owner of a single transport card with a reduced cost of travel will allow you not to pass through the validator a person who does not own the card, simplifying control of the transport systems in the capital and other cities. Similar scenarios can be used in production and in business centers.

Implement or not implement?

As we all know, for any project relevant technological and organizational barriers. Today we can confidently say that from a technological point of view, biometric systems are fully ready to work in the widest range of applications. But with the organizational moment there are difficulties.

However, when users get a choice, they begin to see and appreciate the benefits of biometric identification. For example, in the Naberezhnye Chelny technopark, one-factor identification was implemented, but with a choice - visitors can use either an RFID card or their fingerprint. Observing this project, we noticed that initially only 5-10% of visitors used the second method, but a year later the ratio turned out to be 50 × 50. Perhaps this is the best way for staff to get used to - give them the choice to use the old system or the new one.

Convergent systems

But while many are thinking about how to strengthen multi-factor authentication, technologies continue to evolve, and biometrics are used simultaneously for access control systems and information systems. We believe that IAM (Identity Access Management) tools will soon be integrated with the means of providing physical access.

How will this work? There are a lot of scripts. In particular, when entering the office, you can take a photo of yourself with a mobile device (for example, using the HID Mobile application), and in the case of confirming compliance of a person, gets access to an RFID reader to attach your card. This approach will generally forget about what a pass bureau is, while simultaneously increasing the security of access at times.

It is also possible to configure voice identification to obtain one-time passwords for access to information systems. What could be simpler - to call the number you want, repeat the phrase after the robot and receive the code in SMS. In this case, the theft of the phone will not do anything - after all, authorization takes place both by number and by the user's voice.

Cost of implementation

So, if you already have an ACS, switching to biometric identification, as a rule, involves the replacement of readers. If you think about fingerprinting, then the issue is solved within $ 200 for one terminal, but you do not need to maintain outdated passes and be responsible for security risks.

From an organizational point of view, visitors only need to fill out an application in advance and agree to the processing of personal data. After providing the necessary information directly on the organization’s website, the person is given access according to the biometric feature that is used in the system. In addition to sensors for reading fingerprints, you can install video cameras, and if you already have a video surveillance system deployed - set up analytical tools for working with a picture. Thus, the introduction of biometrics is much easier than many other methods of multifactor authentication, while making the lives of employees and visitors more comfortable.