Biometrics Technology Review 2008

Rebecca Heyer

Land Operations Division

Defence Science and Technology Organisation

DSTO-GD-0538

ABSTRACT

Biometrics is the measurement of personal physical features, actions or behavioural characteristics

that distinguish between individuals. In recent years automated biometric systems, such as facial,
fingerprint and iris recognition systems, have been developed to facilitate a range of functions.
These functions can be broadly categorised as verification or identification, and include, for
instance, physical and logical access control, management of major plant and machinery,
weapons control, identity management, surveillance operations, and personnel management. This
paper is an updated version of the Biometrics Technology Review 2002 published in 2003 by
Blackburn et al. It provides an overview of the basic elements of biometrics; a detailed
examination of current and future biometric technologies; discusses the many different
applications of biometrics; and highlights the issues associated with using such technology.

RELEASE LIMITATION

Approved for public release

Published by

Land Operations Division

DSTO Defence Science and Technology Organisation
PO Box 1500
Edinburgh South Australia 5111 Australia

Telephone: (08) 8259 5555

Fax: (08) 8259 6567

© Commonwealth of Australia 2008

AR 014-200

Submitted: August 2007

Published: May 2008

APPROVED FOR PUBLIC RELEASE

 Biometrics Technology Review 2008

Executive Summary

Biometrics is the measurement of personal physical features, actions or behavioural

characteristics that distinguish between individuals. The history of biometrics, like most
other technologies, has followed a familiar route beginning with an initial build-up of
excessive optimism followed by a trough of scepticism as the limitations of the
technologies became apparent. Realistic expectations, combined with a plethora of
research and development, are now seeing many biometric systems, such as facial,
fingerprint, iris and hand geometry, reach the levels of success originally touted. With
annual global biometrics revenues projected to grow from $2.1 billion in 2006 to $5.7
billion in 2010 and inspection of patent databases uncovering a range of new and exciting
applications, biometrics truly appear to be living up to the tag applied to it by the MIT
Technology Review in 2001 as one of the ‘top ten emerging technologies that will change
the world’.

In recent years automated biometric systems have been developed to facilitate a range of
functions broadly categorised as verification or identification functions. Such automated
systems offer advantages over current strategies including the elimination of fatigue
effects associated with human performance and adding the possibility of measuring
features (e.g. iris pattern) that cannot be readily sensed by humans. Biometrics have been
successfully applied across a range of procedures and processes to enhance security
including physical and logical access control, management of major plant and machinery,
weapons control, identity management, and personnel management. Automated
biometric systems need to be seen as an adjunct to existing systems, adding to techniques
already used, and organisations contemplating the adoption of biometric technology need
to understand that there are a range of issues that should be addressed. Privacy and
security concerns, the vulnerability of biometric systems to attack, the importance of
usability and user acceptance, training and education and a range of integration and
support requirements all need to be addressed.

This paper is an updated version of the Biometrics Technology Review 2002 paper
published in 2003 by Blackburn et al * . After an introduction, and in line with its
predecessor, the paper provides an overview of the basic elements of biometrics (Section
2); a detailed examination of current and future biometric technologies (Section 3);
discusses the many different applications of biometrics (Section 4); and highlights the
current issues associated with using such technology (Section 5).

* Blackburn T, Butavicius M, Graves I, Hemming D, Ivancevic V, Johnson R, Kaine R, McLindin B,

Meaney K, Smith B and Sunde J 2003, Biometrics technology review 2002, DSTO-GD-0359
 Contents

1. INTRODUCTION ............................................................................................................... 1

2. BIOMETRICS BASICS....................................................................................................... 2
2.1 Components of a biometric system ....................................................................... 2
2.2 Pattern recognition ................................................................................................... 3
2.3 Error rates ................................................................................................................... 4
2.4 Biometric applications ............................................................................................. 5
2.4.1 Verification ................................................................................................. 6
2.4.2 Identification .............................................................................................. 6

3. BIOMETRIC TECHNOLOGIES AND APPLICATIONS............................................ 6

3.1 Fingerprint ................................................................................................................. 7
3.2 Face ............................................................................................................................ 10
3.3 Iris .............................................................................................................................. 13
3.4 Speaker Recognition .............................................................................................. 14
3.5 Hand Geometry....................................................................................................... 15
3.6 Signature................................................................................................................... 16
3.7 Retina ........................................................................................................................ 17
3.8 Deoxyribonucleic acid ........................................................................................... 18
3.9 Odour ........................................................................................................................ 18
3.10 Ear .............................................................................................................................. 19
3.11 Veins.......................................................................................................................... 19
3.12 Fingernail bed.......................................................................................................... 19
3.13 Skin............................................................................................................................ 20
3.14 Physiometrics........................................................................................................... 20
3.15 Thermogram............................................................................................................. 21
3.16 Gait ............................................................................................................................ 22
3.17 Work pattern analysis ............................................................................................ 22
3.18 Lips ............................................................................................................................ 22
3.19 Footprints ................................................................................................................. 23
3.20 Dynamic grip recognition ..................................................................................... 23
3.21 Tongue ...................................................................................................................... 23
3.22 Comparison of technologies ................................................................................. 24
3.23 Parameters to guide the selection of biometrics ............................................... 26
3.24 Current directions ................................................................................................... 28
3.24.1 Multimodal biometrics ........................................................................... 28
3.24.2 Form Factors............................................................................................. 29
3.24.3 Biometrics and smart cards.................................................................... 30
3.25 Future directions ..................................................................................................... 33

4. BIOMETRIC APPLICATIONS ....................................................................................... 33

4.1 Physical access control ........................................................................................... 33
4.2 Logical access control and protection of IT systems ........................................ 34
4.3 Personnel management.......................................................................................... 34
4.4 Identity management ............................................................................................. 35
4.5 Weapons or other sensitive technologies control ............................................. 37
4.6 Management of major plant ................................................................................. 37
4.7 Communications (verification of electronic identification) ........................... 38
4.8 Counter-terrorism, counter-insurgency or stand-off recognition operations38
 4.9 Forensic identification ........................................................................................... 39

5. ISSUES ...................................................................................................................... 40
5.1 Security concerns - biometric vulnerabilities.................................................... 40
5.1.1 Addressing biometric vulnerabilities ................................................... 42
5.2 Usability and user acceptance .............................................................................. 44
5.3 Health concerns ....................................................................................................... 46
5.4 Privacy issues........................................................................................................... 47
5.5 Integration and support requirements................................................................ 49
5.5.1 Education and training ........................................................................... 50
5.6 Evaluation requirements ....................................................................................... 51
5.7 Interoperability issues ........................................................................................... 51

6. CONCLUSION .................................................................................................................. 52

7. REFERENCES..................................................................................................................... 53
 Figures
Figure 1: The technical components of a generic biometric system.................................... 3
Figure 2: Detection error trade-off: FMR vs. FNMR (reproduced from Mansfield et al, 2001)
....................................................................................................................................................... 5
Figure 3: Minutiae ...................................................................................................................... 8
Figure 4: Optical fingerprint sensor......................................................................................... 8
Figure 5: Capacitance fingerprint sensor and output ........................................................... 9
Figure 6: Ultrasound fingerprint sensor ................................................................................. 9
Figure 7: Thermal fingerprint sensor....................................................................................... 9
Figure 8: 3D fingerprint image ............................................................................................... 10
Figure 9: Face measurements.................................................................................................. 10
Figure 10: 3D face images........................................................................................................ 11
Figure 11: Decreasing error rates for face recognition technology 1993-2006 ................. 13
Figure 12: Collage of irises ...................................................................................................... 13
Figure 13: Desktop iris scanning ............................................................................................ 14
Figure 14: Speaker recognition headset and microphone .................................................. 15
Figure 15: Hand geometry sensor for access control........................................................... 16
Figure 16: Signature verification ............................................................................................ 16
Figure 17: The eye..................................................................................................................... 17
Figure 18: Scanning area of the retina ................................................................................... 17
Figure 19: Retina scan of Iraqi Army recruit ........................................................................ 18
Figure 20: A DNA molecule.................................................................................................... 18
Figure 21: Schematic diagram of an electronic nose............................................................ 18
Figure 22: Ear biometric .......................................................................................................... 19
Figure 23: Vein scanner ........................................................................................................... 19
Figure 24: Fingernail bed scanner .......................................................................................... 20
Figure 25: Brainwaves depicted in an electrocephalogram trace ...................................... 20
Figure 26: Identification by analysis of physiometric variation ........................................ 21
Figure 27: Facial thermogram................................................................................................. 21
Figure 28: Gait as a biometric ................................................................................................. 22
Figure 29: Lips as a biometric ................................................................................................. 22
Figure 30: Dynamic grip recognition sensors on a handgun ............................................. 23
Figure 31: Different shapes and surface textures of the tongue ........................................ 24
Figure 32: Biometric/fingerprint mouse............................................................................... 30
Figure 33: Biometric/fingerprint mobile phone .................................................................. 30
Figure 34: Sensor-on-card system .......................................................................................... 31
Figure 35: Match-on-card system........................................................................................... 31
Figure 36: Template-on-card system ..................................................................................... 32
Figure 37: Qantas aircrew member using a Smart Gate terminal ..................................... 35
Figure 38: Fingerprint scanner at a sporting arena in Amsterdam ................................... 36
Figure 39: Face recognition at a distance (50-300m) ............................................................ 39
Figure 40: Biometric threat vectors (reproduced from Roberts, 2007).............................. 42
 Tables
Table 1: Classification of biometrics (adapted from Bolle et al, 2004) ................................ 7
Table 2: Benefits and disadvantages of fingerprint, face, iris, speaker/voice and hand
biometrics (reproduced from www.dell.com) ..................................................................... 25
Table 3: Comparison of Biometric Technologies ................................................................. 25
Table 4: Parameters to guide selection of biometrics (from Sanderson & Erbetta, 2000)26
Table 5: Parameters to guide selection of face, fingerprint and iris biometrics in the
Defence environment............................................................................................................... 27
Table 6: Factors that impact on biometric system usability and performance ................ 45
Table 7: BioPrivacy Application Impact Framework .......................................................... 48
 Glossary
ADF Australian Defence Force
AGIMO Australian Government Information Management Office
ATM Automatic Teller Machine
BAT Biometric Automated Toolset
BISA Biometric Identification System for Access (US)
CAC Common Access Card (US)
CCD Charge Coupled Device
CCTV Closed Circuit Television
CESG Communications-Electronics Security Group (UK)
DBIDS Defense Biometric Identification System (US)
DET Detection Error Tradeoff (curve)
DGR Dynamic Grip Recognition
DNA Deoxyribonucleic Acid
DoD Department of Defense (US)
DSBTF Defense Science Board Task Force (US)
EEG Electrocephalogram
FBI Federal Bureau of Investigation
FMR False Match Rate
FNMR False Non Match Rate
FP Fingerprint
FRVT Face Recognition Vendor Test
FTA Failure to Acquire
FTE Failure to Enrol
FVC Fingerprint Verification Competition
HUMINT Human Intelligence
IBG International Biometric Group
ICAO International Civil Aviation Organization
ICE Iris Challenge Evaluation
INPASS Immigration and Naturalization Service Passenger Accelerated
Service System (US)
IT Information Technology
MIT Massachusetts Institute of Technology
MoD Ministry of Defence
NIST National Institute of Standards and Technology (US)
PIV Personal Identity Verification (US)
ROC Receiver Operator Characteristic (curve)
TWIC Transport Workers Identity Credential (US)
UK United Kingdom
UKBWG United Kingdom Biometrics Working Group
US United States
 DSTO-GD-0538

1. Introduction
Biometrics is the measurement of personal physical features, actions or behavioural
characteristics that distinguish between individuals. Biometrics is not a new concept.
History suggests that potters from Asia and the Middle East used their fingerprints to sign
their work as long ago as 1500 BC (Down & Sands, 2004). Technology development in the
area, however, is a much newer concept. The history of biometrics, like most other
technologies, has followed a familiar route, beginning with an initial build up of excessive
optimism followed by a trough of scepticism as the limitations of the technologies became
apparent. Realistic expectations, combined with a plethora of research and development,
are now seeing many biometric systems reach the levels of success originally touted
(Simpson, 2007). In 2001 the MIT Technology Review named biometrics one of the ‘top ten
emerging technologies that will change the world’ and in early 2006 the International
Biometric Group (IBG) projected that global biometrics annual revenues would grow from
$2.1 billion in 2006 to $5.7 billion in 2010. IBG expect that the United States and Asia will
be the largest global markets for biometrics products and services in the coming decade
(http://www.biometricgroup.com/).

In recent years automated biometric systems have been developed to identify persons and
verify identity. The systems offer advantages over current recognition strategies, including
the elimination of fatigue effects associated with human performance and adding the
possibility of measuring features (e.g. iris pattern) that cannot be readily sensed by
humans. Automated biometric systems should be seen as an adjunct to existing personal
identification systems, adding to techniques already used. In addition to the development
of individual biometric systems, more and more research and development is being
devoted to multimodal biometric systems; those that use more than one biometric or more
than one measure of the same biometric, and thus increase levels of accuracy and security.
In early 2005, the military components of the US Department of Defense (DoD) were
surveyed to ascertain their level of current biometric usage, or intended future usage. At
that time, 83 different systems were reported including those based on fingerprints
(accounting for 65%), hand geometry (12%), iris (6%), multimodal systems (16%) and
other, such as deoxyribonucleic acid (DNA) (1%). The biometric systems in use at the time
primarily supported the areas of identity background checking, access control, and
detainee processing (Kauchak, 2006).

Biometric systems are socio-technical systems, comprising both the technology and a
range of social subsystems (such as the users and the environment/s in which the
technology operates). Biometrics can be applied to two types of problems: verification (i.e.
access control) and identification. Many technologies are suitable for access control type
applications, but identification applications typically result in relatively high error rates
(often due to the environment) and few technologies are suitable. Despite some successful
applications, biometric systems do have some limitations. Error rates still remain relatively
high for some methods, even in the areas where biometric measures are thought to be
unique to the person (i.e. fingerprints, iris). In these cases it is the measuring process itself
that produces uncertainties (such as the smearing of a fingerprint). Biometric systems are
also susceptible to attack and there remain a string of social, ethical and acceptance issues

1
DSTO-GD-0538

with their use. As such, there are many factors that need to be considered when
contemplating a biometric solution including technical, privacy and human factors issues.

This paper is an updated version of the Biometrics Technology Review 2002 paper published
in 2003 by Blackburn et al. After an introduction, and in line with its predecessor, the
paper provides an overview of the basic elements of biometrics (Section 2); a detailed
examination of current and future biometric technologies and applications (Section 3);
discusses the many different applications of biometrics (Section 4); and highlights the
current issues associated with using such technology (Section 5).

2. Biometrics basics

2.1 Components of a biometric system

Biometric systems are socio-technical systems comprised of both technical and social
subsystems. The social aspects of the system include the users and the environment/s in
which the system operates. In technical terms, a biometric system consists of several
components (see Figure 1):
• A data collection component which collects the biometric data.
• A data storage component which stores the biometric data.
• A signal processing component which processes the biometric data.
• A decision component which makes decisions regarding matches between biometric
data and whether to accept or reject.
• A transmission component which aids the data collection, data storage and signal
processing components in compressing and expanding files required at different stages
of the process.

Within these components several key functions are performed:

• Within the data collection component, the sensor function acquires the raw biometric
data or signal (such as a video, photo or fingerprint).
• Within the signal processing component, the feature extraction function extracts features
to represent the signal collected by the sensor. Biometrics from known people are
condensed to form compact templates that are enrolled in a database (within the data
storage component) or stored on some other device such as a smart card. This process
may be carried out in the operational environment or off-line.
• Biometrics are obtained from those people presenting at the operational biometric
system and compressed into template form (once again, stored in the data storage
component). The pattern matching function, within the signal processing component,
then compares the templates from the presenting subject(s) with enrolled entries to
determine if there are matches; assigning match scores in the process.
• Within the decision component, a matching function then processes the match scores
and determines or verifies the identity of an individual. It is only then that action is
taken to open a gate, sound an alert or otherwise respond, depending on the match
score and role of the system.

2
 DSTO-GD-0538

Figure 1: The technical components of a generic biometric system 1

2.2 Pattern recognition

All biometric processes require the comparison of measured data from a person with
known data from a database to determine if there is a match. There are two basic
approaches to the comparison problem. The first is based on the step-by-step construction
of the decision-making process, an algorithm, and the other is based on the use of some
form of ‘learning mechanism’ in which the decision-making algorithm still exists, but may
be hidden from the users, such as artificial neural networks. Whichever comparison
approach is adopted, each biometric system recognition process is comprised of two
phases – enrolment and operational.

Enrolment, the initial phase, requires the capture of biometric data. The way the biometric
is captured differs according to both the type of biometric being captured (i.e., a photo or
fingerprint scan) as well as the application of the system itself (i.e., watch list versus
verification). For instance, in a watch list application, enrolment often takes place without
the knowledge of the person of interest; whereas in a verification application biometrics
are usually sampled several times to ensure the best possible chances for matching. Each
sample is then checked to ensure that it is of sufficient quality to generate a match. Data is
then processed to extract the key features which enable different subjects to be separated
from one another by a classifier, known as feature extraction. The result of this process is a
data vector, commonly referred to as a template once it is enrolled into the database.

1 ISO/IEC 19795-1 (2006)

3
DSTO-GD-0538

Once a database of subjects is established the system can move into the operational phase.
In the operational phase, an individual’s biometric data is once again captured and
compared to the enrolled template. When an individual provides biometric samples in an
attempt to gain access to a secured area (known as a transaction), these samples are
compared with those in the enrolled template. Access can be granted, or identification
verified, if the degree of match between the transaction and enrolled data are above a
given threshold or decision value, which is ultimately driven by the costs associated with
the range of error rates that biometric systems produce.

2.3 Error rates

Despite the automated nature of biometric systems and possible claims by proponents, all
biometric systems produce errors of two general types. A false positive occurs when a
person is accepted as being the person claimed, even though that is not the case. This is
measured as the false match rate (FMR). Most biometric system vendors today claim a
FMR of 0.0001% to 0.1%. A FMR of 0.001% means that 1 out of every 100,000 attempts by
an impostor to gain access to a system will succeed, on average. The FMR in comparative
test environments for fingerprint is typically 0.2%, voice 2-5% (Jain, Ross & Prabhakar,
2004), iris and face 0.1% (Phillips et al, 2007). A false negative occurs when a person is not
accepted as who he/she claims to be even though he/she is that person. This is measured
as the false non match rate (FNMR). Most biometric system vendors today claim a FNMR
of 0.0001% to 1%. However, the FNMR in comparative test environments for fingerprint is
typically 0.2%, voice 10-20% (Jain, Ross & Prabhakar, 2004), iris 1.5% and face 1% (Phillips
et al, 2007).

There is generally a trade-off between these two types of error, based on a decision
threshold in the biometric processor. If the decision threshold is raised to reduce the FMR,
the FNMR will generally increase and vice versa. In addition to the error trade-offs, errors
vary between technologies based on the discrimination quality of the biometric data
measured.

A parametric plot of FMR against FNMR is the most useful representation allowing
complete comparison of various biometrics. Linear or log scales are commonly used on the
axes, and the plots are then referred to as receiver operator characteristic (ROC) or
detection error tradeoff (DET) curves respectively. Other axis scaling could be more
useful, for example see Parks et al (2006) which introduces scaling based on generalised
hyperbolic functions. The independent parameter which varies along the plotted curves is
the similarity score.

Figure 2, reproduced from Mansfield et al (2001), is an FMR vs. FNMR plot comparing
face, fingerprint (FP), hand, iris, vein and voice biometrics. The iris system used in the
study had a pre-determined threshold and the FMR was in fact zero. There were
approximately 200 subjects, mainly comprising volunteers working at the National
Physics Laboratory site. The report was published in 2001 and since then it is known that
some biometrics have made remarkable improvements.

4
 DSTO-GD-0538

Figure 2: Detection error trade-off: FMR vs. FNMR (reproduced from Mansfield et al, 2001)

Sampling error should be considered when comparing the results from any biometric trial.
At DSTO the Wilson confidence limits for proportions (see Hogg & Tanis, 2000) are
routinely calculated for FMR and FNMR values. A recent development in the presentation
of results is the inclusion of these confidence limits on FMR versus FNMR plots, see DSTO
(2007) for examples. In trials it is common practice to obtain multiple biometric samples
from each subject. Multiple samples from the same person cannot be expected to be
distributed in the same way as biometric samples from multiple persons. This complicates
the determination of the correct sample size to use when calculating confidence limits. In
DSTO (2007) upper and lower bounds for sample size are calculated assuming complete
independence or complete dependence, respectively, of samples from the same person.

When planning a trial or evaluating the validity and applicability of trial results it is also
important to consider the desired population scope and the sampling method. In
particular, consideration should be given to how well the sample frame represents the
population of interest. In biometrics this is particularly important because biometrics can
vary considerably across demographic groups.

The viability of a biometric system depends on more than just its error rates. Operational
issues such as acceptability to the user, user skill requirements and niche requirements all
must be considered.

2.4 Biometric applications

Biometric systems have two distinct applications – verification and identification.

5
DSTO-GD-0538

2.4.1 Verification

In verification applications ‘the user makes a positive claim to an identity, features derived
from the submitted sample biometric measure are compared to the enrolled template for
the claimed identity, and an accept or reject decision regarding the identity claim is
returned’ (ISO/IEC 19795-1, 2006, p. 5). Biometric systems of this type conduct one-to-one
(1:1) comparisons to determine whether the identity claimed by the individual is true. An
example would be to verify that a pass holder is the authorised user.

2.4.2 Identification

In identification applications, ‘a search of the enrolled database is performed, and a

candidate list of 0, 1 or more identifiers is returned’ (ISO/IEC 19795-1, 2006, p. 5).
Identification tasks assume that a person is in the database. This type of system is more
sophisticated as it conducts one-to-many (1:N) comparisons to establish the identity of the
individual. Identification applications are very taxing for a biometric system since it must
generate low FMR (to keep false alarms low) while still maintaining low FNMR (to ensure
that persons of interest are identified). In addition, an identification system must generally
compare each incoming biometric sample with all enrolled entries rather than with
individual enrolled entries, which tends to increase the number of errors when compared
to a verification application.

Related to the identification is watch list. Watch list screening is the most demanding of all
applications. It involves two distinct steps. The system must first detect if a person is on
the watch list and, if so, correctly identify them. An example would be a system at a
border crossing to search for drug couriers of known appearance. This is much more
difficult than an identification or verification task, as some potential persons of interest
may not be in the database and current systems present a number of possible matches for
the human operator to then consider.

3. Biometric technologies and applications

There are many biometric technologies in use today and a range of biometrics that are still
in the early stages of development. Biometrics are either based on a physiological
characteristic of the person or a behavioural characteristic. Table 1 (adapted from Bolle,
Connell, Pankanti, Ratha & Senior, 2004) summarises a range of biometrics and classifies
them according to whether they are physiologically or behaviourally based, and whether
they are common (i.e., currently in use across a range of environments), still in limited use
or under development, or still in the research realm (i.e., haven’t yet been applied in any
environment outside of research).

6
 DSTO-GD-0538

Table 1: Classification of biometrics (adapted from Bolle et al, 2004)

Biometrics Physiological Behavioural Common Limited Research
Fingerprint 3 3
Facial 3 3
Hand Geometry 3 3
Iris 3 3
Speaker 3 3
Signature 3 3
DNA 3 3
Ear 3 3
Odour 3 3
Retina 3 3
Veins 3 3
Dynamic grip* 3 3 3
Skin 3 3
Gait 3 3
Lips* 3 3 3
Work pattern 3 3
Fingernail bed 3 3
Thermogram 3 3
Physiometrics 3 3
Footprint* 3 3
Tongue 3 3
*Lip, dynamic grip and footprint biometrics are so diverse that they fit into both the physiological and
behavioural categories

While the following review focuses on the six most popular biometrics in the market today
– fingerprint, facial, iris, speaker recognition, signature verification and hand geometry, a
brief summary of other biometric technologies is also provided. The review concludes
with a cross-comparison of the common biometric technologies.

3.1 Fingerprint
Fingerprint recognition is currently the leading biometric technology, comprising around
32% of the total market, and looks set to remain there for some time to come. This is due
mainly to the range of environments in which fingerprint systems can be deployed, the
years of development that the systems have undergone, and the many companies
involved in the technology's manufacture and development. IBG estimates that fingerprint
revenues will grow from $198 million in 2003 to $1.493 billion in 2008
(http://www.biometricgroup.com/).

Fingerprint recognition systems are a proven technology and have been shown to be
capable of very high levels of accuracy. Their sensors and processors are low cost and easy
to use and the reduced size and power requirements of fingerprint systems, along with
their resistance to environmental changes such as background lighting and temperature,
enable the systems to be deployed in a range of logical and physical access environments.
Modern fingerprint acquisition devices are quite small (often less than 1.5 cm x 1.5 cm and
very thin) and are capable of acquiring and processing images (Roberts, 2006). Fingerprint

7
DSTO-GD-0538

systems are being used daily to enable users to access networks and PCs, enter restricted
areas, operate plant, and to authorise transactions.

Fingerprint identification is based on the analysis of

the ridge patterns on the tips of fingers. Sensors
generate images of the ridges and these are scanned
for structural features (called minutiae) such as
branches or terminations.

Figure 3: Minutiae 2

The relative positions and types of the minutiae form a description of the fingerprint that
can be matched against other fingerprints. Approximately 80% of biometric vendors utilise
these minutiae in some fashion, but some choose to use pattern matching that extrapolates
data from a particular series of ridges on the fingerprint (Roberts, 2006). This series of
ridges used in enrolment is the basis of comparison, and verification requires that a
segment of the same area be found and compared. Once a high-quality image is captured,
there are a several steps required to convert its distinctive features into a compact
template. This process, known as feature extraction, is at the core of fingerprint
technology. Each vendor of fingerprint systems has a proprietary feature extraction
mechanism; the vendors guard these unique algorithms very closely.

Multiple sensor types are currently available to scan fingerprints including optical,
capacitance, ultrasound and thermal.

Optical sensors are the most proven

fingerprint sensors over time. They are fairly
inexpensive, are resistant to temperature
fluctuations, and can provide fingerprint
images up to 500 dpi resolution. Issues with
optical sensors include that they must be of
sufficient size to capture a quality image, that
latent (or leftover) prints can degrade images
to the point that image capture is severely
Figure 4: Optical fingerprint sensor 3
hampered, and that the sensors themselves
often degrade with age.

Capacitance sensors were introduced in the late 1990s and have gained popularity since
that time. In these sensor types, the capacitance sensor acts as one plate of a capacitor, the
finger the other. An 8-bit gray scale digital image, more detailed than an image captured
by an optical scanner, is generated from the capacitance between the plate and the finger.
While it would appear that the coating applied to the capacitance sensors would be more

2 www.factsfinder.com/fingerprinting.htm
3 http://computer.howstuffworks.com

8
 DSTO-GD-0538

durable than those of optical sensors, this has yet to be tested across the range of
conditions in which the sensor could be deployed (Roberts, 2006).

Figure 5: Capacitance fingerprint sensor and output 4

Ultrasound sensors are still in their infancy and not yet widely used, however, they have
great potential to lead the fingerprint technologies market due to their reported high
accuracy. Ultrasound sensors transmit acoustic waves that measure the impedance of the
finger, the sensor platen and the air. Beside their reported high accuracy, ultrasound
sensors have the advantage that they can penetrate dirt and other contamination on the
finger and platen, one of the major drawbacks of other fingerprint technology.

Figure 6: Ultrasound fingerprint sensor 5

Thermal sensors measure temperature changes

in the ridge-valley structure of the finger as it is
swiped over the scanner. These temperature
changes produce an image of the fingerprint.
While the image is not as rich as the gray scale
Figure 7: Thermal fingerprint sensor 6
images produced by other sensor types, thermal
sensing has the advantage that it is able to
overcome the dry and wet skin issues that can
plague other sensors (Bolle et al, 2004).

Work is currently underway into the use of 3D scanners that use touchless technology and
very high contrast multi-camera imaging of the finger (Chen et al, 2006).

4 www.ntt-tec.jp
5 http://perso.orange.fr
6 www.britestone.com.hk

9
DSTO-GD-0538

Figure 8: 3D fingerprint image 7

3D fingerprint scanners create more accurate minutiae and pattern matching and more
reliable, higher speed database indexing schemes. In addition to 3D images, most 3D
systems also output 2D fingerprint data that is compatible with legacy fingerprint
databases to ensure interoperability is maintained. The advantage of 3D systems is their
ability to overcome the smudging and distortion issues inherent in touch based systems
(Simmons, 2005).The major drawback of many fingerprint recognition systems is the
contact nature of many of the sensors. Because of this touch sensing, the pattern being
sensed is often distorted at acquisition and can make matching difficult. Other major
drawbacks of fingerprint sensing include the inability of the sensing process to
accommodate dirt and other environmental contamination and the apparent inability of a
few users to record reliable fingerprints (due to injury or age). Research has shown that
certain ethnic and demographic groups have lower quality fingerprints and are more
difficult to enrol, including the elderly, manual labourers, and some Asian populations
(Roberts, 2006).

3.2 Face

Facial recognition is based on the measurement

of the positions of distinctive features of the face
- including the upper outlines of the eye sockets,
the areas surrounding the cheekbones, the sides
of the mouth, and the location of the nose and
eyes - to perform verification and identification.

Figure 9: Face measurements 8

Facial recognition technology is the second most popular biometric technology after
fingerprint and is expected to grow rapidly during this decade, particularly in the area of
surveillance systems. IBG estimates that global facial recognition revenues will grow from
$50 million in 2003 to $800 million in 2008, accounting for 17% of the biometrics market
(http://www.biometricgroup.com/). Facial recognition technology is being used widely

7 www.send2press.com
8 www.idwarehouse.co.uk

10
 DSTO-GD-0538

in large-scale identification applications (i.e. passport systems), surveillance applications

and in law enforcement. It has not yet been successfully applied to desktop verification.

The most common input sensors are 2D video or digital cameras, although 3D systems are
becoming more commonplace. 2D images are generated using analog or digital camera,
scanned documents or video sequence. The more recent facial recognition systems are
based on skin or skull geometry and require 3D images to achieve this.

Figure 10: 3D face images 9

There are three main types of 3D facial recognition systems available on the market today.
The first type, stereo acquisition, uses two or more cameras to take simultaneous snapshots
of a subject and then uses this information to calculate depth information and reference
points. Stereo acquisition is relatively low cost and easy to use. The second type, structural
light, projects a light pattern onto the face of a subject and uses a standard camera to
record the information, which is then used to calculate depth information and reference
points. Structural light is the fastest of the 3D facial systems. The third type uses a laser
sensor to capture a 3D image of a subject’s face. Although improving all the time, laser
sensors are expensive and slower than the other options (Akarun, Gokberk & Salah, 2005).
Recent research has found that a multimodal or fusion approach of using 2D and 3D facial
recognition systems in combination with one another performs significantly better than
using either alone (Tao, van Rootseler, Veldhuis, Gehlen & Weber, 2007; Chang, Bowyer &
Flynn, 2005).

Other systems have used near infrared and facial thermograms with varying results. The
performance of facial recognition systems is closely tied to the quality of the images
captured by the various sensors, and images from near infrared and facial thermograms
still have a way to go.

Vendors currently use four methods to identity or verify subjects using facial recognition –
eigenfaces, feature analysis, neural networks and automatic face processing (Woodward,
Horn, Gatune & Thomas, 2003).

9 www.a4vision.com/ and http://www-users.cs.york.ac.uk

11
DSTO-GD-0538

Feature analysis is currently the most widely used facial recognition technology. Specific
features are extracted from many different regions of the face and these features (both
their type and arrangement) are used for identification and verification. Although, like
most facial recognition systems, feature analysis works best with front-on images, one of
its distinct advantages is its ability to deal with changes in appearance or the angles at
which a face is presented.

Eigenface utilises 2D gray scale images which represent distinctive characteristics of the
face. Once a user has enrolled, their eigenface is mapped to a series of coefficients. In
verification mode (i.e. for access control) a user’s live template is compared against the
enrolled template and in identification mode (i.e. for surveillance) the template is
compared to many in a pre-existing database to determine coefficient variation. The
degree of coefficient variance determines acceptance or rejection. Eigenface is best suited
to well-lit environments and when using front-on image capture.

Neural network mapping utilises a matching algorithm to determine whether features from
an enrolment/reference and verification/live face are similar or different. Neural
networking technology uses as many features of the face as possible to ascertain whether
there is a match or not. A false match prompts the algorithm to modify the weights it gives
to certain features of the face to double check that the false match is the correct decision to
make.

Automatic face processing uses distance and distance ratios between the distinctive features
of the face (such as the distance between eyes) for matching purposes. Although automatic
face processing is a more simple technology and is best suited to front-on image capture
situations, it has been shown to be ineffective in dimly lit environments.

Of the leading three biometric technologies, face is the only viable tool for surveillance or
watch list functions. Facial recognition systems are able to capture faces of people in
public areas and images from some distance away, suggesting that no physical contact is
required. Thus the system’s covert capability and capacity to be used in coordination with
existing national security databases and surveillance cameras or closed circuit television
(CCTV) systems make it a valuable biometric tool (Woodward, Horn, Gatune & Thomas,
2003). The performance of facial recognition technology has improved dramatically over
the past 14 years, with error rates dropping dramatically over this time (see Figure 11).
This increase in performance has been attributed to the development of the recognition
technology, higher resolution imagery and improved picture quality due to greater
consistency in lighting. Note that in Figure 11, FRR (false reject rate) equates to FNMR and
FAR (false accept rate) equates to FMR.

12
 DSTO-GD-0538

Figure 11: Decreasing error rates for facial recognition technology 1993-2006 10

In terms of user acceptance, facial recognition is generally widely acceptable since human
beings are already familiar with this process and the sensors (i.e. cameras) are well
understood and unobtrusive (Woodward, Horn, Gatune & Thomas, 2003).

3.3 Iris

Iris recognition systems are based on visible qualities of the iris (such as the trabecular
meshwork, rings, furrows and the corona).

Figure 12: Collage of irises 11

Iris structure is practically unique and may be sensed via regular and or/infrared light.
The first step in acquisition of an iris image is to position the camera the required distance
from the eye. Once the camera has situated the eye it narrows in (from right to left to avoid
the eyelids) to locate the outer edge of the iris. The unique visible characteristics of the iris
are converted into a template and stored for future matching.

10 Phillips et al (2007)
11 www.cl.cam.ac.uk

13
DSTO-GD-0538

Figure 13: Desktop iris scanning 12

Iris recognition technologies are used primarily in high security environments and account
for around 8% of the entire biometric market. IBG estimates that their use will increase
markedly, with revenues set to increase from $36 million in 2003 to $366 million in 2008
(http://www.biometricgroup.com/). Competition in the development of iris recognition
software had been stifled by a company called Iridian Technologies, who held patents for
iris recognition since the 1980s. These patents expired in 2005 and development of iris
recognition algorithms has flourished since (Phillips et al, 2007).

The claimed error rates for iris systems are exceedingly low. Iris Challenge Evaluation
2006 (ICE2006) reported an FNMR of 0.09 for an FMR of 0.001 (Phillips et al, 2007). Iris
technology appears to be very well suited to a range of verification applications,
particularly high security applications where low error rates are essential. The technology
does not lend itself to some identification activities because it requires a co-operative
enrolment process. Users must stay still while the iris image is being captured and many
users take some time to become accustomed to this aspect of iris recognition systems. For
this reason reported user satisfaction with systems that are used infrequently has been
poor (Bourlai et al, 2006).

3.4 Speaker Recognition

Speaker recognition is based on the analysis of the temporal and spectral characteristics of
a voice when articulating a set of words (either text dependent/known set, or text
independent or unknown). Speaker recognition is often confused with speech recognition
which translates what a user is saying, but does not verify it. The technology can utilise
any audio capture devices (such as mobile and land-line telephones and a range of
microphones). During enrolment users are prompted to either repeat a phrase or set of
numbers of approximately 1 to 1.5 seconds in length, several times. The temporal and
spectral characteristics are stored and a live voice recording is analysed for the same
features.

12 www.eyenetwatch.com

14
 DSTO-GD-0538

Figure 14: Speaker recognition headset and microphone 13

Speaker recognition systems currently command around 5% of the total biometric market.
IBG estimate that revenues from voice recognition systems will increase from $23 million
in 2003 to $225 million in 2008, in line with the demand for the systems in telephony-based
environments (http://www.biometricgroup.com/). It is the only biometric technique that
could be used to verify the identity of someone using a voice communication link,
although it is not a strong solution when speech is being introduced as a new process. Its
strength lies in the field of telephony and the cost savings made in reducing staff numbers
in call centres. Although speaker recognition systems have caused frustration among users
they are not considered invasive and for this reason are seen as preferable to some other
biometrics (Bolle et al, 2004).

Speaker recognition systems produce relatively low to medium error rates (particularly
FNMR), but are dependent on the quality of the data channel (communication link) used
to transmit the voice. For this reason it is preferable that the same device used for
enrolment is also used for verification. Speaker recognition systems may also be affected
by the quality of the voice itself (i.e. if the user is congested or is in a particularly noisy
environment).

3.5 Hand Geometry

Hand geometry sensors measure the dimensions of fingers and the hand to generate
descriptive templates. The sensing process is user friendly, which is the reason for their
relatively widespread usage in the areas of access control and time and attendance
monitoring. Hand geometry systems are currently in use in places of employment,
educational institutions and even at Disney theme parks for verification of season pass
holders. One of the most successful applications of hand geometry technology has been
the United States’ Immigration and Naturalisation Service Passenger Accelerated Service
System (INPASS), which enables frequent travellers to by-pass long immigration lines at
several international airports through the United States and Canada (Wasem et al, 2004).
Although IBG estimates that hand geometry revenues are expected to grow to $154 million
in 2008, the range of applications in which they are used is limited and hence the
technology will command less and less of the total biometric revenues (around 3% of the
total market).

In terms of sensors, hand geometry is captured using a charge coupled device (CCD)
digital camera. Users place their hand onto the reader’s surface, aligning it with several

13 www.vocollect.com

15
DSTO-GD-0538

pegs designed to keep the hand in place. The CCD digital camera then takes upwards of
100 measurements, which are converted to a template for storage and matching purposes
when verification is required.

Figure 15: Hand geometry sensor for access control 14

Hand geometry is a relatively accurate technology, user perceptions of the technology are
favourable and a wide range of users can use it with ease (Bolle et al, 2004). The
technology is at the more expensive end of the biometric spectrum, has not progressed
much in recent times, and its size may preclude it from being used in many access control
environments. Due to the fact that it is not uncommon to find similarities between hands,
hand geometry systems are restricted to verification programs only (i.e. are not suitable
for identification programs).

3.6 Signature

Signature verification systems use the distinctive behavioural features of a signature (such
as speed, pressure and stroke order) to verify the identity of the user, as opposed to a
simple physical crosscheck of one signature and another. Signature verification systems
currently account for around 2% of the biometric market. As the demand for signing
contracts, agreements and other documents electronically increases, signature verification
systems should grow. Indeed, IBG estimates that global revenue for signature verification
systems will increase from $9 million in 2003 to about $107 million in 2008.

Figure 16: Signature verification 15

14 www.datafoundry.com
15 http://economictimes.indiatimes.com

16
 DSTO-GD-0538

Signature verification systems work in conjunction with signature capture systems (such
as specialised tablets and styluses). Once captured, the signature is transmitted to a
computer for template generation and matching, where a decision is made whether to
accept or deny its authenticity. Signature verification systems have been found to have
relatively low FMR, can easily leverage off of other systems, and, as they are less invasive
than some other biometrics, user acceptance is high (Bolle et al, 2004). On the converse,
signature verification systems do not deal well with individuals who do not sign their
names consistently. In addition, illness or injury as well as the difference between signing
on paper with a pen versus on a tablet with a stylus may also affect the consistency of the
signature and FNMR.

3.7 Retina

The retina is a sensory tissue of the eye that consists of millions of photoreceptors which
gather light rays and transform them into electrical impulses which then travel through
the optic nerve into the brain to be converted into images. In the 1930s it was discovered
that every retina possesses a unique blood vessel pattern and, for this reason, photographs
of the blood vessel patterns of the retina could be used as a means of identification (Simon
& Goldstein, 1935).

Figure 17: The eye 16 Figure 18: Scanning area of the retina 17

Retina biometric systems use a light source projected into the eye to scan the vein pattern
of the retina. The error rates are claimed to be very low, but retinal scanning is a relatively
expensive and intrusive process that could only be considered for high security
applications with willing users (Bolle et al, 2004). For these reasons, retina biometrics have
tended to be used by large government departments or organisations with willing
participants requiring access to highly secure material or environments.

16http://ravidas.net
17 http://ravidas.net

17
DSTO-GD-0538

Figure 19: Retina scan of Iraqi Army recruit 18

3.8 Deoxyribonucleic acid

Figure 20: A DNA molecule
Deoxyribonucleic acid (DNA) is perhaps the most
accurate of all biometrics, but has thus far been restricted
to forensic applications. DNA contains genetic identity
information and, as such, is a rich source of information
about a person’s health as well as their identity. For this
reason there are privacy concerns with the use of DNA.
Verification of identity using DNA is also inherently slow
(a sample can take days to weeks to verify) and there are
issues with its uniqueness, as identical twins will have the
same DNA (Bolle et al, 2004).

3.9 Odour

Chemical odour has come to the fore due to recent advances in chemical analysis.
Electronic noses (e-noses) have been developed that can measure a spectrum of different
chemicals.

Figure 21: Schematic diagram of an electronic nose 19

The technology is still far from deployable, however, with a raft of issues such as the
impact of deodorant and perfumes and different health issues still to be addressed
(Korotkaya, 2003).

18 http://www.defensetech.org
19 Korotkaya (2003)

18
 DSTO-GD-0538

3.10 Ear

Ear anatomy has recently been studied as a potential

addition to the range of automated biometrics.
Researchers have used thermograms and images of the
ear for identification purposes. While the use of ear
anatomy has not been found to be successful on its own,
when coupled with facial recognition it has been shown
to markedly increase performance (Victor, Bower &
Sarkar, 2002).

Figure 22: Ear biometric 20

3.11 Veins

Veins have also been recognised as a unique characteristic that can be applied as a
biometric for verification. Veins are developed before birth and remain highly stable
throughout life, even differing between twins. Vascular pattern recognition systems
identify a person by using the patterns of veins on their finger, back of the hand, or palm
(although almost any body part with visible veins could be used). A camera captures the
vein pattern with a focus on the shape and location of the vein structure. Venous pattern
recognition is particularly popular in Japan, and is currently in use in selected banks and
ATMs throughout the country (Khan, 2006).

Figure 23: Vein scanner 21

3.12 Fingernail bed

Fingernail bed biometrics use scanners to capture the distinctive identifying characteristics
of the nail bed, such as ridges and valleys. Like iris patterns and fingerprints, these ridges
and valleys are thought to be unique to each individual (Bolle et al, 2004).

20 www.mit.bme.hu
21 www.dex.co.za

19
DSTO-GD-0538

Figure 24: Fingernail bed scanner 22

3.13 Skin
The reflectance spectrum of skin and its ability to provide information about the highly
person-dependent distribution of certain light sensitive chemicals, has lead to an
increasing amount of research into skin biometrics. The focus thus far, has been on skin
biometrics being used with fingerprints to provide liveness detection and to prevent spoof
attacks (Bolle et al, 2004).

3.14 Physiometrics

The study of physiometrics (biological indicators) for use in biometrics has been prompted
by the need to enhance the reliability and robustness of verification and identification
systems (Damousis, Tzovaras & Bekiaris, 2008). Such research has included investigations
into the utility of brainwaves as a biometric (Figure 25). The research assumes that
brainwaves, like iris and fingerprint patterns, are unique and this uniqueness could be
exploited in the security realm. Instead of passwords, people would instead use ‘pass
thoughts’ based on electrocephalogram (EEG) patterns to access a system or restricted area
(Ortiz Jnr, 2007; Riera, Soria-frisch, Caparrini, Cester & Ruffini, 2008).

Figure 25: Brainwaves depicted in an electrocephalogram trace 23

A quick search of patents databases uncovers several patents for the development of
biometrics using various kinds of physiometrics such as heart rate variability or
cardiovascular function (Wiederhold, Israel, Meyer & Irvine, 2003, see Figure 26) as well as
acoustic body scanning for both verification and identification (Koenig, 2002).

22 www.perso.orange.fr
23 http://neurocog.psy.tufts.edu

20
 DSTO-GD-0538

Figure 26: Identification by analysis of physiometric variation 24

Thus far such systems have required the attachment of monitors or have required close
proximity to a sensor (Greneker, 2006). Future research is aimed at eliminating the need
for monitors and the work ongoing in micro and nano-sensor development area
(Damousis, Tzovaras & Bekiaris, 2008) coupled with the lessons learned from non-contact
lie detection systems (Greneker & Geisheimer, 2001) may be of value here.

3.15 Thermogram
Thermograms are also beginning to gain popularity, particularly in the face and hand
recognition area. Thermograms are pictures of the body showing areas from which heat is
emanating. Such pictures are thought to be unique to individuals, although research is
ongoing (Jain, Ross & Prabhakar, 2004).

Figure 27: Facial thermogram 25

24 Wiederhold, Israel, Meyer & Irvine (2003)

25 www.perso.orange.fr

21
DSTO-GD-0538

3.16 Gait
Gait refers to the unique combination of motions by
which people walk. An analysis of temporal and
frequency components of motion from a radar sensor
may be used to identify people walking at a distance.

The primary use would appear to be in covert

surveillance applications and intelligence gathering,
where the ability to recognise people at standoff
ranges would be valuable. The technology is still in its
infancy with relatively high error rates at present
(Nixon & Carter, 2004).

Figure 28: Gait as a biometric 26

3.17 Work pattern analysis

Work pattern analysis is based on the individual idiosyncrasies unique to each person
carrying out a task. For example, the speed of typing, along with types and occurrences of
errors may be used to identify the user of a keyboard (key stroke analysis). Work pattern
analysis is carried out completely in the background and is not in any way obtrusive or
threatening to the user (Bolle et al, 2004).

3.18 Lips
The potential of lips as a biometric was discovered during research into speech and facial
recognition. It involves the capture of video footage of a subject’s lip motion during
speech. Specific features of the lips during speech are then extracted and used as a
comparison for future verification.

Figure 29: Lips as a biometric 27

Rather than a standalone biometric, it looks likely that lip motion would be used in
conjunction with other biometrics (such as facial recognition) (Cetingul, Yemez, Evzin, &
Tekalp, 2004). Researchers have also looked at lip shape as a possible identifying feature
(Gomez, Traviesco, Briceno & Ferrer, 2002).

26 www.perso.orange.fr
27 www.perso.orange.fr

22
 DSTO-GD-0538

3.19 Footprints

Research has also been devoted to the use of footprints. Most commonly used in the
forensic/crime science analysis field, work has recently been devoted to developing
technologies to capture and analyse footprint biometrics for identification and verification.
The aim is to capture directional and positional information of the feet, such as the
Euclidean distance between the feet and other geometric information. Pressure
distribution of the feet has also been investigated (Nakajima, Mizukami, Tanaka, &
Tamura, 2000).

3.20 Dynamic grip recognition

Much research has occurred in the US into the smart guns concept that uses dynamic grip
recognition (DGR) to enable a firearm to fire. DGR works through pressure sensors
embedded into a firearm’s grip (see Figure 30).

Figure 30: Dynamic grip recognition sensors on a handgun 28

When a user holds a gun their grip is like a password; the system can either match and
accept it (enabling the user to fire) or reject it (Chang et al, 2005). Other smart gun related
research is looking at the use of fingerprints, in addition to handgrip recognition, as a
method of user verification (Bolle et al, 2004).

3.21 Tongue

Researchers in Hong Kong have recently begun investigating the utility of using tongue
prints for verification and identification (Zhang, Liu, Yan & Shi, 2007). They argue that the
tongue is unique in terms of both its shape and surface texture (see Figure 31). Using
sample images of tongue-prints of 134 people, these researchers obtained a 93.3%
recognition rate.

28 www.weaponsblog.org

23
DSTO-GD-0538

Figure 31: Different shapes and surface textures of the tongue 29

The tongue has other advantages in that it is well protected from the environment and
difficult to forge, but health and hygiene issues will prove challenging. Further research is
required before the technology could be commercialised.

3.22 Comparison of technologies

Table 2, reproduced from the Dell Corporation website 30 , summarises five of the main
biometrics on the market today in terms of their benefits and disadvantages.

29 Zhang, Liu, Yan & Shi 2007

30 www.dell.com

24
 DSTO-GD-0538

Table 2: Benefits and disadvantages of fingerprint, face, iris, speaker/voice and hand biometrics
(reproduced from www.dell.com)

A quick-look comparison of all of the biometric technologies is provided in Table 3. The

biometric technologies have been compared on the following six criteria: uniqueness, or
how well the biometric separates one user from another; permanence, or how well a
biometric resists ageing; collectability, or how easy the biometric is to acquire;
performance, or how accurate, fast and robust the system is; acceptability of the biometric
by the public; and circumvention, or how easy it is to fool the system. The higher the
rating, on the low to high scale, the better the technology rates.

Table 3: Comparison of Biometric Technologies 31

Biometric Uniqueness Permanence Collectability Performance Acceptability Resistance to
Circumvention
Fingerprint High High Medium High Medium Medium
Facial Medium Medium High Medium High Medium
Iris High High Medium High Low High
Speaker Low Low Medium Low High Medium
Hand Medium Medium High Medium Medium Medium
Signature Low Low Medium Low High Medium
DNA High High Low Low Low Medium
Ear Unknown* Unknown* Medium Unknown* Unknown* Unknown*
Odour Unknown* Unknown* Unknown* Unknown* Unknown* Unknown*
Retina High High Low Medium Medium Medium
Veins High High Medium Medium Unknown* Unknown*
Dynamic grip Medium Medium Low Medium Unknown* Unknown*
Skin Medium Medium Medium Unknown* Unknown* Unknown*

31 Based on Simpson (2007)

25
 DSTO-GD-0538

Biometric Uniqueness Permanence Collectability Performance Acceptability Resistance to

Circumvention
Gait Unknown* Unknown* Medium Unknown* Unknown* Unknown*
Lips Unknown* Unknown* High Unknown* Unknown* Unknown*
Work pattern Medium Low Medium Medium Unknown* Low
Fingernail bed Unknown* Low Medium Unknown* Unknown* Unknown*
Thermogram Unknown* Low Low Unknown* Unknown* Unknown*
Physiometrics Unknown* Unknown* Low Unknown* Unknown* Unknown*
Footprint Unknown* Low Medium Unknown* Unknown* Unknown*
Tongue Unknown* Medium Low Unknown* Unknown* Unknown*

* More research is required

3.23 Parameters to guide the selection of biometrics

Sanderson and Erbetta (2000) have extensively studied the application of biometrics,
specifically in the military environment for the British Ministry of Defence (MoD). Table 4
summarises the parameters that they recommend must be taken into consideration when
selecting biometric technology. Although tailored towards the military environment, these
parameters could be used across a range of scenarios.

Table 4: Parameters to guide selection of biometrics (from Sanderson & Erbetta, 2000)
Parameter Explanation
Accuracy Is the system accurate in terms of low error rates?
Environment Is the technology fully deployable?
Ergonomics/user friendly Is the system user friendly?
Stability and Uniqueness Is the feature being measured unique and stable over time?
Security Is the system secure? Could it be easily tampered with or
spoofed?
Safety Is the system safe to use? Does it present any dangers to the
user?
Speed of enrolment and How long does it take to enrol a subject? How long does
recognition verification take?
Non-intrusiveness Is the technology intrusive to use?
Convenience Is the system convenient to use? Is the system convenient to
integrate with other systems or processes?
Cost How much does the technology cost?
Size of stored template How big is the stored template?
Operational limitations What are the limitations of the technology in the deployed
environment? (i.e. how well does the technology cope if the
user is wearing protective clothing?)
Requirement What is the system required to do? Can it perform both
identification and verification tasks?
Credible scientific research Is there credible scientific research to support the
technology?
Human acceptance Is the technology acceptable to users?

Besides application in the fixed strategic environment, biometrics will inevitably need to
be applied in a range of operational environments (particularly in the military and law
enforcement fields). Consideration of the above parameters should take into account the

26
 DSTO-GD-0538

requirements of the different environments, particularly the challenges of these

operational environments. Table 5 summarises the results of research in both the
operational/deployed and other environments and rates fingerprint, facial, and iris
technologies against the parameters defined by Sanderson and Erbetta (2000). Data to
populate this table has been obtained from a variety of sources including Sanderson &
Erbetta(2000); Bolle, et al (2004); Jain, Ross and Prabhakar (2004);
http://www.biometricgroup.com/; and the various vendor competitions – Fingerprint
Verification Competition (FVC) http://bias.csr.unibo.it/fvc2006, the Face Recognition
Vendor Test (FRVT) www.frvt.org and the Iris Challenge Evaluation (ICE)
www.iris.nist.gov/ICE.

Table 5: Parameters to guide selection of facial, fingerprint and iris biometrics in the Defence
environment
Parameter Fingerprint Face Iris
Accuracy Very accurate Accurate, although not as Most accurate of all
good as iris or fingerprint commercially available
biometrics (second only to
DNA)
Environment Can be used across a range of Can be used across a range Can be used across a range
environments, but contaminated of environments, but of environments
environments may cause issues susceptible to poor lighting
and different backgrounds
Ergonomics/user Once user is familiar, easy to use Easy to use Once user is familiar, easy to
friendly use
Stability and Stability may be affected by Likely to change (e.g. with Stable, probability of two
Uniqueness injury, environment and age. age, and health status), due people having the same iris
Probability of two people to similarity in face shapes, is 1 in 1078
possessing the same fingerprint is uniqueness is questionable
1 in 1080
Security Susceptible to spoofing, low Susceptible to spoofing, Spoofing is possible, but low
probability of success in high medium probability of probability of success in high
security systems. success. security systems.
Safety May be some hygiene issues with Safe to use Safe to use
sensors that require contact,
otherwise safe to use
Speed of Enrolment < 30 sec, verification < Enrolment < 35 sec, Enrolment < 1 minute,
enrolment and 1 sec, verification < 1 sec, verification < 2 sec,
recognition identification proportional to size identification proportional identification 1-2 sec based
of database to size of database on database of 100,000 irises
Non- Needs user cooperation Unobtrusive Needs user cooperation
intrusiveness
Convenience Range of different sensor sizes, Range of different camera Range of different sensor
fixed and free sizes, fixed and free sizes, fixed and free
Cost Low - Medium, varies according Low, varies according to Low - Medium, varies
to sensor sensor according to sensor
Size of stored Varies according to sensor, Varies according to sensor, Varies according to sensor,
template approx 250 bytes approx 1300 bytes approx 512 bytes
Operational Unsuitable for use with Poorly or excessively lit Possibly effected by the use
limitations protective clothing, damaged or environments may pose of protective eye wear,
soiled hands, but has been shown problems, backgrounds although some studies have
to work successfully in a variety may also impact on picture shown it to work through
of environments quality them

27
DSTO-GD-0538

Parameter Fingerprint Face Iris

Requirement Works well in watch list and Works well in surveillance, Does not work well in
verification applications watch list and verification surveillance or watch list
applications applications as user
cooperation is required
Credible Plethora of research, Fingerprint Plethora of research, Face Plethora of research, Iris
scientific Verification Competition (FVC) Recognition Vendor Test Challenge Evaluation (ICE)
research multi-vendor testing (FRVT) multi-vendor multi-vendor testing
testing
Human Some issues with acceptance exist Most accepted of all Questionable, more research
acceptance due to the association with biometrics required
criminality

3.24 Current directions

There are several current trends in biometrics that are worthy of discussion. They include
the rise of multimodal or fusion biometrics, the wide range of form factors now available,
and the combination of biometrics and smart cards.

3.24.1 Multimodal biometrics

The previous sections provided a summary of the main classes of biometrics. It should be
noted that not all of the above systems are used in isolation. It is currently more
commonplace to see multiple biometrics used in systems (such as fingerprints combined
with photographs). Such systems are referred to as multimodal (Ross & Jain, 2004).

The way biometric technologies are combined (the fusion strategy) can vary according to
the systems concerned. Systems can be fused at the decision level (i.e. feature extraction
and matching is done completely independently of each other, the individual decisions of
each system are then combined), matching score level (i.e. feature extraction and matching
is done completely independently of each other, the matching scores are combined to
arrive at a single decision), or the feature extraction level (i.e. the features extracted from
each system are combined into a single feature vector and used as a basis for matching and
decision making).

Multimodal biometric systems generally require more sensors, more data, and can,
therefore, take longer to verify. In addition, as they are comprised of single biometric
systems, they are also liable to suffer the shortcomings of those systems (Ko, 2005).
Advantages of using multimodal biometrics include that they are more reliable if one of
the biometrics is damaged (i.e. if a fingerprint is degraded due to age or injury, the other
biometric can be used for verification) so they improve population coverage and enhance
verification performance (Khan, 2003). Research has found that while the security
advantages of multimodal systems are clear, the performance gains achieved have been
smaller than expected due to accuracy of the individual systems themselves (Snelick,
Uludag, Mink, Indovina & Jain, 2005). Recent studies by the University of Canberra’s
National Centre for Biometric Studies, have found that combining text dependent and
independent voice recognition technologies to be very successful in terms of performance
(Summerfield, 2006).

A recent example of a multimodal biometric system used for military purposes is the
Biometric Automated Toolset (BAT), which uses iris recognition and fingerprint scanning.

28
 DSTO-GD-0538

The US military has used BAT in Afghanistan, Cuba and Iraq to populate HUMINT
databases that are shared with the Federal Bureau of Investigation. Interest in the
application of multimodal systems is increasing. The US DoD, for instance, is particularly
interested in the use of multimodal biometrics to provide the highest levels of accuracy
and probability of identification and verification, as well as to increase the security of their
applications (Kauchak, 2006).

The goal of multimodal biometrics is to reduce one or more of the FMR, FNMR, failure to
enrol rates, or susceptibility to attack (Ko, 2005) and research has demonstrated that
multimodal biometric systems are more accurate and more resistant to failure (Simpson,
2007).

NIST recently established the Multiple Biometric Grand Challenge (MBGC) 32 . The aim of
MBGC is to ‘investigate, test and improve performance of face and iris recognition
technology in both still and video imagery through a series of challenge problems and
evaluation’ (Phillips 2008, p. 2). The three main challenges for 2008’s MBGC are:

• Iris and Face Recognition from Portal Video. The goal is to develop algorithms that
recognise people from nIR image sequences and high definition video sequences,
acquired while the person of interest walks through a portal.
• Iris and Face Recognition from Controlled Images. The goal is to improve
performance on iris and face imagery using real-world high and low resolutions
frontal face images and still and video iris sequences.
• Still and Video Face. The goal is to advance recognition from unconstrained outdoor
video sequences and still images.

The results of the MBGC will be available in mid-2009 and it is envisaged that MBGC will
be a regular event that will investigate the utility of other multimodal systems in the
future.

3.24.2 Form Factors

Biometric sensors can be embedded into an acquisition device and the manner in which
this is done is known as the form factor (see Figure 32 and Figure 33 for two examples).
Sensors can be embedded in a device in a number of ways – on the side, protruding, on
top, recessed; the choice of which will obviously depend on the biometric concerned and
other ergonomic considerations. The range of device types that users can interact with
includes desktop peripherals, embedded desktop solutions, embedded physical access
solutions, and embedded wireless handheld solutions, although there is a trade-off
between sensor size and performance (Narayanaswami, 2005). Decreasing the sensor too
much can impact negatively on performance and increase costs.

32 http://face.nist.gov/mbgc/

29
DSTO-GD-0538

Figure 32: Biometric/fingerprint mouse 33 Figure 33: Biometric/fingerprint mobile phone 34

The type of application being deployed and the environment in which it is being applied
will ultimately drive the form factor.

3.24.3 Biometrics and smart cards

Smart cards have the ability to store large amounts of data, carry out their own card
functions and interact with a range of devices, such as the smart card reader. Combining
biometrics with smart cards provides users with trusted credentials for a wide range of
applications including access to facilities and secure networks. Such a multi-factored
method of verification is particularly well suited to high security environments. If a smart
card storing a biometric is lost or stolen, the card will be useless to anyone other than the
owner of the biometric. There are several options available for combining a smart card
with biometrics, each with their own advantages and disadvantages. These are discussed
in more detail below.

Sensor-on-card systems (see Figure 34), enable capture of the biometric (through the
embedded sensor), encryption and protection of the stored information, and the execution
of a matching algorithm (Bella, Bistarelli & Martinelli, 2003). The advantages of this
approach are that the bearer of the card has control of their own biometric template at all
times and the sensor resides on the card, which facilitates portability. The disadvantages,
however, include that the addition of the sensor can make the card bulky and expensive,
and the quality of the biometric captured is questionable. Sony was one of the few
companies engaged in developing such a smart card product in the late 1990s, but due to
increasing costs and size issues interest slowed. There is a resurgence in this technology
however, with a company in Austria currently developing paper thin fingerprint sensors
to be embedded into smart credit cards (Bullis, 2006) and another company in the US
currently marketing fingerprint sensor embedded cards for access control
(www.biometricassociates.com).

33 www.germes-online.com
34 www.casio.co.jp/

30
 DSTO-GD-0538

Figure 34: Sensor-on-card system 35

Match-on-card systems (see Figure 35) enable encryption and protection of the stored
information, and the execution of a matching algorithm (Bella, Bistarelli & Martinelli,
2003). The bearer of the card has control of their own biometric template at all times, as
opposed to other match-on systems that release the biometric template to another device
(either directly or over a network) to perform the matching function. In its most common
application, fingerprints and their associated matching algorithm are stored on a smart
card without compromising security. Fingerprint systems of this type have been studied
and found to be more robust in terms of their security against attack (Martinez-Diaz et al,
2006). A recent pilot program in Texas for 30,000 Medicaid members used match-on-cards
to overcome security and privacy concerns, as well as potential litigation issues, that may
come with storing large amounts of biometric information in a database (Piazza, 2005).
However, while the algorithms behind such smartcards can overcome some critical
privacy and security concerns, there is very little publicly available independent data on
their actual performance in comparison with traditional systems.

Figure 35: Match-on-card system 36

At the conclusion of the Fingerprint Verification Competition in 2006 (FVC 2006) 37

interested researchers were invited to help develop an evaluation protocol for smart cards
using fingerprints, specifically the match-on-card system. It is hoped that once an
appropriate methodology is developed, data collected at FVC2006 can be used to evaluate
the performance of such systems. Match-on-card systems are more expensive than the
traditional template-on-card systems as they require smart cards with embedded
microprocessor and operating systems to run the match application.

35 www.fidelica.com
36 www.fidelica.com
37 http://bias.csr.unibo.it/fvc2006/

31
DSTO-GD-0538

Template-on-card systems (see Figure 36) are the most common combination of biometrics
and smart cards currently available in the market (Bella, Bistarelli & Martinelli, 2003).
While this option enables encryption and protection of the stored biometric information, it
provides no protection when the template is released to another device (either directly or
over a network) to perform the matching function. This is the main disadvantage of this
option and raises a series of privacy and security issues.

Several researchers are, however, currently trying to overcome these security and privacy
issues by using the embedded cryptographic modules of the card to perform the match
(Bella, Bistarelli and Martinelli, 2003). The main advantage of this system is the research
and development behind it, proven performance, and its low cost in comparison with
match-on-card and sensor-on-card systems (this is because small operating systems and
onboard applications are generally sufficient for template-on-card systems to function).

Figure 36: Template-on-card system 38

There are many examples of smart cards and biometrics in practice around the world
today, both within and outside of the Defence environment. In the US DoD, for instance,
there are several biometric enabled smart cards currently in use for access control and
identity management. They include the Common Access Card (CAC), which uses face and
fingerprint, the Defense Biometric Identification System (DBIDS), which uses face,
fingerprint and/or hand geometry, and the Biometric Identification System for Access
(BISA), which uses face, fingerprint and iris. The Personal Identity Verification (PIV) card
is a new identity card for US Federal employees. The PIV uses face and fingerprint
biometrics for both access control and identity management (collecting all ten fingerprints
at enrolment to send to the FBI for background checking) (Hamilton, 2007). The US
transportation sector has recently introduced the Transport Workers Identity Credential
(TWIC), which uses fingerprint and face for access control and identity management. The
Italian MoD has introduced an identity card that utilises face, signature and fingerprint
with the option of adding further biometrics as required, such as iris. Perhaps the largest
project combining smart cards and biometrics is the Ration Card System in India, which
combines a smart card with identification information and an iris biometric. The card has
been distributed to some 80 million people across the country in a bid to better manage
rationing and reduce fraud (Ryan, 2007).

38 www.fidelica.com

32
 DSTO-GD-0538

3.25 Future directions

In terms of future directions for biometrics, a search of the US patents database for patents
registered since the year 2000 mentioning the term biometric in the title or abstract yields
399 different patents. Included among them are patents for improving pre-existing
biometrics (such as the use of holographic images or fingerprint scar recognition to
improve fingerprint recognition) and those proposing new biometric measures and
technologies (such as the use of physiometrics (e.g. heart rate variability or cardiovascular
function) or acoustic body scanning for both verification and identification).

4. Biometric applications
Biometrics can be applied to a range of functions broadly categorised as verification,
identification or watch list functions. The following sections provide a little more detail on
the vast range of applications of biometrics.

4.1 Physical access control

People require varying degrees of access to certain buildings, facilities and/or resources.
Intruders may try to gain access for the purposes of espionage or sabotage. Photo or other
passes/smart cards can be used to manage access by authorised persons and to keep out
intruders, but the possession of a pass or smart card alone does not guarantee that the
holder is the person authorised to use the pass. For instance, photo passes could be
modified to allow gate access by unauthorised persons. In addition, lost passes
compromise security and add to administrative workload, and the failure of casual users
to surrender passes when no longer required could cause security problems.

Biometric systems could alleviate some of the problems with existing processes, but it
should be highlighted that biometric systems only distinguish between people and, with
the exception of some facial recognition systems, they do not have mechanisms to identify
that there is someone present who should be subjected to an identification process. Thus,
biometric systems may be most useful where access is supervised by humans to prevent
people from bypassing the biometric device, or where access is physically restricted until
biometric identification has been completed. This could include gates where a guard
maintains a general surveillance of the gate area or an automated gate/doorway which
only allows people through one at a time. In these circumstances, a biometric system could
be considered if it improved security, added an ability to track access by authorised users,
and reduced costs. Other limitations of using biometrics for access control include:
• the security of the biometric information (should it be stored on a database or on a
smart card?, security and privacy issues arise with each);
• environmental issues and their impact on the functioning of sensors (e.g., the deployed
environment presents a series of challenges to biometric sensor functioning);
• usability issues (e.g., failure to acquire a usable fingerprint due to degradation with
age or injury); and

33
DSTO-GD-0538

• spoofing and other system vulnerabilities (e.g., a user attempts to use a moulded
fingerprint overlay to gain access to a system).

4.2 Logical access control and protection of IT systems

IT systems have two main vulnerabilities. First, the main server areas and communication
links are physically at risk, and second, unauthorised users may access the data on a
network via unsecured software. These two types of vulnerability may be reduced using
biometric technologies. In the case of the physical security of server hardware,
technologies such as facial recognition, fingerprint and iris scanning are appropriate.
Information access control on computer systems is currently implemented by a
combination of physical access control for terminals, hierarchical access control in
operating systems that restrict a user to software that he/she is authorised to use, and
logon identification with unique (and regularly changing) passwords. Physical access to
terminals could also be regulated using biometric technologies such as fingerprint and iris.

System access could be controlled using biometrics. Logon verification can be

accomplished via individual fingerprint sensors on the keyboard, facial recognition or iris
recognition via a video camera or speaker recognition via microphone input. Logon access
could also be used to ensure that the user was granted only the appropriate level of access.
For instance, many banks in Japan have installed biometric systems at their ATMs to
combat identity fraud, most using iris, finger or hand vein sensors (Celent, 2006). This
process removes the need for passwords, along with the maintenance overheads and
associated security issues. Continuing access could be controlled requiring the user to
input their biometric (e.g. face or fingerprint) at regular intervals throughout a session
(known as challenge and response).

Once again, there are several limitations of using biometrics for control of access to IT
systems, including the security of the stored data (i.e., can the database be compromised?);
environmental concerns when used in the deployed environment (e.g. gritty fingerprints
are hard to read and verify); usability and user acceptance issues (i.e., high FNMR due to
poor fingerprint quality may negatively impact on usability); and the impact of spoofing
and other system vulnerabilities (i.e., the system could be compromised by the use of a
substitute biometric, such as a picture of a face or iris).

4.3 Personnel management

Biometrics are also relevant in the personnel management area, particularly for the
management of personnel identities, safety systems, payroll and leave. For instance, the
US transportation sector recently introduced the Transport Workers Identity Credential or
TWIC, which uses fingerprint and face for access control and identity management. The
system not only provides companies with identification assurance for employees (through
interfacing with FBI databases) but is also intended to be used in maintaining safety
throughout the sector through monitoring driving times, accidents and other
infringements. In 2006, the US military deployed a new system to Iraq, the Biometric
Identification System for Access (BISA). Given the complexity of the operation in Iraq,
many foreign nationals are required to work on US bases. An improved security system
was required to ensure that the identity of all foreign nationals could be assured. The BISA
delivers this capability. It involves the collection of facial, fingerprint and iris data from

34
 DSTO-GD-0538

employees and placing this and other identification data on a smart card, which is then
used for a range of personnel management and physical access functions.

Limitations of using biometrics for personnel management include the security of the
stored data (i.e., can the database be compromised?); usability and user acceptance issues
(i.e., will staff be willing to accept the change, will staff trust the organisation to only use
the biometric information for the intended purpose?); and the impact of system
vulnerabilities (i.e., if the system was to fail, what contingencies are in place?).

4.4 Identity management

In terms of identity management there are a range of applications for biometrics in the
travel and tourism, crowd management, welfare management, and education sectors, in
addition to detainee management, for instance.

In the travel and tourism sector, biometrics are now playing a key role in identity
management. The International Civil Aviation Organisation (ICAO) sets international
standards in the industry and have recommended facial recognition as the primary
biometric with iris and fingerprint as backup (but not compulsory). In Australia, border
processing is being automated by use of the SmartGate system (see Figure 37). SmartGate
acquires a live image of a subject’s face and uses facial recognition technology to match the
image with the digitised image stored in the subject’s ePassport. If there is a successful
match, the subject is cleared to proceed through the Customs control point. If there is not a
successful match they would be referred to a Customs Officer for processing in the
traditional, manual way.

Other biometrics are also being used in the travel and tourism sector. The United States’
Immigration and Naturalisation Service Passenger Accelerated Service System (INPASS),
for instance, uses hand geometry biometrics to enable frequent travellers to by-pass long
immigration lines at several international airports through the United States and Canada
(Wasem et al, 2004).

Figure 37: Qantas aircrew member using a Smart Gate terminal 39

Biometrics also have application in the crowd management area. In January 2007, for
instance, officials at a sporting arena in Amsterdam trialled the use of fingerprint scanners

39 www.customs.gov.au

35
DSTO-GD-0538

to exclude known trouble makers from major football games (see Figure 38). Similar
systems were also trialled during the 2006 World Cup in Germany.

Figure 38: Fingerprint scanner at a sporting arena in Amsterdam 40

Biometrics are also being used in welfare management. The Ration Card System in India
combines a smart card with identification information and an iris biometric. The card has
been distributed to some 80 million people across the country in a bid to better manage
rationing and reduce fraud in the country’s welfare system (Ryan, 2007).

In the education sector, biometrics are being tied to school identity cards in a bid to reduce
crime and fraud in schools. Fingerprints and handprints are the most commonly used
biometrics in schools to manage student identity. Acceptance of biometrics in the
education sector has been mixed, with many civil libertarian groups banding with parents
and students to force institutions to offer alternative security arrangements to biometrics,
for those that protest (Deubel, 2007).

The need to manage detainees of any kind is crucial and biometrics have come to the fore
in providing identity assurance in this area. Biometrics, in particular face, fingerprint and
iris, have been used by the military to manage prisoners of war and refugees, and to track
persons of interest (Krane, 2003). Biometrics have been particularly useful in this area to
overcome language and literacy barriers. Biometrics, specifically fingerprints, are also
being used in the correctional system to track inmates when they move within or between
different facilities (Miles & Cohn, 2006).

There are several limitations of using biometrics for identity management, including:
• acceptability, ethical and cultural issues (i.e., have users been adequately educated, do
they find the system acceptable, is the system accessible and usable by all?);
• the security of the biometric information (i.e, should it be stored on a database or on a
smart card?, security and privacy issues arise with each);
• cost and maintenance issues (i.e., how will the system be funded, what maintenance
will be required, how will biometrics change with age/how often will new biometrics
be required?); and

40 http://www.engadget.com

36
 DSTO-GD-0538

• spoofing and other system vulnerabilities (e.g., a user attempts to use a moulded
fingerprint overlay to gain access to a system).

4.5 Weapons or other sensitive technologies control

Some forms of weapon systems have strategic as well as tactical implications and are
subject to strict control measures to ensure that they cannot be used without proper
authorisation, or by accident. Biometric identification would offer an additional safeguard
in identifying valid persons to operate these systems. There may also be occasions where
weapon systems require a high degree of training in order for them to be used safely and
without risk to friendly forces. Biometrics could be used as an additional identifier of
persons authorised to use such weapon systems. In cases requiring extreme security, iris
recognition would appear to be the most suitable technology, due to the exceptionally low
error rates claimed for the technology. High quality fingerprints may also be suitable. The
United States Navy have recently integrated a fingerprint scanner into a prototype
Advanced Tomahawk Weapons Control System with pleasing results (Wilson & Shank,
2003). Face, hand, voice or fingerprint recognition could be considered for applications
requiring lower security levels. In some circumstances, it may be feared that conventional
arms could fall into enemy hands and be used against friendly forces. In those
circumstances, it may be possible to include a biometric verification into the activation
process to ensure that enemy forces could not use such systems. Much research has
occurred in the US into the smart guns concept that uses either dynamic grip recognition
(Chang et al, 2005) or fingerprint or iris scans (Bolle et al, 2004) to authorise a user to fire.

The value of biometrics in this type of application would need to be balanced against the
need for weapons to be available to other friendly forces in an emergency. Any technology
used in this type of application would need to be quick acting and robust, with error rates
a secondary consideration to positive function (i.e., there would be a trade-off between
FMR and FNMR, with a need to minimise FNMR). Limitations include the impact of
environmental conditions on the system’s ability operate effectively (i.e. the use of certain
protective clothing may impact on the ability of a sensor to capture a biometric of
adequate quality to be able to verify a user); and the impact of spoofing and other system
vulnerabilities (e.g. increasing the FMR (through decreasing the FNMR) may make the
system easier to attack).

4.6 Management of major plant

Major plant, such as machinery or vehicles, must be operated and maintained by
appropriately qualified personnel. Biometric identity verification could be used to ensure
that this occurs and that there is traceability in the event of equipment failure. Transport
companies currently use work patterns to ensure that only qualified drivers use their
trucks (Bolle et al, 2004) and the US military has trialled biometrics for access control to
vehicles (Woodward et al, 2001). In addition, voice, face or fingerprint recognition could
be relatively easily incorporated in to the computers used in plant maintenance to ensure
that the identities of qualified maintenance personnel can be verified.

As with other applications, there are limitations here, including the security of the stored
data (i.e., can the database containing biometric information be compromised?);
environmental concerns when used in the deployed environment (e.g. protective clothing

37
DSTO-GD-0538

may impact on the ability of the sensor to capture an adequate biometric); usability and
user acceptance issues (e.g., high FNMR due to issues with protective clothing may
negatively impact on usability); and the impact of spoofing and other system
vulnerabilities (i.e., the system could be compromised by an attack which denies service to
all users which would have a major domino effect on related business).

4.7 Communications (verification of electronic identification)

Secure communications are essential to many sectors of society (such as the military, law
enforcement or financial sectors), for relaying information, orders and other time critical
information. Information may be transferred by a variety of channels and protocols, such
as voice, image or data formats. In all cases, there is a need to ensure that the data
originated from a trusted source and is valid. This could be accomplished in a number of
ways. First, written information could be validated by recognition of handwritten
signatures, as is currently done by humans. The advantage of an automated system is that
it may be more reliable than a human. Second, data and images, including electronic
messages, could be validated by including a biometric measure of the person who
originated the message. This could be checked against stored biometrics of people in
authority for validation of the authenticity of the message. Suitable biometrics would
include fingerprint, face, iris, or voice, or combinations of these (multimodal option).
Biometric verification in this application would be quick and accurate, but such a system
would be dependent on the security of stored biometric templates at the receiver. Third,
information transmitted over audio links could be verified by incorporating speaker
recognition software at the receiver with a gallery of known templates of authorised
persons.

As with other forms of biometric verification, there are a series of limitations such as the
security of stored data at the receiver (could it be compromised and what would be the
impact?); the impact of environmental conditions on the system’s ability operate
effectively (e.g., particularly noisy environments can wreak havoc on a speaker
recognition system to function efficiently); and the impact of spoofing and other system
vulnerabilities (e.g. a damaged sensor could render the whole system useless).

4.8 Counter-terrorism, counter-insurgency or stand-off recognition

operations

Biometrics are now providing an added ability to identify persons of interest, particularly
at border crossings, or near vulnerable facilities. In addition, movement of such persons of
interest can be tracked by monitoring biometrics used for other purposes, such as those
used for banking or travel. In stand-off recognition operations, biometric technologies
could enable the identification of persons of interest at a distance (e.g., using facial
recognition software and a pre-prepared database of images of these persons of interest).

Imaging is the most appropriate sensing technology for stand-off operations and the
biometrics that may be applied include face, gait, ear, thermogram and iris. Of these, face
and iris systems (close-range, with cooperative users) are well developed with known
error rates, but the others are still in varying phases of development (Bolle, Connell,
Pankanti, Ratha & Senior 2004). Speaker (or voice) recognition is another technology that

38
 DSTO-GD-0538

is applicable, particularly at a distance. Like face, it is well developed with known error
rates, but most research and development has occurred in support of verification, as
opposed to identification. Other emerging biometrics, such as footprints, lips, odour and
physiometrics (biological signals), show some potential, although development of these
modalities is still in its infancy.

Figure 39: Facial recognition at a distance (50-300 m) 41

There are several limitations of using biometrics for support to such operations including:
• limitations in the type of biometrics that can be used (i.e., for surveillance and watch
list type operations, facial and voice recognition technology are the only tried and
tested technologies currently available to use; it is difficult to enrol many persons of
interest in the more intrusive biometric technologies such as iris);
• challenges of the deployed environment (e.g., many facial recognition systems still
have difficulty with poor lighting; the need to carry more kit); and
• the impact of spoofing and other system vulnerabilities (e.g., the system could be
compromised by the use of a substitute biometric, such as a picture of a face or iris).

4.9 Forensic identification

It is often necessary to identify individuals after a crime, accident or military action.
Biometrics have been providing this type of identification for centuries. DNA and
fingerprint analysis can be used to identify both offenders and victims and this
information can be stored on databases and used for later applications, as is the case with
the FBI’s database. As with the other applications, the use of biometrics for forensic
identification has limitations including the time required to analyse DNA samples and the
challenges of crime and accident scene biometric collection.

41 Yao et al (2006)

39
DSTO-GD-0538

5. Issues
Like any technology, the use of biometrics carries with it some risks and issues. The
following sections discuss the vulnerabilities of biometrics and ways to mitigate against
these vulnerabilities, as well as a range of other issues such as: usability and user
acceptance; health concerns; privacy issues; policy impacts; and integration and
interoperability issues.

5.1 Security concerns - biometric vulnerabilities

Biometric systems, like any technology, may be subject to attempts to bypass them. When
developing biometric systems, manufacturers are required to establish fault tolerance
limits, but there is a trade-off in doing this. If a manufacturer sets a low fault tolerance
limit then the security of the system is increased, but the system generally becomes a little
less user friendly. On the converse, if the manufacturer wants to make a system very user
friendly, the security aspects of the system generally suffer as a consequence. While
biometric technology is becoming more and more secure, its vulnerability to attack needs
to be determined in any system application (Jain, Ross & Uludag, 2005).

Attacks on biometric systems include zero effort, minimal effort and group. Zero effort
attacks are those in which an intruder makes no effort to maximise the chance of success.
In such attacks, an intruder may find (or steal) a smart card with a biometric and attempt
to gain access to a system using their own biometric on the off chance that they will be
successful. Minimal effort attacks are like zero effort attacks accept that the intruder steals
or gains access to a smart card belonging to someone with similar biometric characteristics
to them (i.e. similar hand size or facial features). In organised attacks, a group of intruders
uses a range of resources and combined effort to gain access to a system.

A number of vulnerabilities and possible areas of attack exist in biometric systems

including:

Mimic. A user attempts to copy the biometric of a true user. Someone attempting to ‘sound
like’ someone else by modifying his or her voice pitch and annunciation would be an
example, as would the use of a facial disguise to confuse a facial recognition system.
Substitution or fake biometric. A user attempts to use a substitute input to the sensor.
Examples include a person using a moulded fingerprint overlay with someone else’s
pattern embossed on it, or use of digital face images or digitised latent fingerprints.
Synthesised features. A fake data stream is injected into the system as in the so-called hill
climbing attack (Jain et al, 2005) that iteratively changes the false data to achieve better
match scores.
Look alike. A person attempts to capitalise on a similarity in biometrics. Identical twins may
be able to confuse a facial recognition system in this way.

40
 DSTO-GD-0538

Sensor damage. A malicious user attempts to damage a sensor to prevent it functioning. A

fingerprint system could be confused by a greasy imprint to either cease functioning or
function erratically, possibly providing unwarranted access.
Database/communication corruption. Many biometric systems rely on a database as the
primary source of reliable information. The operation of such a system could be severely
compromised if an unauthorised user gained access to the database or the associated data
links in order to falsify database information or corrupt it.
Avoidance. The physical security surrounding a biometric device may allow a user to
bypass the system (e.g. by jumping a gate). Biometric systems suffer just as much from this
type of problem as other security systems.
Disruption. Some biometric systems rely on remote sensing, and these systems would be
vulnerable to disruption of the sensing process. Examples would be to introduce smoke or
irregular lighting into a region where a facial recognition system was operating, or
excessive background noise in the vicinity of a voice recognition system.
False enrolment. If someone enrols in the system using fake identification to begin with, the
biometric system has become compromised.
Reuse of residual data. Some biometric systems retain the last few biometric records in their
local memory. This could be compromised and the data reused to gain access.
Replay attack. In this case, biometric data is captured, modified and replayed to the system
to gain access.
System overrides. Various aspects of the biometric system could be modified. The feature
extraction module, for instance, could be interfered with to modify or manipulate data for
processing. The parameters of the system (such as the error rates) could also be
manipulated to severely impact on system quality and effectiveness.
Denial of service. This is where the system becomes overwhelmed and therefore denies
requests for access (due to a power loss or physical damage, for example).

Roberts (2007) has defined the areas in a biometric system that can be attacked (some of
which are described above) as threat vectors. These are summarised in Figure 40.

41
DSTO-GD-0538

Figure 40: Biometric threat vectors (reproduced from Roberts, 2007)

Biometric system vulnerability is a significant issue. Many researchers have deliberately

set out to tamper with a range of biometric technologies, with considerable success. For
instance, a group of researchers in Germany tested eleven biometric systems to ascertain
their vulnerability to tampering. While none of the systems were designed for a high-
security environment, all of them could be tampered with and outwitted using items
commonly available in an office stationary cupboard (Thalheim, Krissler & Ziegler, 2002).
Other successful attempts to thwart the system have also been studied, including
extensive work by the Communications-Electronics Security Group (CESG) in the UK
under their biometric vulnerabilities assessment program (Gordon & White, 2007). CESG
have simulated casual impostor/zero effort attacks, easy/weak template generation,
access to template/data store, generic spoofing – artificial attempts, mimicry and fakes,
and wire snooping and replay attacks on facial, fingerprint and iris software being
considered for use in the UK government. CESG have used these vulnerability
assessments to design a series of countermeasures tailored to the various biometrics
technologies being implemented.

5.1.1 Addressing biometric vulnerabilities

Roberts (2007) summarised a number of successful defences against the biometric

vulnerabilities mentioned above including risk analysis, challenge/response mechanisms,
randomising input biometric data, liveness detection, multiple biometrics, multimodal
biometrics, soft biometrics, cryptography, template integrity, cancellable biometrics,
hardware integrity, network hygiene, physical security, activity logging, compliance
checking and policy.

The adoption of biometric systems raises a plethora of issues. For instance, decisions
regarding biometric template storage and the location of matching algorithms, in addition
to other system and storage elements, leads to a range of possible architectures. Each one
of these architectural options should be assessed for risks, threats and vulnerabilities.

42
 DSTO-GD-0538

Selection of appropriate defences to overcome the range of biometric vulnerabilities can

then be aided by this risk analysis. Risk assessments can be performed using a range of pre-
existing risk management frameworks and standards for IT systems. The vulnerabilities of
the biometric technology itself should not be the only consideration in such a risk
assessment. It is important to also thoroughly understand the sophistication of the
potential attackers (Graves, Johnson & McLindin, 2003) as well as the particular points at
which a biometric system can be attacked, the so called threat vectors (Roberts, 2007).

Griffin (2004) has proposed a quantitative cost/risk/threat analysis model for biometric
technologies that incorporates the costs of false matches and non-matches as well as the
probability of imposters or attacks. The equations below represent a simple model of the
costs, C, associated with a biometric system, including costs of damages caused by
impostors who achieve a false match, cintruder , compared with a baseline cost. The cost
coefficients, c, represent the average costs associated with true and false matches and non-
matches for genuine users and intruders respectively. The probabilities, P, are functions of
the chosen threshold, with the usual trade off between FMR and FNMR. The variable N
represents the expected number of genuine users and intruders. There may also be fixed
initial and ongoing costs associated with introducing and maintaining a biometric system.
The equations could be modified to include explicit representation of time by giving rates
instead of absolute values for numbers and costs.

C system = (c FNM PFNM + c TM PTM )N genuine +

(c TNM PTNM + (c FM + cintruder )PFM )N intruder + C fixed
C baseline = c intruder N intruder

Cost coefficients for genuine users should include opportunity costs to account for time
spent interacting with the biometric system, and the additional costs incurred by a false
non-match. In the military context a false non-match could have a large opportunity cost if
a genuine user is prevented from operating a system at a critical time, for example when a
hostile aircraft is fleetingly vulnerable to an air defence system. There could be a deterrent
effect accompanying the introduction of a biometric system which could change the
impostor count. If the intruder count is small the introduction of a biometric system could
cost more than the damage it is trying to prevent. False non-matches could be particularly
costly. By incorporating the threat of attack into the risk analysis, threat models can be
used as the basis for design, policy development, and test and evaluation planning.

Some of the more common defence mechanisms available to overcome vulnerabilities in

biometrics are summarised below.

Challenge/response defence mechanisms in biometrics prompt the user (at certain time
intervals or in response to a certain stimuli or absence of stimuli) to re-verify (e.g., put
their finger on the sensor).
For users who have enrolled multiple biometric samples (such as three different fingers or
fingerprint and iris) the input biometric required for verification could be randomised (e.g., in
the morning a door might request your index fingerprint, at lunchtime it could request
your iris for verification).

43
DSTO-GD-0538

Liveness detection is used to ensure that the biometric sampled is from a live person.
Examples of liveness detection include blinking of eye, moving eye from side to side or
pulse. Schuckers (2002) and Sandström (2004) provide a range of examples of liveness
detection.
Multimodal biometrics (i.e. combining iris with fingerprint or multiple representations of the
same biometric i.e. 3 fingers) adds a level of complexity and further deters would-be
attackers and defence against spoofing.
Multi-factor verification, such as the combination of a smart card with a biometric, increases
the level of complexity again. As Martinez-Diaz et al (2006) showed, storing a user’s
biometric template and matching algorithm on a smart card can be done without
compromising security and is highly resistant to attack (due to the cryptographic element).
Soft biometrics (such as weight, height, age, gender and ethnicity) could also be stored on a
database and used as further evidence to support verification.
Jain, Ross & Uludag (2005) have reported work ongoing in the use of cryptography to
enhance the security of biometric systems. Biometric cryptosystems are gaining
popularity. They combine biometrics and cryptography, enabling all biometric matching
to occur in the cryptographic domain. Like many of the defence mechanisms in
development, biometric cryptosystems still have a variety of issues to be addressed before
they can be faultlessly applied in an operational setting (Uludag, Pankanti, Prabhakar &
Jain, 2004; Hao, Anderson and Daugman, 2006). Other work is ongoing in areas such as
steganography (embedding biometric information in benign host images to enhance
security); algorithm development (to embed dynamic features into an image, for example);
and distortion functions (that can be used to generate cancellable biometrics).
Cancellable biometrics slightly modify the biometric data at the feature extraction stage
(Ratha, Chikkerur, Connell, & Bolle, 2007). When a stored template is compromised the
current (compromised) template is cancelled and replaced with a new one thereby
assisting in recovery after an attack.
Physical security (the management of access to biometrics systems and stored data) and
activity logging (such as repeated failed access attempts) are also key defence mechanisms
against spoofing and attack.

5.2 Usability and user acceptance

In addition to the technical component, biometric systems also have a human component.
To be effective, biometric systems need to be usable and accepted by users (Sasse, 2003).
According to Shackel (1975), a system is usable if the intended users can meet a desired
level of performance operating it, the amount of learning or practice to achieve this level of
performance is appropriate, the system does not place any undue physical or mental strain
on the user, and users are satisfied with the experience of interacting with the system.
Usability of biometric systems is often assessed on three criteria: performance of the
system, user satisfaction, and cost. Performance is measured in terms of effectiveness and
efficiency (i.e., the speed and accuracy of both enrolment and verification).

In terms of accuracy of biometric systems, there is always a trade-off between minimising

both the number of false matches (the FMR) and false rejects or non-matches (the FNMR).
That is, there is always a trade-off between security (minimising false matches) and

44
 DSTO-GD-0538

usability (minimising false non matches). FNMR can have a significant impact on
throughput time (i.e., the efficiency of the biometric system).

The time taken to enrol and the time taken for the system to match a user are also key
factors in usability of biometric systems. Most leading biometric technologies (such as
fingerprint, face and iris) take less than 1 minute to enrol a user (fingerprint and face
typically less than 30 seconds) and matching can take less than a second, although this is
dependent on the number of records that have to be searched to find the match (Simpson,
2007). Biometric degradation issues (such as age and environment) can greatly impact on
performance, particularly time taken to enrol. There are two additional error conditions
specific to biometrics: failure to acquire (FTA) and failure to enrol (FTE). FTA refers to the
percentage of the target population that does not possess a particular biometric or does not
deliver a usable biometric sample i.e. someone with injury or scarring to their fingers may
not provide usable fingerprints. FTE refers to the percentage of the target population that
cannot be enrolled. This may be due to either procedural, social or technology issues. It is
important, in line with equity and diversity principles, to show that the biometric system
is inclusive of all users (or should outline how it will deal with those users who will be
difficult to enrol). Ashbourn (2005) has identified a range of reasons for FTA and FTE and
these are summarised in Table 6.

Table 6: Factors that impact on biometric system usability and performance 42

System Issues Demographics User Physiology User Behaviour User Appearance
Template Age (all Facial hair (face Accent or dialect Bandages (hand, face,
ageing (all systems) systems) (voice systems) or fingerprint
systems) Ethnic origin (all Disability and disease Expression, systems)
systems) (all systems) intonation and Clothing (all systems)
Gender (all Fingernail length (hand volume (voice Contact lenses (iris
systems) or fingerprint systems) systems) systems)
Occupation (all Eyelashes (iris systems) Facial expressions Cosmetics (face
systems) Fingerprint condition (face systems) systems)
(fingerprint systems) Written language Glasses (face or iris
Height (all systems) (signature systems) systems)
Iris colour intensity (iris Misspoken or False fingernails
systems) misread phrases (hand or fingerprint
Skin tone (face or iris (voice systems) systems)
systems) Movement (all Hairstyle or colour
Change in weight (face systems) (face systems)
or hand systems) Rings (hand or
fingerprint systems)

User satisfaction is the subjective assessment of the performance of the system from both a
user and administrator perspective. It is important to understand the impact on users and
their feelings about the technology (e.g., hygiene concerns when making contact with a
fingerprint scanner, from a user perspective, and hard to understand instructions from an
administrator perspective). Patrick (2004) found the biometric systems with the highest
levels of user satisfaction were those that were accompanied by training and feedback so
that users could better understand the technology and use it properly.

42 Ashbourn (2005)

45
DSTO-GD-0538

A cost benefit analysis should also be performed to assess the user costs and benefits,
economic costs and benefits, as well as the security costs and benefits of the system. User
costs relate to ‘the physical and mental effort required to interact with a system’ (Sasse,
2003, p.2). To avoid negative user cost, systems have to be safe to use and should not
induce worry or stress. Economic costs relate to the resource expenditure and security
costs relate to the impact on security of the introduction of a biometric system. Some of the
benefits of incorporating biometrics have been discussed previously in this paper (e.g.
enhanced security aspects and enhancing the chain of trust) and more will no doubt come
to light with further evaluation. The US Navy, when assessing the costs of integrating
biometrics with a tactical weapons system, simply looked at the costs of a verification
system in general and compared the existing verification system with a biometric one.
They broke costs down to deployment related (e.g. acquisition of hardware and software)
and operational related (e.g. time to administer, maintenance and replacement costs)
(Wilson & Shank, 2003). As previously discussed, Griffin (2004) has developed a
quantitative cost/risk/threat analysis specific for biometric systems that may be
applicable. It takes the traditional cost benefit analysis a step further to incorporate risks
and threats.

User acceptance is imperative for any system to be efficient and effective (Spence, 2007).
Unhappy users can slow down the system, cause errors or, in extreme cases, sabotage the
system (Sasse, 2003). There are many aspects of a biometrics system that may be
unacceptable to users. Factors such as safety of the equipment (concerns about
contamination or eye damage); chances for mistaken identity; privacy and safety concerns;
or the data being used for alternative purposes are of concern to some users.

According to Bolle et al (2004) three key factors contribute to user acceptance in biometric
systems:
• Users need to believe that there is a credible need for increased security. Good
education programs can help to assure users that they are at risk and a commitment to
good security behaviour reiterates this (Sasse, 2004).
• Users need to believe that the biometric system is more convenient to use than
previous systems and works correctly. For instance, a high level of false rejects or non-
matches would negatively impact on user acceptance of the system.
• Users need to be able to trust that their data is held securely and used only for its
intended purpose. Users need to know that their biometric data is safe (i.e., that it
cannot be copied or changed) and that it will only be used for its intended purpose.

A recent large scale biometrics project in the Italian MoD demonstrated how user
acceptance had a wide ranging influence on some of the practical choices the project
managers made and, as a consequence, was a key factor in the success of their project
(Riccardi, Peticone & Savastano, 2005).

5.3 Health concerns

The capture of biometric information in authentication systems involves the interaction of
a user with a machine (e.g., a user may be required to touch a sensor and that sensor may
send some radiant energy towards that individual). Health concerns surrounding the use
of biometrics are directly related to the contact nature of some sensors (such as fingerprint

46
 DSTO-GD-0538

scanners) and the possibility of those sensors being contaminated with germs from
previous users. In addition, some users also have concerns about the amount of radiant
energy they may absorb during the capture process from some sensors.

Research has shown that the health risks associated with the use of biometrics are
negligible and similar to the health or contamination risks experienced in everyday life
(Bolle et al, 2004). Touching a biometric sensor has been likened to touching a door knob
and the levels of radiant energy emitted from many sensors have been shown to not be
harmful to users. For instance, studies on the Iridian Technologies iris scan systems in use
at the John F Kennedy Airport in New York found that their irradiance (the amount of
energy per unit time per unit area) was way below the maximum allowed limits for the
prevention of heating of the cornea and their radiance (amount of energy per unit time per
unit solid angle per unit area in the direction of travel) was also way below the maximum
allowed limits to prevent thermal damage to the retina
(http://www.jfkiat.com/Iris%20Scan/Iris%20scan%20Health.htm). ‘What may represent
a real risk to the vendors and to the biometric community is casual or intentionally
distorted information on medical risks from biometrics spread indiscriminately by the
media’ (CESG, 2007). A commitment to education, regular safety testing, and accreditation
of systems will help to reassure users that the risks are minimal and in line with those
experienced in everyday life.

5.4 Privacy issues

Biometric systems are by nature invasive of privacy since they make it possible for
authorities to track users while they go about their lawful business (Ashbourn, 2005). As
with health concerns, privacy concerns related to the use of biometrics continue to be a
favourite topic for media hype. Privacy concerns can be real or imagined and a user’s
perception of the invasiveness of biometrics will impact on their acceptance of the system
(Sasse, 2003).

Table 7 presents a framework that the US DoD have recently recommended employing to
help assess the potential privacy impact of their biometric programs (DSBTF, 2007). As the
Defense Science Board Task Force (DSBTF) evaluation highlighted, the majority of the
DoD’s biometric applications, particularly those relating to identity management, fall into
the right hand side of the framework (i.e., towards the greater risk of privacy
invasiveness).

47
DSTO-GD-0538

Table 7: BioPrivacy Application Impact Framework 43

Lower risk of privacy invasiveness Greater risk of privacy invasiveness

Overt Covert
1. Are users aware of the system's operation?

Optional Mandatory
2. Is the system optional or mandatory?

Verification Identification
3. Is the system used for identification or verification?

Fixed Period Indefinite

4. Is the system deployed for a fixed period of time?

Private Sector Public Sector

5. Is the deployment public or private sector?

Individual, Employee,
6. In what capacity is the user interacting with the
Customer Citizen
system?

Enrolee Institution
7. Who owns the biometric information?

Personal Database
Storage 8. Where is the biometric data stored? Storage

Behavioural 9. What type of biometric technology is being Physiological

deployed?

Templates 10. Does the system utilize biometric templates, Images

biometric images, or both?

According to the BioPrivacy Framework (www.bioprivacy.org/bioprivacy_text.htm):

• Biometric systems that are overt, where users are aware that data is being collected,
stored, and used are perceived to be less invasive of privacy than covert systems.
• Biometrics systems that are mandatory tend to come under more suspicion or scrutiny
than those that are optional simply because they are imposed on users.
• Verification systems (where the system performs a 1:1 check) are less likely to be
invasive of privacy compared with identification systems (that perform 1:N checks).
• Biometric systems deployed indefinitely do tend to arouse more suspicion, but those
designed to secure logical or physical access are unlikely to reduce personal privacy.
• Biometric systems deployed in the public sector are viewed as more invasive of
privacy due to their perceived potential for abuse and ability to be connected to other
Government departments or databases. Of particular concern for many users is the

43 www.bioprivacy.org

48
 DSTO-GD-0538

impact that policy changes may have on the availability of their personal data,
sometimes referred to as function creep.
• Employees are inevitably mandated to use biometric systems and privacy concerns
include those such as function creep. Employees need to be informed and their consent
obtained when changes are made to the system or the way their biometric data may be
used.
• Biometric systems where institutions maintain ownership of a user’s biometric data
raise a range of privacy issues. Systems that give the user complete control of the
storage, use and disposal of their biometric data (such as storage solely on a smart
card) are less likely to raise privacy issues.
• Linked to the above, biometric systems that opt for database storage of information are
more liable to be abused or attacked than those that store biometric information locally
(such as on a smart card). Although the chance of biometric templates being reverse-
engineered is slight, the risks should never be underestimated (Roberts, 2007). The
perceived risk of personal information, even in template form, being copied, changed
or stolen is enough to raise the privacy concerns for many users.
• Physiological biometrics are, by their nature, very difficult to change or mask and can
be collected without user compliance. This raises privacy concerns for users.
• The decision to retain identifiable biometric images obviously raises more privacy
issues compared with the decision to store templates only. It should be noted though
that many users still do not understand the difference between a biometric image and
template and this is where education is important.

To reiterate, the perceived risk of personal information, even in template form, being
copied, changed, used for another purpose or stolen is enough to raise privacy concerns
for many users. It is imperative that any introduction of biometrics is accompanied by
policy, and education and training that cover the privacy aspects of the technology. Such
education and policy needs to include a well-defined vision and set of objectives for the
application of biometrics. The benefits of using biometrics over other systems must also be
discussed and the policy should demonstrate how the use of biometrics is the best solution
(technical, scenario and operational evaluations can help to achieve this).

5.5 Integration and support requirements

It is important when embarking on any major project to understand the impact that it will
have on the wider system environment: the people, processes, policies, and other
technologies. Contrary to the claims of many vendors, biometric technologies are not very
adept at plug and play (Kaplan, 2007 and UKBWG, 2002). This is particularly true when
the requirement is to authenticate hundreds or thousands of users in complex
environments, such as the deployed military environment (International Biometric Group,
2007). The addition of biometrics to a verification system will require the addition of new
hardware and software and possibly involve changes to pre-existing hardware. The
following are some of the key technical considerations that will need to be made:

Template storage issues – should the biometric information (template) be stored on the smart
card exclusively or in a database (in support of the chain of trust)? What are the associated
security and privacy issues?

49
DSTO-GD-0538

Computer resources – what computer resources will be required to support sensors and
matching algorithms?
Maintenance – what are the maintenance requirements of the chosen biometric system?
What implications do these have in terms of cost and time, and who is responsible?
Contingency planning – in the event of technology breakdown what contingency plans need
to be developed? If the technology fails, what backup methods could be used (e.g., use
picture on card only?) Who is responsible for developing these?
Upgrades – as with any technology, biometric technology will require system and sensor
upgrades from time to time. What implication does this have in terms of cost and time,
and who is responsible? In addition, as the algorithms underlying the biometric systems
will also require upgrades, what will be the impact of such upgrades? What will be the
backwards and forwards compatibility issues?
Testing/evaluation/compliance testing – Who will conduct testing and evaluation of the
biometric system? Who will be responsible for ongoing compliance testing on the system?

5.5.1 Education and training

Increasing user awareness through education and training has been shown to increase
user acceptance of biometrics (Riccardi, Peticone & Savastano, 2005; Ashbourn, 2005). A
world-wide study commissioned by Unisys Corp in 2006, found that 66% of consumers
supported the use of biometrics for identity verification (which was a significant
improvement on previous studies). Respondents from the US and Canada supported
biometrics for identity verification more than any other region (over 70%), although the
Asia Pacific region also showed good support (68%). The researchers concluded that the
reason for the significant change in acceptance was the level of education ongoing in the
field. Besides formal training programs, Unisys cited other methods, such as daily
reminders of biometrics through posters and login messages, and articles in relevant
publications, as being integral to user awareness and acceptance (Unisys, 2006).

It is important to note that education and training can start before biometrics have even
been implemented. Green and Romney (2005) surveyed 200 employees from the
education, technology and public service sectors about their feelings towards biometrics.
Responses were very negative, with security (regarding data storage and access), and
privacy concerns the dominant issues. Respondents were then invited to take part in an
online technology briefing about biometrics with a focus on security, safety, and privacy
issues after which they were surveyed again. Significant differences were found between
the initial survey and the second one, enabling the researchers to conclude that education
has a positive impact on the perceptions of biometrics.

Training has also been found to be a key in meeting expectations about manufacturer’s
performance specifications. Wilson and Shank (2003) found that by training users (through
a formal classroom briefing followed by close supervision during enrolment, to provide
users with guidance) they were able to ensure they stored good quality templates and
minimised error rates as a result. The media hype regarding health issues associated with
the use of biometrics could also be addressed in training and education programs, as
could the many privacy concerns. ‘An informed, aware user is probably one of the key
factors contributing to a successful real-world deployment of biometrics’ (CESG, 2007).

50
 DSTO-GD-0538

5.6 Evaluation requirements

In order to better understand the strengths and weaknesses of biometric systems,

particularly their real-life performance in a variety of contexts, it is crucial that any system
under consideration is subjected to a rigorous evaluation process (Phillips, Martin, Wilson,
& Przybocki, 2000). Evaluations of biometric systems generally fall into three categories:

Technology evaluations test the biometric systems off-line, using data that has not been seen
by the algorithm developers in order to compare competing algorithms from a single
technology.
Scenario evaluations evaluate the biometric systems in a simulated real-world environment
in order to determine overall system performance in the simulated environment.
Operational evaluations employ a biometric system in a real world environment to
determine if it is sufficiently mature to meet operational performance requirements
(Mansfield and Wayman, 2002).

In addition to these three categories of evaluation, vulnerability assessments are also

essential, particularly in highly secure environments. It should be noted that such
evaluations and assessments do not replace the need for ongoing compliance checking or
red-teaming of the chosen biometric system (Roberts, 2007).

DSTO has developed techniques for analysing the characteristics of biometric systems, for
verification purposes, in operational settings, for both Defence and other Government
departments. This involves consideration not only of technical factors but also the conduct
of trials in the operational setting. This approach takes into account a large number of the
variables (e.g., environmental factors such as lighting, human behaviour such as crowding
and organisational processes) that influence the performance of biometric systems in real-
world applications. In addition, DSTO have identified work process considerations and
other human factors issues (such as usability) that effect the introduction of the technology
(Kaine, 2003).

5.7 Interoperability issues

Any decision to adopt biometrics also needs to take into account the range of inter-
operability issues that such a decision presents. Interoperability issues will exist locally,
nationally and internationally and involve the examination of hardware and software,
data formats, and guidelines.

Given the substantial growth of the biometrics market and interest in the technology,
many industry standards have emerged to cover a range of biometric technologies and
issues. Standards help to increase the quality and competitiveness of the market, while
enabling interoperability across jurisdictions, both nationally and internationally. While
the US currently has the lead on developing biometric standards, there is much work
ongoing in Europe (see http://www.eubiometricforum.com), and standards are also
currently being developed in Australia (led by Standards Australia and the Australian
Government Information Management Office or AGIMO). In addition, Australia also has
representatives commenting on the key set of international standards for the
implementation of biometrics, namely ISO/IEC JTC1 SC37 (http://isotc.iso.org). Many

51
DSTO-GD-0538

other countries are developing their own standards, both on a country-wide and sector by
sector basis. For instance, the US DoD is working closely with the National Institute of
Standards and Technology (NIST) to ensure biometric standards are reflecting the
intricacies of the military environment. It is vitally important that the biometric standards
of others be taken into account to facilitate interoperability.

6. Conclusion
In recent years automated biometric systems, such as facial, fingerprint, and iris
recognition systems, have been developed to facilitate a range of functions broadly
categorised as verification, identification or watch list functions. Such automated systems
offer advantages over current strategies, including the elimination of fatigue effects
associated with human performance and adding the possibility of measuring features
(e.g., iris pattern) that cannot be readily sensed by humans. Biometrics have been
successfully applied across a range of procedures and processes to enhance security
including physical and logical access control, management of major plant and machinery,
weapons control, identity management, and personnel management.

The decision to introduce biometrics should not be taken lightly. Automated biometric
systems need to be seen as an adjunct to existing systems, adding to techniques already
used, and organisations contemplating the adoption of biometric technology need to
understand that there are a range of issues that should be addressed. Privacy and security
concerns need to be addressed early and have multiple policy implications (security,
identity management, and privacy policies etc.). In terms of security, the vulnerability of
biometric systems to attack should be determined in any system application, and any
system under consideration should be subjected to a thorough vulnerability assessment,
including analyses of system vulnerability, attacker profiles, and threat vectors. The
decision to adopt biometrics should also be subject to a usability and user acceptance
study, and the privacy issues of introducing biometrics should be noted and addressed in
relevant policy. A training and education package to accompany the introduction of
biometrics should also be considered. The introduction of biometrics brings with it a range
of integration and support requirements that should also be addressed, specifically those
relating to interoperability. Common standards, data formats, guidelines and evaluation
programs should be developed or adopted to take into account the various biometric
standards and frameworks already in place. Finally, biometric systems should only be
considered where they add significant operational advantages to an existing capability.

The future appears lucrative for biometrics. With annual global biometrics revenues
projected to grow from $2.1 billion in 2006 to $5.7 billion in 2010 and with inspection of
patent databases uncovering a range of new and exciting applications, biometrics truly
appear to be living up to the tag applied to them by the MIT Technology Review in 2001 as
one of the ‘top ten emerging technologies that will change the world’.

52
 DSTO-GD-0538

7. References
Akarun, L, Gokberk, B & Salah, AA 2005, ‘3D Face Recognition for Biometric
Applications’, Proceedings of the 13th European Signal Processing Conference (EUSIPCO),
September 4-8, 2005, Antalya, Turkey,
http://www.arehna.di.uoa.gr/Eusipco2005/defevent/papers/cr1899.pdf, last
accessed 27 March 2007.

Ashbourn, J 2005, The social implications of the wide scale implementation of biometric and
related technologies, background paper for the Institute of Prospective Technological
Studies, DG JRC, Sevilla, European Commission.
http://cybersecurity.jrc.es/docs/LIBE%20Biometrics%20March%2005/SocialImplicati
ons_Ashbourn.pdf, last accessed 27 March 2007.

Bella, G, Bistarelli, S & Martinelli, F 2003, Biometrics to Enhance Smartcard Security,

http://www.sci.unich.it/~bista/papers/papers-download/mocviatocfinal.pdf, last
accessed 27 March 2007.

Blackburn, T, Butavicius, M, Graves, I, Hemming, D, Ivancevic, V, Johnson, R, Kaine,

A, McLindin, B, Meaney, K, Smith, B & Sunde, J 2003, Biometrics Technology Review
2002, DSTO-GD-0356.

Bolle, RM, Connell, JH, Pankanti, S, Ratha, NK & Senior, AW 2004, Guide to Biometrics,
Springer, New York.

Bourlai, T, Drygajlo, A, Kittler, J, Kryszczuk, K, Prodanov, P & Richardi, J 2006,

BioSecure: Biometrics for Secure Authentication Report,
http://www.cilab.upf.edu/biosecure1/public_docs_deli/BioSecure_Deliverable_D08-
1-2_b2.pdf, last accessed 27 March 2007.

Bullis, K 2006, ‘Smart cards with built-in fingerprint scanners’, MIT Technology Review.
http://www.technologyreview.com/Biztech/17040/, last accessed 27 March 2007.

Celent 2006, Biometric ATMs in Japan: Fighting Fraud with Vein Pattern Authentication,
http://www.celent.com/PressReleases/20060329(2)/BiometricsJapan.htm, last
accessed 20 July 2007.

CESG (Communications-Electronics Security Group) 2007, Management Summary 07:

Health and Safety Issues in Biometrics,
http://www.cesg.gov.uk/site/ast/index.cfm?menuSelected=4&subMenu=4&display
Page=407, last accessed 30 April 2007.

Cetingul, HE, Yemez, Y, Evzin, E & Tekalp, AM 2004, ‘Discriminative Lip Motion
Features for Biometric Speaker Identification’, Proceedings of the 2004 International
Conference on Image Processing (ICP),
http://ieeexplore.ieee.org/iel5/9716/30678/01421480.pdf, last accessed 27 March
2007.

53
DSTO-GD-0538

Chang, KI, Bowyer, KW & Flynn, PJ 2005, ‘An Evaluation of Multimodal 2D+3D Face
Biometrics’, IEEE Transactions on Pattern Analysis and Machine Intelligence, 27(4), pp. 619-
624, http://ieeexplore.ieee.org/iel5/34/30436/01401913.pdf, last accessed 27 March
2007.

Chang, T, Chen, Z, Cheng, B, Cody, M, Liska, M, Recce, M, Sebastian, D & Shishkin, D

2005, ‘Enhancing handgun safety with embedded signal processing and dynamic grip
recognition’, Proceedings of 31st Annual Conference of IEEE Industrial Electronics Society,
November 6-10, 2005.

Chen, Y, Jain, A, Parziale, G & Diaz-Santana, E 2006, 3D Touchless Fingerprints.

http://www.biometrics.org/bc2006/presentations/Wed_Sep_20/BSYM/20_Chen_res
earch.pdf, last accessed 27 March 2007.

Damousis, I.G., Tzovaras, D. & Bekiaris, E. 2008, ‘Unobtrusive Multimodal Biometric

Authentication: the HUMABIO Project Concept’ Journal on Advances in Signal Processing,
http://www.hindawi.com/GetArticle.aspx?doi=10.1155/2008/265767&e=ref, last
accessed 12 May 2008.

Deubel, P 2007, ‘Biometrics in K-12: The Legal Conundrum’, T.H.E. Journal,

http://www.thejournal.com/articles/20494, last accessed 27 July 2007.

Down, MP & Sands, RJ 2004, ‘Biometrics: An Overview of the Technology, Challenges

and Control Considerations’, Information Systems Control Journal.
http://www.isaca.org/Template.cfm?Section=Home&CONTENTID=21337&TEMPLA
TE=/ContentManagement/ContentDisplay.cfm, last accessed 27 March 2007.

DSBTF (Defense Science Board Task Force) 2007, Report of the Defense Science Board Task
Force on Defense Biometrics, March 2007, http://www.acq.osd.mil/dsb/reports/2007-
03-Biometrics.pdf, last accessed 12 April 2007.

DSTO (Defence Science and Technology Organisation) 2007, SmartGate Series One Factory
Acceptance Testing Eragny, France, DSTO-TR-2036, DSTO Edinburgh, SA (RESTRICTED).

Greneker, EF 2006, ‘Radar Technology for Acquiring Biological Signals’, The Journal of
Credibility Assessment and Witness Psychology, vol. 7, no. 2, pp. 127-134.

Greneker, EF & Geisheimer, J 2001 ‘Non-Contact Lie Detector using Radar Vital Signs
Monitor (RVSM) Technology’, IEEE Aerospace and Electronic Systems Magazine, vol. 16, no.
8, pp. 10-14.

Gomez, E, Traviesco, CM, Briceno, JC & Ferrer, MA 2002, ‘Biometric Identification

System by Lip Shape’, Proceedings of the 36th Annual IEEE International Carnahan
Conference on Security Technology,
http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1049223, last accessed 27 March
2007.

Gordon, N & White, C 2007, CESG Biometric Programme, NZ_AU Presentation.

54
 DSTO-GD-0538

Graves, I, Johnson, R & McLindin, B 2003, ‘Problems with False Accept Rate in
Operational Access Control Systems, Proceedings of the 4th Australian Information Warfare
and IT Security Conference, Adelaide, November 2003, pp. 129-135.

Green, N & Romney, GW 2005, ‘Establishing public confidence in the security of

fingerprint biometrics’, Proceedings of the 6th International Conference ITHET, July 7-9,
2005, Juan Dolio, Dominican Republic,
http://ieeexplore.ieee.org/iel5/10436/33131/01560332.pdf?arnumber=1560332, last
accessed 27 March 2007.

Griffin, P 2004, Predicting performance of fused biometric systems, Identix Research,

September, 2004.

Hamilton, W 2007, ‘Understanding the impact of federal credentialing programs’, The

Winter 2007 Biometrics Summit, February 26 – March 1, 2007, Miami, Florida.

Hao, F, Andersdon, R, & Daugman, J 2006, ‘Combining Crypto with Biometrics

Effectively’, IEEE Transactions on Computers, 55(9), pp. 1081-1088.

Hogg, RV & Tanis EA 2000 Probability and Statistical Inference, 6th Edition, Prentice Hall,
New York.

International Biometric Group 2007, Systems Integration,

http://www.biometricgroup.com/core_capabilities.html, last accessed 27 March 2007.

ISO/IEC 19795-1-2006 2006, Information Technology – Biometric performance testing and

reporting. Part 1 – Principles and Framework, 2006-04-01.

ISO/IEC JTC 1/SC 37 Biometrics 2004, 1st Working Draft 24714, Biometrics – Technical
Report on Cross Jurisdictional and Societal Aspects of Implementation of Biometric
Technologies, American National Standards Institute.

Jain, AK, Ross, A & Prabhakar, S 2004, ‘An Introduction to Biometric Recognition’,
IEEE Transactions on Circuits and Systems for Video Technology, 14(1), pp. 4-20.

Jain, A, Ross, A & Uludag, U 2005, ‘Biometric Template Security: Challenges and
Solutions’, Proceedings of the 13th European Signal Processing Conference (EUSIPCO),
September 4-8, 2005, Antalya, Turkey.

Kaine, A 2003, ‘The Impact of Facial Recognition Systems on Business Practices within
an Operational Setting’, Proceedings of the 25th Conference on Information technology
Interfaces ITI 2003, June 16-19, 2003, Cavtat, Croatia.

Kaplan, D 2007, ‘From InfoSec 2007: Effective biometric solutions still face hurdles before
widespread deployment’, SC Magazine, 20 March 2007,
http://scmagazine.com/us/news/article/644931/from-infosec-2007-effective-biometrics-
solutions-face-hurdles-widespread-deployment/, last accessed 9 May 2007.

55
DSTO-GD-0538

Kauchak, M 2006, ‘A Multimodal Future’, Special Operations Technology Online Archives,

4(3), http://www.special-operations-technology.com/article.cfm?DocID=1391, last
accessed 27 March 2007.

Kuester, N 2006, Military Multi-modal Biometric System Analysis, thesis in partial

fulfilment of Master of Psychology (Organisational and Human Factors), University of
Adelaide.

Khan, I 2006, Vein Pattern Recognition – Biometrics Underneath the Skin,

http://www.findbiometrics.com/article/320, last accessed 27 March 2007.

Khan, M 2003, Multimodal Biometrics: A more secure way against Intruders,

http://multimedia.ece.uic.edu/FIT03/Day-2/S11/p3.pdf, last accessed 27 March 2007.

Ko, T 2005, ‘Multimodal Biometric Identification for Large User Population Using
Fingerprint, Face and Iris Recognition’, Proceedings of the 34th Applied Imagery and Pattern
Recognition Workshop (AIPR05).

Koenig P 2002, Personal identification method and apparatus using acoustic resonance analysis of
body parts, US Patent 6724689,
http://patft.uspto.gov/netacgi/nph-
Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-
bool.html&r=1&f=G&l=50&co1=AND&d=PTXT&s1=%22Personal+identification+method
+apparatus+using+acoustic+resonance+analysis+body+parts%22.TI.&OS=TTL/, last
accessed 10 May 2008.

Korotkaya, Z 2003, Biometric Person Authentication: Odor,

http://www.it.lut.fi/kurssit/03-04/010970000/seminars/Korotkaya.pdf, last accessed
27 March 2007.

Krane, J 2003, ‘U.S Military Compiles Biometric Database On Iraqi Fighters, Saddam
Loyalists’, Information Week,
http://www.informationweek.com/story/showArticle.jhtml?articleID=9800069&ls=T
W_051403_fea&fb=20021204_security, last accessed 27 March 2007.

Mansfield, AJ & Wayman, JL 2002, Best Practices in Testing and reporting Performance of
Biometric Devices, NPL Report CMSC 14/02,
http://www.cesg.gov.uk/site/ast/biometrics/media/BestPractice.pdf, last accessed
27 March 2007.

Martinez-Diaz, M, Fierrez-Aguilar, J, Alonso-Fernandez, F, Ortega-Garcia, J, Siguenza,

JA 2006, ‘Hill-Climbing and Brute-Force Attacks on Biometric Systems: A Case Study
in Match-on-Card Fingerprint Verification’, Proceedings of the 40th Annual IEEE
International Carnahan Conference on Security Technology, October 16-20, 2006, Lexington,
Kentucky.

Miles, CA & Cohn, JP 2006, ‘Tracking Prisoners in Jail With Biometrics’, NIJ Journal 253,
http://www.ojp.usdoj.gov/nij/journals/253/tracking.html, last accessed 20 July 2007.

56
 DSTO-GD-0538

Nakajima, K, Mizukami, Y, Tanaka, K & Tamura, T 2000, ‘Footprint-Based Personal

Recognition’, IEEE Transactions on Biomedical Engineering, 47(11), pp. 1534-1537.

Narayanaswami, C 2005, ‘Form Factors for Mobile Computing and Device Symbiosis’,
Proceedings of the Eighth International Conference on Document Analysis and Recognition
(ICDAR'05), pp. 335.

Nixon, MS & Carter, JN 2004, ‘On Gait as a Biometric: Progress and Prospects’,
Proceedings of EUSIPCO 2004, Vienna, Austria.

Ortiz Jnr, S 2007, ‘Brain-computer Interfaces: Where Human and Machine Meet’,
Computer.
http://www.computer.org/portal/cms_docs_computer/computer/homepage/Jan07
/COM_017-021.pdf, last accessed 27 March 2007.

Parks, DR, Roederer, M & Moore, WA 2006 ‘A New ‘‘Logicle’’ Display Method Avoids
Deceptive Effects of Logarithmic Scaling for Low Signals and Compensated Data’,
Cytometry Part A, 69(A): 541–551, International Society for Analytical Cytology,
http://herzenberg.stanford.edu/Publications/Reprints/LAH517.pdf.

Patrick, AS 2004, Usability and Acceptability of Biometric Security Systems, IST-044-RWS-

007, http://www.nrc-cnrc.gc.ca, last accessed 27 March 2007.

Piazza, P 2005, ‘The Smart Cards are Coming…Really’, Security Management Online,
http://www.securitymanagment.com/library/001697.html, last accessed 27 March
2007.

Phillips, PJ 2008, Multi Biometrics Grand Challenge Kick-Off Workshop, Presentation, April 18,
http://face.nist.gov/mbgc/mbgc_presentations.htm, last accessed 12 June 2008.

Phillips, PJ, Martin, A, Wilson, CL & Przybocki, M 2000, ‘An Introduction to

Evaluating Biometric Systems’, Computer, http://www.frvt.org/DLs/FERET7.pdf, last
accessed 27 March 2007.

Phillips, PJ, Scruggs, WT, O’Toole, AJ, Flynn, PJ, Bowyer, KW, Schott, CC & Sharpe, M
2007, FRVT2006 and ICE 2006 Large-Scale Results,
http://face.nist.gov/frvt/frvt2006/FRVT2006andICE2006LargeScaleReport.pdf, last
accessed 5 April 2007.

Ratha, N, Chikkerur, S, Connell, JH & Bolle, RM 2007, ‘Generating Cancellable

Fingerprint Templates’, IEEE Transactions on Pattern Analysis and Machine Intelligence,
29(4), pp. 561-572.

Riccardi, L, Peticone, B, & Savastano, M 2005, ‘Biometrics for massive access control –
traditional problems and innovative approaches’, Proceedings of the 2005 IEEE Workshop
on Information Assurance and Security, United States Military Academy, West Point,
New York.

57
DSTO-GD-0538

Riera, A, Soria-frisch, A, Caparrini, M, Cester, I & Ruffini, G 2008, ‘Unobtrusive

Biometric System Based on Electroencephalogram Analysis’, EURASIP Journal on
Advances in Signal Processing, vol. 2008, pp. 1-8.

Roberts, C 2006, Biometric Technologies - Fingerprints, http://www.ccip.govt.nz/ccip-

publications/ccip-reports/Biometrics%20Technologies%20-%20Fingerprints.pdf, last
accessed 27 March 2007.

Roberts, C 2007, ‘Biometric attack vectors and defences’, Computers and Security,
26(2007), pp. 14-25.

Ross, A & Jain, A 2004, ‘Multimodal Biometrics: An Overview’, Proceedings of EUSIPCO

2004, Vienna, Austria.

Ryan, R 2007, ‘How to successfully design and deploy biometrics to protect identity
and overcome privacy concerns’, The Winter 2007 Biometrics Summit. Feb 26 – March 1,
2007, Miami, Florida.

Sanderson, S & Erbetta, JH 2000, Authentication for Secure Environments Based on Iris
Scanning Technology, http://ieeexplore.ieee.org/iel5/6829/18346/00847019.pdf, last
accessed 27 March 2007.

Sandström, M 2004 Liveness Detection in Fingerprint Recognition Systems, PhD Thesis,

http://www.diva-portal.org/diva/getDocument?urn_nbn_se_liu_diva-2397-
1__fulltext.pdf.

Sasse, MA 2004, Usability and trust in information systems,

http://www.dti.gov.uk/files/file15320.pdf, last accessed 27 March 2007.

Sasse, MA 2003, Usability and User Acceptance of Biometrics,

http://www.cesg.gov.uk/site/ast/biometrics/media/Usability_and_User_Acceptanc
e.pdf, last accessed 27 March 2007.

Schuckers, SAC 2002 Spoofing and Anti-Spoofing Measures, online article for Elsevier
Information Security Report on Biometrics,
http://www.citer.wvu.edu/members/publications/files/15-SSchuckers-Elsevior02.pdf.

Shackel, B 1975, Applied Ergonomics Handbook, IPC Technology Press, Guildford.

Simon, C & Goldstein, I 1935, ‘A New Scientific Method of Identification’, New York State
Journal of Medicine, 35(18), pp. 901-906.

Simmons, C 2005, TBS Announces First Touchless, 3D Live-Scan Fingerprint System.

http://www.send2press.com/newswire/2005-04-0405-008.shtml, last accessed 27
March 2007.

Simpson, I 2007, ‘Biometrics: Issues and Applications’, Proceedings of the 6th Annual
Multimedia Systems Conference, January 13, 2007, University of South Hampton.

58
 DSTO-GD-0538

Snelick, R, Uludag, U, Mink, A, Indovina, M & Jain, A 2005, ‘Large Scale Evaluation of
Multimodal Biometric Authentication Using State-of-the-Art Systems’, IEEE
Transactions on Pattern Analysis and Machine Intelligence, 27(3), pp. 450-455.

Spence, B 2007, Biometrics in Physical Access Control: Issues, Status and Trends,
http://www.siaonline.org, last accessed 27 March, 2007.

Summerfield, C 2006, Voice Authentication Evaluations, National Centre for Biometric

Studies Conference on Voice Authentication for Identity Management, September 28,
2006, University of Canberra.

Tao, Q, van Rootseler, R, Veldhuis, R, Gehlen, S & Weber, F 2007, ‘Optimal Decision
Fusion and Its Application on 3D Face Recognition’, Proceedings of the Workshop on
Biometrics and eCards, Darmstadt, Germany,
http://www.3dface.org/files/papers/veldhuis-CAST2007-
OptimalDecisionFusion.pdf last accessed 27 July 2007.

Thalheim, L, Krissler, J & Ziegler, P-M 2002, Body Check: Biometric Access protection
Devices and their Programs Put to the Test,
http://www.heise.de/ct/english/02/11/114/, last accessed 27 March 2007.

Uludag, U, Pankanti, S, Prabhakar, S & Jain, AK 2004, ‘Biometric Cryptosystems: Issues

and Challenges’, Proceedings of the IEEE, 92(6), pp. 948-960.

Unisys 2006, Consumers Worldwide Overwhelmingly Support Biometrics for Identity

Verification, Says Unisys Study, Unisys Media Release No: 0406/8651,
http://www.unisys.com/about__unisys/news_a_events/04268651.htm

UKBWG (United Kingdom Biometrics Working Group) 2002, Use of Biometrics for
Authentication and Identification: Advice on Product Selection, Issue 2.0,
http://www.idsysgroup.com/ftp/Biometrics%20Advice.pdf, last accessed 27 March
2007.

Victor, B, Bower, K & Sarkar, S 2002, ‘An Evaluation of Face and Ear Biometrics’,
Proceedings of the ICPR, http://ieeexplore.ieee.org/iel5/8091/22378/01044746.pdf, last
accessed 27 March 2007.

Wasem, RE, Lake, J, Seghetti, L, Monke, J, Vina, S 2004, Border Security: Inspections,
Practices, Policies and Issues, CRS Report for Congress,
http://www.ilw.com/immigdaily/news/2004,1006-security.pdf, last accessed 27
March 2007.

Wiederhold MD, Israel SA, Meyer RP & Irvine JM 2003, Identification by analysis of
physiometric variation, United States Patent 6993378,
http://www.wipo.int/pctdb/images4/PCT-
PAGES/2003/012003/03000015/03000015.pdf, last accessed 10 May 2008.

59
DSTO-GD-0538

Wilson, P & Shank, B 2003, ‘Costs and Benefits of Integrating Biometrics with a Navy
Tactical Weapons System’, Proceedings of the 2003 IEEE Workshop on Information
Assurance, United States Military Academy, West Point, New York.

Woodward, JD, Watkins Webb, K, Newton, EM, Bradley, MA, Rubenson, D, Larson, K,
Lilly, J, Smythe, K, Houghton, B, Pincus, HA, Schachter, J & Steinberg, P 2001, Army
Biometric Applications: Identifying and Addressing Sociocultural Concerns,
http://www.rand.org/pubs/monograph_reports/MR1237/, last accessed 27 March
2007.

Woodward, JD, Horn, C, Gatune, J & Thomas, A 2003, Biometrics A Look at Facial
Recognition, RAND Documented Briefing,
http://www.rand.org/pubs/documented_briefings/DB396/DB396.pdf, last accessed
27 March 2007.

Yao, Y, Abidi, B, Kalka, ND, Schmidt, N & Abidi, M 2006, ‘High magnification and long
distance face recognition: database acquisition, evaluation, and enhancement’, Proceedings
of the 2006 Biometrics Symposium,
http://ieeexplore.ieee.org/iel5/4341611/4341612/04341635.pdf?tp=&isnumber=&arnum
ber=4341635, last accessed 8 July 2008.

Zhang, D, Liu, Z, Yan, J & Shi, P 2007, ‘Tongue-Print: A Novel Biometrics Pattern’, in
Lecture Notes in Computer Science, Berlin: Springer, pp. 1174-1183.

60
 Page classification: UNCLASSIFIED

DEFENCE SCIENCE AND TECHNOLOGY ORGANISATION

DOCUMENT CONTROL DATA 1. PRIVACY MARKING/CAVEAT (OF DOCUMENT)

2. TITLE 3. SECURITY CLASSIFICATION (FOR UNCLASSIFIED REPORTS

THAT ARE LIMITED RELEASE USE (L) NEXT TO DOCUMENT
Biometrics Technology Review 2008 CLASSIFICATION)

Document (U)
Title (U)
Abstract (U)

4. AUTHOR 5. CORPORATE AUTHOR

Rebecca Heyer DSTO Defence Science and Technology Organisation

PO Box 1500
Edinburgh South Australia 5111 Australia

6a. DSTO NUMBER 6b. AR NUMBER 6c. TYPE OF REPORT 7. DOCUMENT DATE
DSTO-GD-0538 AR 014-200 General Document May 2008

8. FILE NUMBER 9. TASK NUMBER 10. TASK SPONSOR 11. NO. OF PAGES 12. NO. OF REFERENCES
2007/1101846 CCT07/029 CDS 66 79

13. URL on the World Wide Web 14. RELEASE AUTHORITY

http://www.dsto.defence.gov.au/corporate/reports/DSTO- Chief, Land Operations Division

GD-0538.pdf

15. SECONDARY RELEASE STATEMENT OF THIS DOCUMENT

Approved for public release

OVERSEAS ENQUIRIES OUTSIDE STATED LIMITATIONS SHOULD BE REFERRED THROUGH DOCUMENT EXCHANGE, PO BOX 1500, EDINBURGH, SA 5111
16. DELIBERATE ANNOUNCEMENT

No Limitations

17. CITATION IN OTHER DOCUMENTS Yes

18. DSTO RESEARCH LIBRARY THESAURUS

Automation
Biometrics
Biometric Identification
Security

19. ABSTRACT
Biometrics is the measurement of personal physical features, actions or behavioural characteristics that distinguish between individuals. In
recent years automated biometric systems, such as facial, fingerprint and iris recognition systems, have been developed to facilitate a range of
functions. These functions can be broadly categorised as verification or identification, and include, for instance, physical and logical access
control, management of major plant and machinery, weapons control, identity management, surveillance operations, and personnel
management. This paper is an updated version of the Biometrics Technology Review 2002 published in 2003 by Blackburn et al. It provides
an overview of the basic elements of biometrics; a detailed examination of current and future biometric technologies; discusses the many
different applications of biometrics; and highlights the issues associated with using such technology.

Page classification: UNCLASSIFIED