Biometrics are not random enough

People are rather alike, and lack the true randomness that passwords can have. Lack
of randomness means that it is harder to separate individuals by their characteristics
and is easier to confuse them.
Biometric Security Concerns produced for the UK Biometric Working Group. Last updated September
2003
12
This is a concern that is hard to refute by theoretical analysis. In fact template sizes are
usually much larger than password lengths, though this hardly constitutes a valid
argument. Current knowledge of biometric algorithm behaviour and human feature
randomness and variation does not permit theoretical analysis of biometric system
performance.
The pragmatic approach is to use performance testing to explore the interaction of the
human and system parameters and thence to determine the discrimination capability
of the biometric system. The results are typically expressed in terms of statistical error
rates such as FAR and FRR (see Performance Limitations previously). Managers
planning to use biometric systems need to assess their error rate requirements and
determine whether a biometric system can meet them. The mode of use and the
number of users will also have to be considered. For systems involving identification (1
to many comparisons), error rates that may be acceptable with a small number of
users rapidly become intolerable as the number of enrolled users rises. This is likely to
be a particular problem for large public applications which may have many millions of
enrolees.

Related posts:

1. Biometrics do not provide absolute identification
2. Mimicry is to behavioural biometrics
3. biometrics resource
4. Does using biometrics increase likelihood of capture, coercion or
5. Biometrics cannot be changed when compromised
6. Quality of the enrolled biometric

Related posts brought to you by Yet Another Related Posts Plugin.