Valuable assets are traditionally protected by secrecy, typically secret passwords. Biometric features are often readily observed and do not possess equivalent secrecy. They may also be captured with varying degrees of difficulty. This is a variation on the spoofing concern. It is certainly true that the source biometric features are not secret, but the ...

There is sometimes a misapprehension that biometrics can provide absolute identification (e.g. of terrorists, criminals etc) as though the implementation of biometric systems will somehow solve the problem of a major terrorist attack. Of course biometric systems can, at best, only identify/verify individuals who have been previously enrolled. Applications can use this functionality in ...

Mimicry is to behavioural biometrics what artefacts are to physiological biometrics. Through mimicry, an impostor attempts to “copy” the relevant biometric features of an enrolled user in order to fool the biometric authentication process. Because behavioural biometrics are applicable to the recognition of acquired, rather than inherited features, the features can also be acquired ...

Users may be concerned that their biometric features could be captured without their consent or even knowledge and that they might thereby unintentionally unlock a door, or authorise a payment. If true, this could have serious financial or safety consequences, however it is rather unlikely because, in any real application, the issue would be ...

It is true that the basic biometric features cannot be changed, though in some cases, alternatives may be available (e.g. different fingers). However the simplicity of the headline argument conceals some more complex and subtle issues. We need to understand what can be compromised, examine a number of scenarios where compromise might occur and ...

Spoofing through the use of artefacts is generally a concern for physiological biometric technologies such as fingerprint, hand, iris etc. Several studies dating from around 1998 have demonstrated the potential for successfully mounting a spoofing attack under carefully controlled conditions. If spoofing attacks can be successful, the fundamental tenet of biometrics – the “something you ...

Biometrics do not provide perfect (unique) identification. The matching process is probabilistic and is subject to statistical error. A mistaken identification or verification where the wrong person is matched against an enrolled user is termed a FalseAcceptance and the rate at which these occur ...