Users may be concerned that the use of biometric authentication will increase the danger that they will find themselves targeted by ruthless criminals who are intent on gaining entry to the assets protected by the biometric. With non-biometric authentication, cards, keys, and passwords could be stolen and used by criminals without the presence of ...

If details of countermeasures employed in biometric systems are publicised, it may help attackers to avoid or defeat them. Similarly, if attackers know what countermeasures are not employed, this will help them identify potential weaknesses in the system, and direct attacks towards those weak areas. The counter-argument is that public exposure of countermeasures and ...

This is a sometimes heard expression of concern about the potential misuse of biometric data stored on central databases. It refers to the threat to privacy that such centralised collections of personal data could pose if compromised. Biometric data are regarded as personal data and hence subject to the controls appropriate to personal data. ...

This is related to the covert use of biometrics (see “Can my biometric be collected covertly?” previously), and to functional creep in applications. It is important to realise that authentication does not necessarily imply consent, and it is consent which is the issue of concern here. Any application could be affected though the ...

Valuable assets are traditionally protected by secrecy, typically secret passwords. Biometric features are often readily observed and do not possess equivalent secrecy. They may also be captured with varying degrees of difficulty. This is a variation on the spoofing concern. It is certainly true that the source biometric features are not secret, but the ...

People are rather alike, and lack the true randomness that passwords can have. Lack of randomness means that it is harder to separate individuals by their characteristics and is easier to confuse them. Biometric Security Concerns produced for the UK Biometric Working Group. Last updated September 2003 12 This is a concern that is hard to ...

Template integrity and confidentiality are distinctly different issues related to template data though similar solutions may be employed to deal with both problems. Template integrity is concerned with threats to the authentication process caused by planted or modified templates, whereas template confidentiality relates to the legal and privacy issues around the template data and ...

Technically, the biometric system must be able to detect and reject the use of a copy of a biometric instead of the live biometric. This functionality is usually termed liveness detection, which refers to the ability of the system to distinguish between a sample feature provided by a live human being and a ...

The performance of biometric systems is dependent on the quality of the enrolled biometric. Enrolment quality can be affected by accidental or deliberate events and environmental conditions, and the result of low enrolment quality is almost inevitably poor system performance. If the performance is poor the security will be compromised, and there may be ...

Biometrics do not provide perfect (unique) identification. The matching process is probabilistic and is subject to statistical error. A mistaken identification or verification where the wrong person is matched against an enrolled user is termed a FalseAcceptance and the rate at which these occur ...

Approximately 80% of biometric vendors utilize minutiae in some fashion. Those who do not utilize minutia use pattern matching, which extrapolates data from a particular series of ridges. This series of ridges used in enrolment is the basis of comparison, and verification requires that a segment of the ...

...