Biometrics is a method of establishing a person’s identity based on chemical, behavioral, or physical attributes of that person, and is relevant in large-scale identity management across a wide range of applications. In addition, this technology can be implemented to regulate access among computer networks, financial transactions, or transportation systems. The main purpose of biometrics in these applications is to determine or verify someone’s identity in order to prevent unauthorized people from accessing protected resources. Unlike code- and password-based systems or access card systems, which rely on information that can be forgotten or items that can be lost, biometrics techniques provide access based on who people are rather than what they have in their possession.

In principle, a biometric access control system is a pattern recognition unit that gathers a specific type of biometric data from a person, focuses on a relevant feature of that data, compares that feature to a preset group of attributes in its database, and then performs an action based on the accuracy of the comparison. There are a variety of characteristics that can be used for biometric comparisons, such as fingerprints, irises, hand geometries, voice patterns, or DNA information, and although there are certain limitations to biometric capabilities, an effective system can precisely identify an individual based on these factors. A standard biometric access control system is composed of four main types of components: a sensor device, a quality assessment unit, a feature comparison and matching unit, and a database. The Biometrics Institute can provide information on more specialized components.

Biometric Access Control System — The Sensor Device

biometric reader or scanning device is used to obtain the necessary verification data from a person. For example, in fingerprint biometrics applications, an optical sensor is employed to produce an image of the ridge structure at a fingertip, and this image serves as the basis for further access control activity.

The sensor unit forms the key interface between a user and a biometric access control system, making it important to minimize the rate of reading failure. The quality and usefulness of the data obtained through sensors often depends on camera characteristics because the majority of biometric data is composed of images, with the exception of audio-based systems, such as voice recognition, and chemically-based systems, such as odor identification.

Data Quality Assessment

In an access control system, the biometric data gathered by the sensor device must be evaluated to gauge whether it is suitable for processing. Typically, an algorithm designed for signal enhancement is applied to the data in order to improve its quality, but if the quality is insufficient for processing, the user may be asked to resubmit the data. After processing, a specific set of features is selected from the overall data set to represent the qualifying identity trait. In fingerprint scanning, the relative positions of small ridge points can be extracted for use as a biometric measure. The feature set used for assessment and extraction is known as the biometric template, and is stored within the system’s database.

Comparison and Matching

After the feature set has been extracted from the gathered data, it is compared to the stored templates and matched with any identical points. The number of matching points between the input and the template provides a match score, which can fluctuate between readings depending on the quality of collected data. The matching device in a biometric system usually includes a decision-making apparatus that relies on the match score to either confirm a person’s identity or to determine the identity by correlating the score to a ranked list of possible identities stored in the database.

The Biometric Access Control System Database

A biometric system database stores all the information needed for processing biometric readings. When establishing access control parameters, the feature template is input into the database, sometimes along with biographical information specific to the user in order to enhance security levels. The parameter setting and data gathering processes may be automated or under a technician’s supervision. For example, when establishing access control for an individual computer, a user may input his or her own data to prevent others from using the computer’s resources. However, when setting biometric controls in a restricted facility, a user’s credentials may need to be authorized by a manager or input under supervision.

A single biometric sample is often sufficient for extracting a user template, but in some cases, a biometric system can process multiple samples to form a mosaic representation. Some systems also store multiple templates to compensate for data variations that can arise from a single user. This method is often found in facial recognition biometrics, in which several templates are employed to account for alterations in facial poses relative to the sensor.