Skip to content

Page240

Biometric Fairness, Psychological Comfort, and Safety

Biometrics should not cause undue psychological stress to subjects, and should not introduce unwarranted privacy issues. Some biometric controls, such as retina scans as we will see shortly, are rarely used, for this reason.

Biometric controls must be usable by all staff, or compensating controls must exist. In a large organization (10,000 or more employees), some staff may not have fingerprints, or eyes, etc. These issues must be considered, and fair controls must exist for all staff.

Have you noticed that modern airports often have bathrooms with no doors? Entrance is now typically via a short corridor with multiple turns (which block open view from a concourse into the bathroom). This is done to avoid multiple people touching a door handle (and possibly spreading disease). Most airport toilets now flush automatically for the same reason.

Potential exchange of bodily fluid is a serious negative for any biometric control: this includes retina scans (where a user typically presses their eye against an eyecup), and even fingerprint scanning (where many subjects touch the same scanner). Fully passive controls, such as iris scans, may be preferable (there is no exchange of bodily fluid).

Biometric Enrollment and Throughput

Enrollment describes the process of registering with a biometric system: creating an account for the first time. Users typically provide their username (identity), a password or PIN, and then provide biometric information, such as swiping fingerprints on a fingerprint reader, or having a photograph taken of their irises. Enrollment is a one-time process that should take 2 minutes or less.

Throughput describes the process of authenticating to a biometric system. This is also called the biometric system response time. A typical throughput is 6–10 seconds.

Accuracy of Biometric Systems

The accuracy of biometric systems should be considered before implementing a biometric control program. Three metrics are used to judge biometric accuracy: the False Reject Rate (FRR), the False Accept Rate (FAR), and the Crossover Error Rate (CER).

False Reject Rate (FRR)

A false rejection occurs when an authorized subject is rejected by the biometric system as unauthorized. False rejections are also called a Type I error. False rejections cause frustration for the authorized users, reduction in work due to poor access conditions, and expenditure of resources to revalidate authorized users.

False Accept Rate (FAR)

A false acceptance occurs when an unauthorized subject is accepted as valid. If an organization’s biometric control is producing a lot of false rejections, the overall control might have to lower the accuracy of the system by lessening the amount of data it collects when authenticating subjects. When the data points are lowered, the organization risks an increase in the false acceptance rate. The organization risks an unauthorized user gaining access. This type of error is also called a Type II error.

Note:
A false accept is worse than a false reject: most organizations would prefer to reject authentic subjects rather than accept impostors. FARs (Type II errors) are worse than FRRs (Type I errors). Two is greater than one, which will help you remember that FAR is Type II, which is worse than Type I (FRR).

Over 40 data points are usually collected and compared in a typical fingerprint scan. The accuracy of the system may be lowered by collecting fewer minutiae points (10 or so). This will lower the FRR, but raise the FAR. It also increases the possibility that a user’s fingerprints would be easier to counterfeit.