Page241

Crossover Error Rate (CER)

The Crossover Error Rate (CER) describes the point where the False Reject Rate (FRR) and False Accept Rate (FAR) are equal. CER is also known as the Equal Error Rate (EER). The Crossover Error Rate describes the overall accuracy of a biometric system.

As the sensitivity of a biometric system increases, FRRs will rise and FARs will drop. Conversely, as the sensitivity is lowered, FRRs will drop and FARs will rise. Fig. 6.6 shows a graph depicting the FAR versus the FRR. The CER is the intersection of both lines of the graph as shown in Fig. 6.6, based on the ISACA IS Auditing Guidelines for Biometric Controls #G36 [5].

Crossover error rate.

Types of Biometric Controls

There are a number of biometric controls used today. Below are the major implementations and their specific pros and cons with regard to access control security.

Fingerprints

Fingerprints are the most widely used biometric control available today. Smart cards can carry fingerprint information. Many US Government office buildings rely on fingerprint authentication for physical access to the facility. Examples include smart keyboards, which require users to present a fingerprint to unlock the computer’s screen saver.

The data used for storing each person’s fingerprint must be of a small enough size to be used for authentication. This data is a mathematical representation of fingerprint minutiae, specific details of fingerprint friction ridges, which include whorls, ridges, bifurcation, and others. Fig. 6.7 shows minutiae types (from left) bifurcation, ridge ending, core, and delta [6].

Fingerprint minutiae [6].