Biometric Authentication – the New Kid on the Access Control Block

digital face

Once residing only in the realm of science fiction, biometric authentication has moved into our everyday worlds. And if it’s not part of yours, hold on, it soon will be.

Once upon a time a driver’s license or photo ID was all it took to gain access to a secure building. Life was simpler then. But then, terrorism reared its loathsome head and made it apparent that these simple tokens of identification are woefully inadequate. Today’s security climate demands that secure access control be based on identity authentication. It is not enough that a person may already have security clearance.

Biometric authentication has stepped up to fill that need since the cardinal rule of authentication is that proof of identity be based on a trait or characteristic that is unique to the person, not just a piece of plastic or badge that has the potential of being misappropriated.

The Biometric Credential

Biometric identification employs methods of analyzing a person’s physiological and/or behavioral characteristics, which are presumed to be unique to the individual.  The chosen characteristic becomes his or her access control credential so that when the person approaches an access point, the characteristic is compared to a database containing information linked to his/her identity.


Choice of a biometric modality should be limited to characteristics that are common to all individuals,  but unique to each in its particular parameters.  For example, everyone has five fingers but no two individuals, even identical twins share fingerprint ridge patterns, nor do we share palm-prints or wrist vein patterns. Since the authenticating process is quick and non-invasive, fingerprints and palm-prints, even footprints, have long been used as identity authenticators.

However, the modality must also be such that it cannot be falsified. Devious minds have determined how to forge fingerprints using duplicating aids like latex, digital photography, and believe it or not – gummy bears. And social media being what it is, the information is readily available on the Internet.

However, we do have several physical identifying features that , as of yet, have proven to be tamper-proof, the face, the retina, and the iris, being three examples.

Facial Recognition

facial recognition

Facial Recognition technology is the most rapidly evolving area of biometrics since any photo or digital image can readily be converted to a mathematical code that describes an individual’s face. This code is created with computer analysis that looks at nodal points (facial landmarks) such as nose, cheekbones, shape, shape, and position of the eyes.

Although every face has about eighty nodal points, analysis usually centers on twenty points between the temple area and lips. Concentrating on this portion of the face ensures that obscuring factors like beards, glasses, or the natural aging process will not be a complication in the authentication.

Improvements in technology continue to provide tune-ups to facial recognition. For example, 3-d facial recognition methods have been developed that are more impervious to lighting differences,  facial expressions, or head orientation during imaging. Adding skin texture analysis increases the accuracy of the 3-d image even more.

Facial recognition is also combined with body motion to dramatically improve recognition.

Iris Recognition

Moving up a rung on the accuracy and reliability scale, we find iris recognition technology. The structure of the iris, like one’s fingerprints, is determined during embryonic development, so no two individuals, not even those who are genetically related, have the same iris patterns.

iris recognition

Iris recognition consists of taking a high-resolution image of a person’s eyes and converting it to a digital format that can yield a mathematical iris representation that can be stored in a database and used for cross reference when the person’s identity has to authenticated.

Eyeglasses and contact lenses do not pose a problem for iris recognition and the topography of the iris remains unchanged, barring injury, throughout life.

Retina Recognition

Iris recognition should not be confused with a retinal scan. An iris scan can be conducted from a short distance away while a retina scan involves an individual’s looking through a scanner’s eyepiece for a minimum of ten to fifteen seconds so that the eye’s blood vessel patterns can be examined. Retinal measurements can be affected by astigmatism and cataracts.

retinal scan

Hybrid Combinations

Some facilities have chosen to combine biometric authentication with more traditional access control. San Jose State University is adopting a system requiring students to use an app that stores biometric information on their smartphones or mobile devices. In order to gain access to a residential dining hall, they must place their finger on a biometric reader. The reader then uses mid-range contact-less technology to compare the fingerprint to the data stored on the device.

Kintronics is staying abreast of all these exciting advances in secure access control. We currently recommend IP access control systems.  Should you want more information, or be in the market for an IP security camera system, give us a call at 914-944-3425 to speak to a sales engineer or fill out an information request form.