If access control systems are to control where people — not credentials — can and cannot go, then only a biometric device can truly provide this capability. That’s why more and more biometrics readers are showing up in access control systems. How do you determine the right biometric technology for you?
Before getting specific, let’s discuss two important topics relating to biometrics that are somewhat intertwined: a one-to-many match vs. a one-to-one match and privacy issues.
An important distinction must be made between “identification” — a one-to-many match, and “verification” — a one-to-one match. A system designed to “identify” a person compares a biometric presented by a person against all biometric samples stored in the database. The one-to-many system identifies the individual if the presented biometric matches one of the many samples on file. This type of system is used by the police to identify criminals.
The verification process, however, involves a one-to-one search. A live biometric presented by the user is compared to a stored sample — previously given by that individual during enrollment — and the match is confirmed. However, the actual hand geometry, vein pattern or fingerprint is not stored in a database. Instead, a mathematical equation, or algorithm, creates a unique number that represents the points measured on the finger, veins or hand. The number — or template — that results from this equation is all that is stored.
When the user presents an ID card or enters an assigned PIN, only that template is transmitted. When the employee presents his/her hand or finger, the reader runs the authentication process to determine if the template that is stored matches the template of the biometric being presented. If there is a match, the person is verified.
Privacy should not be a concern
In some cases, companies implementing biometrics will initially receive employee resistance, with privacy issues taking center-stage. This will invariably be the case if a union is involved, looking for negotiating points. Any concerns are eliminated if employees are educated on the system’s announcement. After using the biometric reader once or twice and seeing how easy it is to operate, employees generally prefer biometrics.
Teach that biometrics will provide them with increased security in the workplace and improve record-keeping for payroll. Emphasize that the biometric reader provides verification, a one-to-one match, and how that works.
Additionally, for those using smart cards, let them know the template data can be stored on their employee card, thereby keeping control of its use in their own hands.
Today’s Leading One-to-One Biometric Technologies
Hand Geometry. The size and shape of the hand and fingers is used by a hand reader to verify a person by evaluating a 3D image of the hand. It was the technology used for the very first commercially available biometric device, which came to market in 1976. Hand geometry readers continue to be the dominant biometric technology for access control and time-and-attendance applications. They are predominantly used in high-throughput applications, such as at the gates to a factory, access to an airport tarmac or admittance to a college recreation center.
Fingerprint. Remember, do not confuse the fingerprint readers used in access control with the one-to-many fingerprinting done by police. One-to-one fingerprint access control readers create a template of the fingerprint in a process similar to hand geometry readers for local comparison. Due to throughput concerns, fingerprint access control may be best applied in smaller user populations. Because of cost and size, they are a perfect choice for single person verification applications, such as in logical access control, where they are used to log onto PCs or computer networks. They are also a good choice for a small lab or admittance into the telecommunications room for a select few people.