Biometrics in an Integrated System

Biometric solutions have become the subject of much discussion lately, as governments and businesses search for more sophisticated security solutions beyond the traditional identification badge and access control system. Although they have much to offer, biometric technologies have so far failed to become integrated in physical security environments on a widespread basis. To date, there have been few large-scale, enterprise installations in which biometrics was integrated with access control. In general, biometrics has been implemented only in selected small-scale projects at airports, or in IT companies where intense security has been needed. There are a number of reasons that biometric technology has not yet achieved its potential in the physical security arena.

System Architecture
One of the biggest obstacles to the adoption of biometric technologies in physical security environments has been system architecture. Traditionally, access control and biometric functions have existed independently from one another. Biometric systems were designed to either operate alone or to connect to an access control system by means of a Wiegand interface. Many companies tout the use of a Wiegand interface as "integration," when in fact it's not integration at all.

Essentially, this architecture consists of two completely different systems. Each has its own information repository or database, its own specialized readers, its own enrollment process and its own enrollment and administration workstations. There's no connection between them except the Wiegand wire.

On a small scale with only a few readers, this compartmentalized approach can work. But if the system scales upward to incorporate hundreds of readers, greater demands are placed upon it, and the inherent problems become obvious. In each database, a cardholder record contains a unique identifier for each person. That unique ID must be entered manually and maintained in both databases. If a mistake is made entering a cardholder's information during enrollment, the wrong card ID will be associated with the wrong template, and the cardholder will be denied access.

The compartmentalized approach also risks suffering data synchronization errors, which can occur if one database is down and some data becomes corrupted, or if one of the networks or readers fails. As the system grows, the tasks of managing it and keeping the data synchronized can become overwhelming.

Controller Limitations
Quite often in current biometric systems, there's a limited local database of templates stored in the biometric readers. Some systems, however, store the biometric templates in the access controllers. This allows systems to utilize the larger memory capacities of today's controllers. It also allows several readers to share the common storage of templates within the controller, while preserving the fast local decision-making ability needed for access control. But storing the templates in the controllers necessitates that those controllers be designed for distributed network architecture, and that they have sufficient capacity to store both the full cardholder database and the biometric templates. Each template can require several hundred bytes of storage.

Single-Factor Biometric Systems
Increasingly, vendors are positioning biometric systems by themselves as access control solutions. A single-factor biometric (such as fingerprint reading or face recognition) is not reliable enough to provide high-end access control. Many individual biometric technologies have high rates of false acceptance or false rejection because of inaccuracies during data capture and template creation. There are simply too many variables for which the current algorithms cannot account. High error rates are unacceptable, because people who have legitimate access might get rejected and—even worse—people who are unauthorized might be allowed access.

The second problem with employing single-factor biometric technology as a basis for access control is that without a single index into the database—such as what an access card ID or PIN would provide—data searches must be performed one to many (i.e., identification). Let's say, for example, that there is a database of 20,000 iris scans. When a person approaches a door, his iris is scanned and it is converted to a template. Now a search must be made for a match against 20,000 iris scans, which can be very time consuming.

Furthermore, since the readers do not have the capacity to store a large number of templates, the system architecture relies on all searches being performed against a centralized database, with the central host making the access decision.

When a biometric template is created, a threshold must be set that defines the range of acceptable values. The threshold should be very tight for identification purposes. If it is too loose, too many matches will be found that are close enough to the live template when a search is performed. However, a tight threshold makes it very difficult if not impossible to find a match. The bottom line is that in a single-factor biometric system, accurate data searches require an excellent algorithm and perfect conditions of capture.

Is There Another Solution?
An alternative to an interfaced system is a seamlessly integrated solution in which all of the component functions operate flawlessly together, collectively behaving as one system. In a truly integrated environment, biometric data is treated like any other data. In such an environment biometric readers are components of an access control system and behave like access control readers; there is no database in the biometric readers and no templates are stored there; and the biometric does only what it was designed to do: compare and verify templates.

The architecture of a distributed controller solution consists of a single system, seamlessly integrated access control and biometric functionality, a single, centralized database and single, centralized enrollment and administration. All data—user data, access control data and biometric data—is captured in a single process during enrollment.

At the door is a combination access control (proximity) and biometric reader. A person presents his card, which is read by the proximity portion of the reader. The unique card ID is read and sent to the controller. The controller searches the database for that unique card ID, then searches for the template that is associated with that ID. Once found, the controller sends the template to the biometric portion of the reader. The reader reads the person's live fingerprint, converts that reading into a template and compares that template with the template received from the controller. Based on that information, the reader tells the controller yes or no, and the controller makes the access decision. With one system to maintain, it's more cost-effective and easier to manage. Enrollment is streamlined, and data synchronization is not a problem.

There are important reasons why a second factor authentication such as access cards (or PINs) are an essential component of a seamlessly integrated biometric solution. First of all, virtually every facility that has an access control system uses photo IDs or other cards as credentials for identification. In addition, data searches are greatly simplified. The use of card IDs provides an index into the biometric template database, so each search is one to one—verification rather than identification. For this reason, biometric template thresholds can be set a little looser to minimize false rejections, yet still be accurate enough to produce a correct match.

The Smart Card Option
The use of contact or contactless smart cards could be the driving force for integrating biometrics into physical access control environments. Instead of storing the biometric templates in the controller, they're stored along with the access control information in the smart card itself. With the addition of smart card readers, most existing technology and computers in the system can remain in place.

In a distributed smart card solution, a smart card credential is created during enrollment and the captured biometric template is stored in both the database and the card. At the door, there is a combination smart card and biometric reader, which reads the template from the smart card. A person then presents his live fingerprint to the reader.

Because the template is stored in the card, the verification is performed between the data in the card and the live template from the reader, rather than from the controller. If a match is found, the reader sends to the controller the access control information that is stored in the card. The whole process is simplified. This architecture can accommodate any biometric technology, but the key is that it works in conjunction with access control data. The challenges are then to develop a very sophisticated enrollment process and to be able to freely program the smart cards.

This solution enables companies to leverage biometrics and smart cards for multiple security purposes. The smart cards can be used as universal credentials, for not only physical security but for IT security as well, to log into computers and provide user authentication into networks.

Rudy D. Prokupets is chief technology officer and executive vice president of Research and Development at Lenel Systems International Inc. In 1985, Mr. Prokupets cofounded Edicon, an ID and security management company, and served as its vice president of R & D Engineering. In 1990, Mr. Prokupets cofounded Lenel Systems International, where he currently defines strategic directions and oversees all company research and development. He is a frequent speaker at industry trade shows and seminars, has been published in books and numerous trade publications, and holds several patents.