IGuard Terminology
Biometrics
The automatic recognition of persons based on unique
combinations of measurable physical or behavioral
characteristics. Examples include fingerprints, iris
scanning, face and voice recognition, or hand geometry.
All of these biometric techniques are differentiated
by speed, durability, reliability, and cost effectiveness.
Fingerprints are generally considered the most practical
biometric identifier in use today. The iGuard Security
Network Appliances use Fingerprint technology.
Biometric Authentication
Method (Mode)
The way biometric data (e.g. fingerprints) is used
for authentication. The mode chosen for a biometric
installation depends on the specific needs of a site,
where either convenience or security may be emphasized.
Verification
Also known as 1:1 This type of biometric credential
management system utilizes a secondary "statement
of user identity". In other words, you must also
authenticate yourself by something you possess or
know and not just by something you are. An example
her is when I walk up to my PC I insert my smart card
(something I have) into a SC reader attached to my
fingerprint scanner or input my PIN or password (something
I know) and then authenticate biometrically using
my finger on the scanner. The program asks: Is this
person whom they claim to be? This type of credential
management system is the fastest template matching
method and is the most secure authentication method
available today.
Identification
Also known as one-to-many or 1:n comparison. This
type of biometric credential management relies solely
upon the biometric credential as the statement of
user identity. As an example, when I place my finger
upon the biometric reader, the program looks at the
presented template and goes to the template warehouse
and attempts to identify my fingerprint from the entire
database. The program asks: Who is this person? Then
it asks: Does this person have access? Then the program
grants or denies access based upon the business rules
previously assigned. This is the slowest form of authentication
and is also the most open to the types of errors detailed
above.
Authorization
The administration of person-specific rights, privileges,
or access to data or corporate resources.
Authentication
Any systematic method of confirming the identity of
an individual. Some methods are more secure than others.
Simple authentication methods include user name and
password, while more secure methods include token-based
one-time passwords. The most secure authentication
methods include layered or "multi-factor biometric
procedures. This is independent of authorization.
False Acceptance Rate
Also known as FAR. False Acceptance Rate - This is
the rate at which a device will accept false biometric
credentials as acceptable. This level of error is
extremely rare, and usually falls within the 1 in
1,000,000 or better range. An example of this type
of error: Ben is not authenticated to access his corporate
network via biometric authentication. His fingerprint
on his right index finger is close enough to Mary's
that he is able to authenticate access by using her
identity. He is granted access even though he doesn't
possess valid biometric credentials. The odds of this
happening in reality with 16 minutiae points captured
is quite literally 1 in a Million.
False Rejection Rate
Also known as FRR. False Rejection Rate - This is
the rate at which a device will deny access based
upon misreading or misidentifying genuine biometric
credentials as "false". An example of this
type of error: Mary is authorized to access her facility
by authenticating her fingerprint on a fingerprint
reader at the door. Today, while trying to enter the
facility, Mary didn't have her finger properly centered
on the device, so the minutiae points captured and
compared during this attempt are notably different
than what is on the stored template. She is denied
access even though she has a valid biometric credential
(her finger). This is the most common type of error
and most devices will default to a FRR as opposed
to FAR if the templates are noticeably different.
Latent Fingerprint
Latent fingerprints are "left over" fragments
usually caused by the build-up of oily residues on
the optic sensor window after repeated use. The Verification
technique used by iGuard devices to defeat "faked"
fingerprints also prevents latent fingerprints from
being incorrectly validated by the system.
Matching
Biometric data (e.g. fingerprints) are matched to
another sample to confirm a person’s identity (authentication).
For example, BioCert biometric systems use optic scanners
to collect fingerprint minutiae, then create mathematical
templates based on that information for storage. New
input fingerprints are scanned and compared to the
stored samples. If the minutiae matching threshold
is met, the person is authenticated.
Minutiae
The unique, measurable physical characteristics scanned
as input and stored for matching by biometric systems.
For fingerprints, minutiae include the starting and
ending points of ridges, and ridge junctions among
other features.
Biometric Template
The biometric reference pattern of a person stored
for matching. BioCert devices convert fingerprint
minutiae into mathematical templates, so actual fingerprint
images are not stored and cannot be reconstructed
based on template data.
Master/Slave Units
The terms Master/Slave have been used for years in
the computer industry to describe devices that are
dependent upon a connection to each other. A slave
device receives instructions and data from the master
unit and replicates all fingerprint and access privileges
from the master unit. In this configuration, you can
control and query multiple iGuard units from a single
web interface on the master device.
Once you set privileges and access
rights, each slave unit will accept these instructions
and carry them out even if the devices are disconnected
from the network. Each iGuard can store up to 4000
transactions and once the connection to the network
is restored, each slave unit will upload the transaction
data to the master device.
|
