Xperienced Programmers' Expert Group
XPEG was
conceptualized by few ISM (Indian School of Mines, Dhanbad) students in
January-2002 with an idea of making less costly biometric system to be used
at high security areas. In January-2003 XPEG Research and Development team
completed its theoretical processing on the problem and submitted a detailed
report dealing the solution. XPEG programmers team started its work on based
upon the solution provided by the R&D team. In July-2003 XPEG came up with a
new unique biometric authentication system using some of the very advanced
techniques on Face and Voice processing (developed by XPEG R&D team) that
worked on the standalone system. Analyzing the present market needs and cost
affairs XPEG started working on the feasibility of a network biometric
system. In December-2003 XPEG finished working on the problem and came up
with a biometric system that could work on a network environment using some
new protocol suits developed by XPEG. This system was named as XSEC-2.1 (X
Security Version-2.1).
XSEC-2.1
Overview
The
main purpose of XSEC project was to develop a user authentication and
identification system that could work upon biological features of the user
delivering high precision to be used for different high security purposes.
Click below to read more about the XSEC-2.1 system. This section has a
detailed discussion upon the XSEC architecture, Market opportunities, system
backbone etc.
Biometric
Fundamentals
Biometrics are automated
methods of recognizing a person based on a physiological or behavioral
characteristic. Among the features measured are; face, fingerprints, hand
geometry, handwriting, iris, retinal, vein, and voice. Biometric
technologies are becoming the foundation of an extensive array of highly
secure identification and personal verification solutions. As the level of
security breaches and transaction fraud increases, the need for highly
secure identification and personal verification technologies is becoming
apparent. Biometric-based solutions are able to provide for confidential
financial transactions and personal data privacy. The need for biometrics
can be found in federal, state and local governments, in the military, and
in commercial applications. Enterprise-wide network security
infrastructures, government IDs, secure electronic banking, investing and
other financial transactions, retail sales, law enforcement, and health and
social services are already benefiting from these technologies.
Biometric Applications
Biometrics is a rapidly evolving technology which is being widely used in
forensics such as criminal identification and prison security, and has the
potential to be used in a large range of civilian application areas.
Biometrics can be used to prevent unauthorized access to ATMs, cellular
phones, smart cards, desktop PCs, workstations, and computer networks. It
can be used during transactions conducted via telephone and internet
(electronic commerce and electronic banking). In automobiles, biometrics can
replace keys with key-less entry devices.
Miscellaneous Discussions
Biometric decision-making is frequently misunderstood. For the
vast majority of technologies and systems, there is no such thing as a 100%
match, though systems can provide a very high degree of certainty. The
biometric decision-making process is comprised of various components, as
indicated below.
Matching - The comparison of biometric
templates to determine their degree of similarity or correlation. A match
attempt results in a score that, in most systems, is compared against a
threshold. If the score exceeds the threshold, the result is a match; if the
score falls below the threshold, the result is a non-match. Biometric
comparisons take place when proprietary algorithms process biometric
templates. These algorithms manipulate the data contained in the template in
order to make valid comparisons, accounting for variations in placement,
background noise, etc.
The matching process involves the comparison of the match template, created
upon sample submission, with the reference template(s) already on file. In
1:1 verification systems, there is generally a single match template matched
against a reference template. In 1:N identification systems, the single
match template can be matched against dozens, thousands, even millions of
reference templates.
In most systems, reference and match templates should never be identical.
An identical match is an indicator that some sort
of fraud is taking place, such as the resubmission of an intercepted or
otherwise compromised template.
Score – A number indicating the degree
of similarity or correlation of a biometric match. Traditional verification
methods – passwords, PINs, keys, and tokens - are binary, offering only a
strict yes/no response. This is not the case with most biometric systems.
Nearly all biometric systems are based on matching algorithms that generate
a score subsequent to a match attempt. This score represents the degree of
correlation between the match template and the reference template. There is
no standard scale used for biometric scoring: for some vendors a scale of
1-100 might be used, others might use a scale of –1 to 1; some vendors may
use a logarithmic scale and others a linear scale. Regardless of the scale
employed, this verification score is compared to the system’s threshold to
determine how successful a verification attempt has been.
Threshold - A predefined number, often
controlled by a biometric system administrator, which establishes the degree
of correlation necessary for a comparison to be deemed a match. If the score
resulting from template comparison exceeds the threshold, the templates are
a “match” (though the templates themselves are not identical). When a
biometric system is set to low security, the threshold for a successful
match is more forgiving than when a system is set to high security.
Decision – The result of the comparison
between the score and the threshold. The decisions a biometric system can
make include match, non-match, and inconclusive, although varying degrees of
strong matches and non-matches are possible. Depending on the type of
biometric system deployed, a match might grant access to resources, a
non-match might limit access to resources, while inconclusive may prompt the
user to provide another sample.
One of the most interesting facts about most biometric technologies is that
unique biometric templates are generated every time a user interacts with a
biometric system. As an example, two immediately successive placements of a
finger on a biometric device generate entirely different templates. These
templates, when processed by a vendor’s algorithm, are recognizable as being
from the same person, but are not identical. In theory, a user could place
the same finger on a biometric device for years and never generate an
identical template.
Therefore, for most technologies, there is simply no such thing as a 100%
match. This is not to imply that the systems are not secure – biometric
systems may be able to verify identify with error rates of less than
1/100,000 or 1/1,000,000. However, claims of 100% accuracy are misleading
and are not reflective of the technology’s basic operation.
|
