Bringing Biometrics to the Door and Across the School and Healthcare Campus
Fingerprint authentication solutions aim to make physical access control systems in education and healthcare convenient, easier to use and more secure.
Biometrics technology is proliferating rapidly across consumer applications, such as those in the financial market, for customer authentication to payment services as well as ATM machines, especially those in high-fraud markets.
The adoption of biometrics as an additional authentication factor for physical access control systems (PACS) and other enterprise applications has been much slower. There are numerous reasons why this is changing, however, especially in the education and healthcare markets where there is an increasingly critical need to fuse convenience and security while validating “true identity” as opposed to identity that is simply associated with the possession of an ID card.
First, biometrics solutions are now available with new anti-spoofing capabilities. They are also being integrated into secure trust platforms that protect privacy, and they support a variety of RFID credential technologies while delivering a much higher matching speed and better overall performance than before.
This will dramatically improve an organization’s security while enhancing user convenience. These capabilities are critically important in today’s educational and healthcare settings.
Roadblocks to Campus Adoption
Biometrics technology is particularly well suited for college campuses and hospital applications because of its inherent ability to prevent a user from taking someone else’s card and obtaining access to privileged resources. When used for authentication, it adds the human element to strengthen security by combining something the user “is” with something the user “has” or “knows.”
Clearly, being able to identify individuals with 100% accuracy is imperative in healthcare so that medical professionals can properly diagnose and treat people based on the correct patient’s medical history. But whereas the analyst firm Verified Market Research has estimated the total global market for biometric systems at more than $13 billion in 2017, it only valued the healthcare biometrics market at $1,182.4 million in 2016. At the same time, though, the firm expects a healthy compounded annual growth rate (CAGR) of 19.9 percent in this market, to USD 5,701.25 million through 2025.
Moving fingerprint authentication beyond numerous consumer applications to broader adoption in healthcare, education and other enterprise applications will require that several growth impediments be removed. While price has been one big roadblock, there have also historically been other reasons for its slower-than-expected growth.
First, many biometrics technologies are still vulnerable to spoofs and hacking when fraudsters create a fake fingerprint and present it to a reader. Plus, older products have moved users through the doors much more slowly than simple ID cards and readers. There can be significant differences in performance between various fingerprint capture technologies.
Newer solutions are overcoming these security and convenience hurdles in three key ways:
- How fingerprint images are captured (if the image can’t be properly captured, the rest of the process fails)
- The implementation of liveness detection to enhance trust (even in the case when the image is properly captured, if it is fake, the system cannot be trusted)
- Optimizing performance through a combination of new technology and algorithms while ensuring interoperability so the performance can be trusted.
Solving the Capture Problem
The quality of the captured image is critical across all types of fingerprints and a wide range of environments.
Many customers choose sensors that use multispectral imaging because it collects information from inside the finger to augment available surface fingerprint data. The skin is illuminated at different depths to deliver much richer data about the surface and sub-surface features of the fingerprint.
Additionally, the sensor collects data from the finger. even if the skin has poor contact with the sensor due to environmental conditions such as water or finger contamination.
Multispectral sensors work for the broadest range of people with normal, wet, dry or damaged fingers, across the widest range of usage conditions – from lotions or grease to sunlight to wet or cold conditions. The sensors also resist damage from harsh cleaning products and contamination from dirt and sunlight.
Enhancing Trust Through Liveness Detection
Liveness detection is the ability to determine that the biometric data captured by the fingerprint reader is from a real living person, not a plastic fake or other artificial copy. An increasingly visible dimension of biometric performance in commercial applications, liveness detection is critical for preserving trust in the integrity of biometrics authentication.
At the same time, it must not impede performance or result in excessive false user rejections.
The most trusted multispectral imaging fingerprint sensors with liveness detection provide a real-time determination that the biometric captures are genuine and are being presented by the legitimate owner, rather than someone impersonating them.
This capability leverages the image-capture approach of using different colors or spectrum of light to measure the surface and subsurface data within a fingerprint.
In addition to this optical system, the biometrics sensor features several core components, including an embedded processor that analyzes the raw imaging data to ensure that the sample being imaged is a genuine human finger rather than an artificial or spoof material. Advanced machine learning techniques are used so the solution can adapt and respond to new threats and spoofs as they are identified.
Liveness detection gives healthcare organizations the assurance, for instance, that they are complying with HIPAA regulations for verifying identity without the fear that someone will gain access using a fake fingerprint.
On the college campus, this capability similarly defends against someone stealing and using someone’s campus ID card to, say, gain unauthorized access to their dorm room or fraudulently purchase meals at the cafeteria using their account.
Performance optimization requires liveness detection and the underlying capture technology, but it is also important to ensure that this performance can be trusted.
Boosting Performance That Can Be Trusted
Delivering top performance requires the ability to always capture usable biometric data on the first attempt for every user.
It is also necessary to accelerate the process of determining that the biometric data is not a fake, and performing template matching to reject impostors and match legitimate users.
Being able to trust this performance, though, requires a focus on interoperability with template-matching algorithms.
Skilled third-party independent test labs like the National Institute of Standards and Technology (NIST) perform extensive interoperability testing so that performance data is more than a vendor claim and can actually be trusted.
The first step for incorporating biometrics into a physical access control solution is to choose a secure trust platform that meets the requirements for accessibility and data protection in a connected environment.
The platform’s credential technology should employ encryption, and there should be a software-based infrastructure to secure trusted identities on any form factor for physical access control as well as for access to IT networks and more.
Man-in-the-middle attacks can be prevented through cryptography, which also protects the biometric database. Other important system features include remote management of all readers and users from onboarding through template loading and enrollment activities for supported authentication modes.
Configuration and administration are also important considerations, along with how logs, reports and monitoring are implemented.
System administrators will want to manage biometric readers as groups or individually over the network, and they should have tools for managing all configuration settings from time and data to language, security and synchronization.
Other important system features include software tools for configuring and managing one or many readers, including enrolling users’ fingerprints and assigning access rights. These tools also can be used to securely log all door events where readers have been installed and to upgrade readers in the field remotely over a TCP/IP connection.
Back-end implementation decisions include how to seamlessly integrate the biometric authentication system into third-party systems. Until recently, this was a major pain point of biometric technology deployment, but now application programming interfaces (APIs) are available for direct integration of the biometrics authentication solution with the access control infrastructure.
Improved privacy protection is a big benefit of properly implemented biometrics solutions featuring liveness detection. Since they make it impossible to use a fake finger, they ensure that even if a fraudster obtained someone’s fingerprint data, it is meaningless. Strong and updatable liveness protection is a key prerequisite for using biometrics to eliminate the need for PINs or passwords.
Biometrics data must be handled like all sensitive and identifying information. When system designs are properly architected, they protect against both internal and external threats and attacks.
Today’s latest system architectures and data models have been created to protect personal information and maintain user privacy. Beyond the encryption of the data itself, there are now many good alternatives available for building highly secure and well-protected systems.
As an example, the use of multi-factor and even multi-modal authentication is one proven way to maintain security even if some identifying data is compromised.
Today’s modern fingerprint authentication solutions are poised to bring physical access control systems in education and healthcare settings a unique combination of ease of use, availability, convenience and higher security.
They feature important improvements in liveness detection, system architectures, performance and the ability to be easily incorporated into access control solutions. This enables them to seamlessly combine security and convenience so they become a viable option when accessing a campus facility and a wide variety of networks and services.
These solutions deliver a higher confidence of “who” is being admitted into a university residence hall or classroom or a hospital’s front door and other restricted areas – all places where this confidence really matters.
Wayne Pak is the director of product marketing with HID Global.