September 26, 2024

Anonybit Team

3 Considerations for Deploying Biometrics

Blog

Biometric technology is increasingly becoming a cornerstone of identity management and secure authentication and yet, there are still many misconceptions on how it works and how to deploy. Indeed, biometrics are complex technologies that require careful attention to several key aspects to ensure successful implementations.

In this blog, I will focus on three main elements – liveness detection, matching algorithm performance, and storage solutions – that make up a biometric system. It is important to note that each of these elements are separate and distinct functions that come together in any biometric deployment. Sometimes these elements are provided by one single vendor; sometimes a solution provider will integrate these elements from multiple vendors.

We will go through what is meant by each and how to properly assess the components to ensure that biometric systems are secure, accurate, and efficient.

Liveness Detection: Ensuring Authenticity

The first part of any biometric deployment is liveness detection. Liveness detection is a critical security measure used to distinguish between a real, live user and a fake representation, such as a photograph, video, or mask. It ensures that the biometric sample being presented to the system is from a live person physically present during the authentication or identification process process. This technology is increasingly important in applications like facial recognition, and voice recognition, as it helps prevent spoofing attacks, where fraudsters attempt to bypass biometric systems using artifacts that mimic a genuine biometric feature.

With the rise of generative AI, liveness detection faces new challenges and opportunities. Generative AI models, such as deepfakes and AI-generated images, have advanced to the point where they can create highly realistic replicas of a person’s face, voice, or even fingerprint. These sophisticated forgeries can deceive traditional biometric systems, making robust liveness detection techniques even more critical. To counter this threat, liveness detection methods are evolving to incorporate advanced AI techniques, such as analyzing micro-movements, texture inconsistencies, or subtle biometric signals that are difficult for generative AI models to replicate. The most advanced liveness detection systems will also detect deep fakes and injection attacks.

There are two primary methods of liveness detection: passive and active.

  • Passive Liveness Detection: Passive liveness detection works in the background without requiring any specific action from the user. It analyzes the biometric data for signs of life, such as subtle facial movements, skin texture, or reflections in the eyes, using standard sensors. This method leverages advanced algorithms to detect whether the biometric trait is from a live person without interrupting the user experience.

Pros:

  • Since it doesn’t require any active participation from the user, it provides a seamless experience.

  • As it operates in the background, the user process is faster.

Cons:

  • Users may not realize what is happening or question whether their image was correctly captured.

  • Active Liveness Detection: Active liveness detection requires the user to perform specific actions during the authentication process, such as blinking, smiling, or turning their head. This approach ensures that the biometric sample is from a live person by confirming the user’s responsiveness.

Pros:

  • Active methods can be more reliable in distinguishing between live traits and spoofs

Cons:

  • Active methods can disrupt the user experience by requiring extra steps, which may be inconvenient or frustrating for users.

  • Some users, such as those with disabilities, may find it difficult to perform the required actions, potentially leading to accessibility challenges.

For a successful deployment, the choice between passive and active liveness detection should be guided by the specific use case and the desired user experience.

Another important consideration for liveness is iBeta and Presentation Attack Detection (PAD) testing. iBeta, an independent testing lab, provides rigorous evaluations of biometric systems under various conditions, including attempts to spoof the system. Achieving iBeta Level 1 and Level 2 certifications demonstrates that a biometric system has successfully passed standardized tests against different types of spoofing attacks, such as using photos, videos, or masks to deceive the system.

PAD testing, on the other hand, is a broader certification process that evaluates a system’s ability to detect and reject presentation attacks, ensuring that only genuine biometric traits are accepted. PAD testing follows the standards set by the International Organization for Standardization (ISO), particularly ISO/IEC 30107-3, which defines the requirements for liveness detection in biometric systems.

These certifications are essential for validating the robustness of liveness detection technologies. They provide confidence to businesses and users that the biometric system can effectively prevent fraud and unauthorized access, making it more secure and trustworthy in real-world applications. Given the rapidly changing fraud landscape and emerging scale and robustness of deepfakes, it is highly recommended to only use iBeta and PAD certified liveness detection technologies.

Before we move on to the next section, it is important to emphasize that liveness detection is a separate and distinct process from matching performance which is covered in the next section.

Matching Algorithm Performance: Speed and Accuracy

The second component of a biometric implementation is the matching algorithm. Matching algorithms compare a new biometric sample with stored templates (more on this below) to verify or identify an individual. The effectiveness of this process depends on the accuracy and speed of the algorithm.

Accuracy in matching algorithms is measured by two main factors: the False Acceptance Rate (FAR) and the False Rejection Rate (FRR). FAR refers to the probability that the system incorrectly matches an input to a non-matching template in the database, while FRR refers to the likelihood that the system fails to recognize a matching input. A good way to think about biometric system accuracy is like a metal detector at the airport; you can tune the system to be more sensitive, which will raise the FRR rate, or you can tune the system to be more permissive, which will raise the FAR rate. A good biometric system minimizes both FAR and FRR, ensuring that it reliably distinguishes between authorized and unauthorized users, but ultimately these can be tuned according to the use case or risk profile of the transaction.

Several parameters can influence the accuracy of biometric systems, leading to variations in performance across different populations and conditions:

  • Aging: Biometric traits can change over time. For example, facial features may alter with age, fingerprints may wear down, and iris patterns may evolve. These changes can affect the system’s ability to accurately match current biometric data with previously stored templates, potentially leading to higher FRR (False Rejection Rate).

  • Gender: Some biometric systems may exhibit biases related to gender. For instance, facial recognition systems have been found to perform differently on male and female faces, possibly due to differences in facial structure or the training data used for the algorithms.

  • Skin Tone: Skin tone can also impact the accuracy of biometric systems, particularly in facial recognition. Research has shown that some systems may have higher error rates for individuals with darker skin tones. This issue often arises from biased training data, where the algorithm has been trained predominantly on lighter-skinned individuals, leading to less accurate recognition for others.

  • Lighting and Environmental Conditions: The quality of the captured biometric sample can be affected by environmental factors such as lighting, background noise, and temperature. For example, poor lighting can reduce the accuracy of facial recognition systems, while wet or dirty fingers can affect fingerprint recognition.

  • Expression and Pose Variations: In facial recognition, changes in facial expressions (e.g., smiling, frowning) or head poses (e.g., tilting, turning) can reduce the accuracy of the system. Similarly, in voice recognition, variations in speech patterns due to mood, health, or background noise can affect the matching performance.

For organizations looking to assess the accuracy and performance of facial recognition systems, the National Institute of Standards and Technology (NIST) Face Recognition Vendor Test (FRVT) is widely regarded as the gold standard. The NIST FRVT provides comprehensive evaluations of facial recognition algorithms by testing them against a large, diverse dataset under various conditions. This benchmark helps organizations compare different algorithms and choose the best solution for their specific needs. NIST FRVT results offer valuable insights into how well an algorithm handles factors like aging, gender, and skin tone, making it an essential resource for ensuring high accuracy and fairness in biometric systems. There are separate NIST benchmarks for 1:1 and 1:N matching. As of this writing, the latest NIST testing for 1:1 covered 502 algorithms! The top algorithms do very well in all categories and can be relied on to provide greater than 99.9% accuracy under a wide range of conditions.

Storage: Privacy and Security

The final consideration in deploying biometrics is storage. Biometric data is highly sensitive, and improper storage can lead to severe security breaches. The storage system must ensure that biometric data is both secure and scalable.

Traditionally, there have been two primary methods for storing biometric data: centralized and device-based. In centralized storage, biometric templates are stored in a single database, often in the cloud. While this approach simplifies management and access, it also creates a single point of failure that can be a target for cyberattacks. Device biometrics, on the other hand, stores and processes biometric data locally, such as on the secure enclave of a user’s device. This approach reduces the risk of large-scale breaches but can be challenging to manage and creates security holes as the system will only get a response from the device, which in turn can be susceptible to an account takeover.

A critical concern in the storage of biometric data is whether the stored templates can be reverse-engineered to recreate the original biometric trait. While biometric templates are usually stored in an encrypted or transformed form, there is still a risk of reverse engineering, as noted in several academic papers.

In an increasingly stringent privacy landscape, this risk underscores the importance of using strong encryption methods and template protection techniques. New technologies, like secure multi-party computation and zero knowledge proofs, are gaining traction as they allow biometric matching without the need for biometric templates. To learn more about the different privacy-enhancing approaches to biometric storage, see our earlier blog on the topic, Securing Biometrics.

Successful deployments of biometrics

Deploying biometric systems involves navigating a complex landscape of security, performance, and storage challenges. Liveness detection is essential for ensuring that the system is not fooled by spoofing attempts, while matching algorithm performance determines how quickly and accurately users can be authenticated. Finally, the storage of biometric data must be both secure and scalable to protect sensitive information while accommodating future growth.

There are other factors that should be considered when deploying biometrics, for example, choosing the right modality for the use case. While selfie is the primary modality used in many digital applications today, palm biometrics, voice biometrics, fingerprint and iris also have their place especially in workforce and high security environments. Another critical factor is compliance with data protection regulations. Oftentimes privacy laws restrict collection and usage of biometrics to situations where a user provides consent, and may also limit data storage locations and/or duration of storage.

By carefully considering these factors, organizations can deploy biometric systems that are not only secure and efficient but also capable of meeting the demands of modern users.

For more information, visit www.anonybit.io

Be the first to know the latest news, product updates, and more from Anonybit