Usable Biometrics
Ashley BrooksUsability and Privacy 95-899Cranor, Reiter, and HongApril 11, 2006
Outline Biometric Basics
What is Biometrics?Why use Biometrics?Model of Biometric systemTypes of Biometrics
Evaluating Accuracy User Acceptance Advantages & Disadvantages
Biometrics Derived from the Greek words
“Bio”: Life“Metric”: to measure
Measures and Analyzes characteristicsPhysiologicalBehavioral
Authentication
Authentication 2 major means for authentication
IdentificationVerification
Identification vs. VerificationQuestion raisedAnalysisUses
Biometric Components
Types of Biometrics
PhysiologicalFingerprintsFaceEyesDNA
BehavioralVoiceKeystroke
Fingerprinting
Face
Eyes
DNA
Voice
Key Stroke Requires no special
hardware Methods are
transparent to users increasing user acceptance
Can be used for cryptographically stronger secrets for login and encryption
Accuracy Usability Metrics
Failure to Enroll (FTE)Failure to Acquire (FTA)
Performance MetricsFalse Acceptance Rates (FAR)False Rejection Rates (FRR)
Usability MetricsFailure to enroll (FTE)
Medicine IntakeHoarsenessSticky fingersCataractRare skin diseases
Failure to acquire (FTA)Smudged finger
printsRetina alignmentMumblingHand positioning
Performance Metrics
User Acceptance Socially acceptable
Knowledge of technology and computers
Acceptance of the concept Usability Security Personal privacy
Usability ConsiderationsFamiliarity with characteristicsExperience with devicesEnvironment of useTransaction Criticality
Security Considerations Biometrics are not secrets and are
therefore susceptible to modified or spoofed measurements
There is no recourse for revoking a compromised identifier
Strategic Solutions Liveness testing Multi-biometrics
Privacy Considerations
A reliable biometric system provides an irrefutable proof of identity
Threatens individuals right to anonymity Cultural concerns Religious concerns Violates civil liberties
Strategic Solutions Biometric cryptosystems Transparency
AdvantagesReduces cost within organizations Increases securityCompetitive advantageConvenience to employeesNon-repudiationEliminates a paper trail
DisadvantagesAccuracy of PerformanceFailure to enroll rate Information AbuseMay violate privacy
Conclusion Biometrics is a technology that
can simplify the process of authentication
Biometrics can be best used in situations where specific identity or exception identity is desired
References Tynan, Dan, “Biometrics: from Reel to Real”
www.pcworld.com/resource/printable/article/o,aid,120889,00.asp Yudkowsky, Chaim, “Byte of Success”,
http://accounting.smartpros.com/x40536.xml http://perso.wanadoo.fr/fingerchip/biometrics/movies.htm Biometrics
http://searchsecurity.techtarget.com/sdefinition/0,,sid14_gci211666,00.html International Biometric Group,
http://www.biometricgroup.com/reports/public/reports/ Patrick, Andrew S., “Usability and Acceptability of Biometric Security
Systems” , Institute for Information Technology National Research Council Biometric Assessment Benefits http://www.ax-sbiometrics.com/riskans.htm Bioidentification http://www.bromba.com/faq/biofaqe.htm Fact sheet
http://www.jrc.cec.eu.int/download/press/20050330_biometrics_fact_sheet.pdf
Recommended
