Presentation is loading. Please wait.

Presentation is loading. Please wait.

Emerging Biometric Applications Expectations and Reality (in 29 minutes or less!) (C) Mr David Heath of Triton Secure.

Similar presentations


Presentation on theme: "Emerging Biometric Applications Expectations and Reality (in 29 minutes or less!) (C) Mr David Heath of Triton Secure."— Presentation transcript:

1 Emerging Biometric Applications Expectations and Reality (in 29 minutes or less!) (C) Mr David Heath of Triton Secure

2 An Emerging Technology

3 What are Biometrics? The term biometrics refers to a science involving the standard analysis of biological characteristics. A biometric is a unique, measurable characteristic or trait of a human being for automatically recognising or verifying identity.

4 Who are you? No, who are you, really???

5 Authentication Methods in Network & Internet Security Something you are Biometrics Positive identification Never lost or stolen Something you know Passwords PINs Mother’s maiden name Something you have ATM card Smart card Digital certificate

6 Biometrics Innate Iris Retina Ear Fingerprint Palm / hand Face (visual & heat) Skin detail / veins DNA / Blood / Saliva / anti-bodies Heart rhythm Footprint Lips Behavioral Gait Signature Typing style Mixed Voice Body odour

7 Why Biometrics? “Biometric identification (e.g., fingerprints, face and voice) will emerge as the only way to truly authenticate an individual, which will become increasingly important as security and privacy concerns grow.” - Gartner Group 26 th April 2000

8 How do Biometrics Work? Enrollment: Add a biometric identifier to a database Fingerprint, Voice, Facial or Iris Verification: Match against an enrolled record Present biometric CaptureProcess Store Present biometric Capture Process Compare Match IDENTIFIED No Match DENIED

9 Fingerprint Image Identification

10 Accuracy v. Affordability v. Acceptability 0 1 2 3 4 Accuracy >> Affordability >> Courtesy, Veridicom Corp.

11 Benefits for the Consumer

12 Benefits of Biometrics Biometrics link a particular event to a particular individual, not just to a password or token, which may be used by someone other than the authorized user

13 Business Scenarios The password problem Remote access Who is using our fee-based web-site? Challenge-response tokens Too many physical-access devices Protecting the single-sign-on vault

14 The Password Problem They’re either too easy or they’re written down somewhere! Users forget them! Help Desk has to sort out the mess!

15 The Password Problem Write it Down 4728816 % of respondents Never OccasionallyOftenAlways Source: CCH

16 The Password Problem Resets per Year 4 62295 % of respondents Zero1-23-6> 6 Source: CCH

17 The Password Problem Identifiable costs Lost productivity Flow-on productivity losses Support team Management and infrastructure US research - $340 per incident* Anecdotal – some incidents over $AU10,000 *BioNetrix Corp - www.bionetrix.com/inserts.pdf

18 Choosing Technologies and Partners

19 Privacy Concerns and Ethics Criminal stigma 3rd party use of data Sold or given for other than intended purpose Provided to law enforcement Unauthorized access Identity theft “Tracking” of actions through biometrics Religious objections - “Mark of the Beast”

20 Australian Privacy Act NPP 4 – Data Security An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

21 Privacy Policy Recommendations 5 basic principles Notice – disclose ALL data captured Access –anyone can view their stored data Correction Mechanism Informed Consent – no 3 rd -party involvement Reliability & Safeguarding

22 Who would use Biometrics Strong identification and authentication Medium – high data security Non-repudiation (I didn’t do it!)

23 Who would use Biometrics The last metre Fee-for-service web sites e-Commerce transaction verification

24 Selecting Biometric Technologies User / environment considerations Technology factors

25 Technology Comparison

26 Accuracy False rejection rate Measures how often an authorized user, who should be recognized by the system, is not recognized. I am not recognised as me! False acceptance rate Measures how often a non-authorized user, who should not be recognized by the system, is falsely recognized. You are pretending to be me!

27 Matching vs. Non- Matching Prints Non-matching prints Matching prints Matching Threshold False non-matchesFalse matches d

28 Selecting a Biometric Solution Who can help?

29 Your Vendor / Consultant Existing relationship Ability to integrate biometrics into existing platform Ability to draw on other experience

30 Australian Biometric Testing Organisation Recently incorporated Impartial tester Education source Government & industry funded www.biomet.org/abto abto@biomet.org “Introduction to Biometrics” 1-day course

31 What problem are we solving? If biometrics is the answer, what’s the question?

32 Evaluation Strategy Define the requirements Testing & trialing Management buy-in Internal champion (not the IT Manager)

33 Who is using it? Connecticut Dept Social Welfare Health Application ABN-AMRO

34 Give Passwords the Finger!


Download ppt "Emerging Biometric Applications Expectations and Reality (in 29 minutes or less!) (C) Mr David Heath of Triton Secure."

Similar presentations


Ads by Google