The vexing issue with biometrics

October 2014 Access Control & Identity Management

Fingerprint biometric systems have, in recent years stormed the access control and time & attendance market becoming the mainstream devices to use for identification and verification of users of the system. Very few access control systems are installed these days without at least one biometric device being connected to the solution with these devices replacing proximity readers to a large extent.

Time & attendance solution providers have all but disregarded any other form of electronic clocking system. This is mainly due to biometrics offering two invaluable aspects of either an access control or time & attendance solution – security and convenience. No more shared numerical pins, no lost proximity cards and no more buddy clocking.

This however does not mean that biometrics, and fingerprint biometrics in particular, are foolproof. Quite the contrary, a little mentioned fact of fingerprint biometrics are that only an estimated 95% of people can utilise a fingerprint biometric system. This estimation differs from vendor to vendor as the industry strives to make the biometric market more useable by utilising differing technologies.

Reasons for failure

From using multispectral response fingerprint scanning modules to incorporating scar tissue on the actual fingerprint template these technologies, some proprietary, helps the usability of the fingerprint biometric system. Fact is, not one vendor has been able to achieve a 100% usability rate unless they fake it until they make it.

Tier 1 vendors can claim up to a 98% usability rate by the use of proprietary technologies, but there always remains a percentage of people that are unable to use a fingerprint biometric system. I have interacted with individuals that have not one single useable fingerprint due to various reasons – wear and tear being the foremost.

Some individuals, contrary to popular belief, just do not have fingerprints. This seems to be a quirk of nature as normally this phenomenon occurs in industries where the individuals’ fingerprints are subject to abrasive or corrosive materials. In numerous instances individuals exist that have no contact in either their professional or personal lives with any material that could explain them not having at least one single usable fingerprint.

The usability rate of 95% does not necessarily translate into real word usability rates. Some systems have a rate as low as 70% when deployed in the field and this translates to one very simple fact – the biometric system is delinquent. It has the potential but is not performing as expected. The reasons for this may be numerous. It may be attributed to environmental factors, the wrong solution for the application, outdated algorithms, archaic but cheap technologies and training on the correct usage of the biometric device. The biggest culprit however seems to be situated at the source of the fingerprint database – initial enrolment of user’s fingerprints on the systems.

Enrolment issues

The mantra for biometric vendors and installers alike should be: ‘If you have a poor enrolment, you have a poor system’; or in IT parlance: ‘Junk in, junk out’. No amount of tweaking after the fact will make the system perform any better and will in fact open the system to abuse negating the raison d’ître for making use of a biometric fingerprint system in the first instance.

Various vendors provide for different fingerprint enrolment methods. Some only allow for enrolment on the field based biometric device itself and then transferring the template to the software where additional information is captured. Others allow for enrolment on both the biometric device and on the software via a take-on reader.

The issue with enrolling the fingerprint onto the system via the field based biometric device is the inherent difficulty with judging how good or bad a fingerprint template is. There is no way to know if the fingerprint template will be useable and invariably – due to not being able to ‘score’ the fingerprint – this leads to a low usage rate, multiple scans, long transaction times and complaints from users that the system does not work. These complaints are certainly justified since the optimum for access control systems are to keep bad guys out and give good guys access whilst doing it as speedily and accurately as possible. The same applies to time & attendance systems.

The correct enrolment procedure is to use a system that allows for enrolment directly onto the software via a take-on biometric device. These systems allow for the fingerprint to be scored on a percentage basis and will automatically indicate that a fingerprint does not conform to the required levels of usability. This in turn allows the administrator of the system to take steps to ensure that the user will be able to use the system without hindrance. Typically, this is done by adjusting the software to lessen or heighten the amount of identifiable features that the system looks for when matching a user’s fingerprint from the database.

Some vendors allow this to be done on a global scale and some vendors allow this to be done on an individual basis. The former poses a security risk due to every user’s profile being amended according to a lowered matching standard. Being able to amend the enrolment and matching levels on an individual basis is therefore desirable since only the single user – or a small group of users at least – uses less or more identifiable features which translates to a higher level of security. Sometimes however, the problem with a poor fingerprint exists simply because the fingerprint is dry or wet and these are easily solved.

By addressing enrolment issues, 8 out of 10 delinquent biometric systems can be rectified to operate optimally and as advertised. This is true for all Tier 1 vendors. Unfortunately, it will not resolve all issues with delinquent systems due to all systems not being equal. Environment and embedded technology will always play a major role in the usability of the system just as with everything else.

For more information contact Deon van Rensburg, Virdi Distribution, +27 (0)82 820 0887,


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The benefits of electronic visitor management
August 2019, Powell Tronics , Access Control & Identity Management, Residential Estate (Industry)
Access control is a critical aspect of estate security as it represents the controls put in place to restrict entry (and possibly exit) along the outer boundary of the location.

Addressing risks by means of access control layout and design
August 2019 , Access Control & Identity Management, Security Services & Risk Management
In order to develop a suitable, practical and appropriate security system for any organisation, it is essential to first develop a master security and life safety plan strategy.

Secure hands-free access
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

MorphoAccess Sigma Extreme
August 2019, IDEMIA , Products, Access Control & Identity Management
MorphoAccess Sigma Extreme from IDEMIA is a touchscreen device with multiple recognition device interfaces (NFC chip reader, PIN and BioPIN codes, contactless card readers).

Outdoor access terminals
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry), Products
Rugged, dust- and weather-proof access control solutions that provide exceptional durability in extreme conditions is a strong requirement for many residential estates.

MorphoWave Compact
August 2019, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact captures and matches four fingerprints on either the right or left hand in any direction. It is robust to environmental factors such as extreme light or dust.

MorphoAccess Sigma Lite
August 2019, IDEMIA , Products, Access Control & Identity Management
IDEMIA’s MorphoAccess Sigma Lite and Lite + are fingerprint access control terminals, offering time and attendance in and out function keys.

Eliminating forced gate opening scenarios
August 2019, ET Nice , Home Security, Access Control & Identity Management
When activated by the gate forced open alarm feature, the transmitter transmits a wireless alarm signal up to 750 metres in any direction.

IAM has business on high alert
August 2019 , Access Control & Identity Management
Identity and Access Management (IAM) is now a must in commerce and the need to protect digital assets is driving the development of solutions and widespread adoption

Came acquires Turkish company Özak
August 2019, CAME BPT South Africa , News, Access Control & Identity Management
Came broadens its market horizons and signals growth and consolidation in the Middle East.