Embedded biometrics provide an extra layer of security

March 2006 Access Control & Identity Management

Breaches of security are minimised in many ways. One way is to literally limit the windows of opportunity for infringement. For instance, if the database of those authorised for access to a facility is not reliant on networking hardware systems, the chance for someone to infiltrate the system is reduced as are the possibilities of downtime. One cannot hack what is not there. What is not there cannot break down.

That is what embedded biometrics add to a system. When biometrics are embedded, no PC nor other IT elements are involved in managing the database at the door. In some instances, this level of integration can be achieved without reporting to an external access control system.

If one is not authorised to enter, the reader at the location, without checking elsewhere, tells that person that they cannot enter. Likewise, if authorised, that person can enter without the reader having to verify from a remote location.

Embedded systems come in two different varieties. One has been used for some time and is seldom even thought of as an embedded system. It is the standalone biometric reader, which manages biometric templates within the reader. The other is newer, where the biometric template management is actually performed by a smartcard.

Standalone biometric systems have been employed since the late 1980s. The Recognition Systems HandKey II reader providing access to a unique private library and museum at the New York Weill Cornell Medical Center is a case in point. The museum is so secure that it is only accessible to a very small group of people.

New York Weill Cornell Medical Center
New York Weill Cornell Medical Center

"It was imperative that access be secured because of the value of our library and the museum's contents," explains Ben Scaglione, director of security at New York Weill Cornell Medical Center, which along with Columbia Presbyterian, makes up New York Presbyterian Hospital, one of the most comprehensive university hospitals in the world. "People come from all over the world to review and look at the books and artifacts located here."

According to Scaglione, New York Weill Cornell has a magnetic stripe system for the rest of the facility. However, the museum presented a special problem, needing something extremely reliable and foolproof. Instead of verifying a card or code, the HandKey reader verifies the person who is at the entrance. The exclusive users simply enter their unique ID numbers on the HandKey's keypad and present their hands to gain entry. No other equipment or system is involved.

Smartcard hand reader
Smartcard hand reader

Smartcards, embedded biometrics in your wallet

What is being installed at major seaports is but one example of how a smartcard can store both the user's ID number and hand geometry template on the card. Because of this, there is no need to distribute hand templates across a network of hand readers or require the access control system to manage biometric templates. This means integration to any existing access control application is greatly simplified and additional network infrastructure costs are eliminated. Since the template only resides on the card, the solution also eases individual privacy concerns.

Providing the best of smartcards and biometrics, the solution provides dual authentication by requesting both the right card and the right person. A smartcard reader is embedded into the biometric reader. A plastic cardholder is affixed to the side of the unit. The verification process takes approximately one second and is virtually foolproof.

In most applications involving smartcards and embedded biometrics, hand geometry is preferred since a hand template uses up only 9 bytes versus an average of 300 bytes required by fingerscan readers per finger.

The Port of Antwerp in Belgium, the second largest port in Europe and the tenth largest in the world, just installed an Internet-based ID-verification and credentialling card-management system employing electronic and biometric technologies. More than 8000 credentials have already been recorded by the system. When fully deployed, it is estimated that credentials for more than 20 000 longshoremen, truck drivers and other employees and visitors requiring access to the port will be validated and recorded by the system.

Each of the 20 000 electronic identification smartcards are equipped with radio frequency identification (RFID) technology allowing them to be read up to 10 centimetres away by each reader, facilitating fast movement through access points. The system stores information about employee certifications, work experience and access restrictions, as well as biometric identifiers.

However, the hand geometry template of each card recipient is prerecorded directly on each credentialling card for use at the terminals using the biometric hand readers. Template management remains on the card, not in the system.

When the smartcard is presented to the smartcard reader embedded in the hand reader, the user is requested to place their hand on the hand reader. It then compares the hand's length, width, thickness and surface area with the template stored in the smartcard to verify identity. The process takes approximately one second and is virtually foolproof.

Whether using embedded biometrics in a smartcard system in which many people must be credentialled or using a standalone biometric reader with its embedded biometrics at an access point used by few people, embedding biometrics should be considered in any access control overview.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The future of security: intelligent automation
Access Control & Identity Management AI & Data Analytics IoT & Automation
As the security landscape evolves, businesses are no longer looking for stand-alone solutions, they want connected, intelligent systems that automate, streamline, and protect.

Read more...
Smart automation is changing security
SA Technologies IntelliGuard Access Control & Identity Management
Security has come a long way from manual check-ins, logbooks, and standalone surveillance cameras. With the rise of intelligent automation, security is now faster, smarter, and more connected than ever.

Read more...
The future of security in South Africa
ATG Digital Access Control & Identity Management
Security technology is evolving rapidly, but is local innovation keeping pace? Some global players recognise the potential of South African products for international markets, but can our manufacturers and service providers thrive without external support?

Read more...
Integration enhances estate access control
Access Control & Identity Management
With one-third of residential burglaries starting at the front door, the continued seamless integration of Glovent’s estate management platform with Impro access control software is welcome news for estates.

Read more...
T&A in South Africa’s retail sector
ERS Biometrics Access Control & Identity Management
Using existing systems, ERSBio provides a practical and more cost-effective way for businesses to manage operations, reduce payroll mistakes, and enhance overall efficiency through innovative T&A processes.

Read more...
Navigating the complexities of privileged access management
Editor's Choice Access Control & Identity Management
Privileged Access Management and Identity Access Management are critical pillars of modern cybersecurity, designed to secure access to sensitive resources, enforce principles like least privilege, and implement just-in-time access controls.

Read more...
Paxton opens second experience centre
Paxton News & Events Access Control & Identity Management
Security technology manufacturer, Paxton, has opened a new experience centre in Cape Town on 12 February in partnership with its exclusive distributors, Reditron and Regal Security.

Read more...
DoorBell with built-in AI
Ajax Systems Access Control & Identity Management Products & Solutions Smart Home Automation
Ajax Systems has announced the release of Ajax DoorBell, which features built-in AI, an IR sensor, and app control, seamlessly integrating into the Ajax ecosystem to ensure efficiency and security confidence.

Read more...
Physical security evolving beyond security teams
ATG Digital Access Control & Identity Management
The landscape of physical security is undergoing a major shift. Traditionally, selecting access control and visitor management solutions fell squarely on the shoulders of security professionals, but today includes legal, IT, technical operations and more.

Read more...
A passwordless future?
Access Control & Identity Management
The digital landscape is evolving rapidly, and with it comes the urgent need for more secure authentication methods. Passwords, once the cornerstone of online security, are now easy targets for cybercriminals.

Read more...