Biometrics System Components
![Picture](/uploads/8/3/2/3/83235392/1468489397.png?250)
Biometric system varies in terms of architecture and models; however, the main components of the system are: (Prabkhakar, Pankanti & Jain, 2003; Wayman, 2005):
Biometric system varies in terms of architecture and models; however, the main components of the system are: (Prabkhakar, Pankanti & Jain, 2003; Wayman, 2005):
- Data Acquisition (or Data Collection) - capture biometric data via sensors
- Data Transmission - sending data via channel for further processing
- Data Processing (or Feature Extraction) - extract distinct attributes from acquired data
- Data Storage - store the template
- Recognition and Decision Making - compare acquired attributes against a template and make a decision
1. Biometrics Data Acquisition
![Picture](/uploads/8/3/2/3/83235392/1469286252.png)
Each biometric system begins with a data capture component which is the first step in the enrollment and verification/identification phases (Prabkhakar, Pankanti & Jain, 2003). The user must present the biometric characteristic to a sensor which will capture images or measure the biometric characteristic (Prabkhakar, Pankanti & Jain, 2003; Das, 2014). This component may include processes that tests the sample input data (i.e. captured data) to determine quality as well as test for liveness (Wayman, 2005; Rogmann & Krieg, 2015).
1.1 Quality Control is used to ensure the quality of the sample (Wayman, 2005). This can be done in various ways - at this step, quality control may prompt whether to accept or reject the sample and request a new sample (Wayman, 2005).
1.2 Liveness testing is a technique used to complement and increase the reliability of the system. It can detect whether a captured biometric data (e.g. a fingerprint) has been acquired from a live user or not. In other words, it can differentiate between a spoofed biometric or a biometric acquired from a living person as an example. There are two main approaches to the liveness detection:
1.1 Quality Control is used to ensure the quality of the sample (Wayman, 2005). This can be done in various ways - at this step, quality control may prompt whether to accept or reject the sample and request a new sample (Wayman, 2005).
1.2 Liveness testing is a technique used to complement and increase the reliability of the system. It can detect whether a captured biometric data (e.g. a fingerprint) has been acquired from a live user or not. In other words, it can differentiate between a spoofed biometric or a biometric acquired from a living person as an example. There are two main approaches to the liveness detection:
- Hardware based approach uses special medical hardware to detect the vital signs of a human such as pulse rate, temperature or pulse oximetry (Rogmann & Krieg, 2015).
- Software based approach uses a supplementary recognition algorithm that is integrated into the matching algorithm to detect whether these biometrics data has been acquired from a live individual or not. Software based approaches varies and depends on the types of input devices (Rogmann & Krieg, 2015).
- In the passive method, biometric data is captured without the need for the user to interact with biometric probes or to simulate human behaviours (Rogmann & Krieg, 2015).
- In the active method, the user is requested and challenged to perform certain types of actions. For example, a vein scanner would measure the pulse and temperature of the user as a hardware based, passive approach. The user would be challenged to use other fingers for pulse or temperature detection to make sure that the user is alive and can respond to the system's inquiries (Rogmann & Krieg, 2015).
2. Biometrics Data Transmission
![Picture](/uploads/8/3/2/3/83235392/data-transfer.jpg?420)
Many biometric system acquires the data and prepares it for further processing at the point of data acquisition before sending them to the data storage. However, according to Wayman (2005), some systems separates the tasks of data collection, storage and processing at different locations. In this case, data transmission is required. For large data, these systems would compress the captured data before transferring them via a secure channel in order to minimize bandwidth utilization and data storage space. The compressed biometrics data would be required to be expanded before further processing can occur. One of the key issues in the compression/decompression process is quality loss.
3. Biometrics Data Processing
![Picture](/uploads/8/3/2/3/83235392/images.jpg?391)
The next component is processing the data for recognition analysis. The goal of this component is to "enhance the quality of the captured images due to distortions" as well as to "extract distinguishing features of an image" (Bouridance, 2009). Data processing can be further categorized into four tasks:
3.1 Segmentation
The purpose of segmentation is to detect and depict some sort of pattern from the biometric data (Wayman, 2005). Each biometric system will have different methods of segmentation which looks for different patterns (Wayman, 2005). For example, iris biometrics technology would recognize and isolate two circles that outlines the iris boundary. The internal circle would be considered the pupil and the external ones would be recognized as sclera (Thenmozhi & Gnana Skanda Parthiban, 2013). In a similar manner, the other contours like eyelid and eyelash would be marked and recognized (Arvacheh & Tizhoosh, 2006). Speech recognition biometrics is another example in which the speech activity would be distinguished from non-speech activity in the voice recording (Wayman, 2005).
3.2 Normalization
The aim of normalization is to enhance the quality of the biometric image (Bouridance, 2009). This is done by applying various techniques that will enable "a better recognition power for the system" (Bouridance, 2009). Various biometric system will use various normalization techniques. The following are examples of normalization:
3.3 Feature Extraction
After segmentation and normalization, the biometrics data may contain non-repeatable, non-controllable, non-distinctive and redundant elements (i.e. unuseful data) (Wayman, 2005). The purpose of feature extraction is to detect and discard those elements that are of no practical use and preserve the unique, controllable and repeatable traits (Wayman, 2005). The employed methods for feature extraction varies and depends on modality and type of biometrics technology - this is further discussed in Module 3.
3.4 Features Conversion and Template Creation
The extracted features, which are unique, controllable and repeatable, are represented digitally and saved as a template (Das, 2014). This template is a mathematical file which contains information about the unique feature but is non-reversible - that is, the raw image cannot be reconstructed from it (Das, 2014). Every biometric system uses different mathematical models to represent the extracted features (Das, 2014). For example, in the case for fingerprints, the unique features are represented as a binary mathematical file (i.e. represented as zeros and ones) (Das, 2014). Once the template is created, the raw images may be discarded or also stored in a database, depending on the system (Bouridance, 2009; Das, 2014).
- Segmentation
- Normalization
- Feature Extraction
- Feature Conversion and Template Creation
3.1 Segmentation
The purpose of segmentation is to detect and depict some sort of pattern from the biometric data (Wayman, 2005). Each biometric system will have different methods of segmentation which looks for different patterns (Wayman, 2005). For example, iris biometrics technology would recognize and isolate two circles that outlines the iris boundary. The internal circle would be considered the pupil and the external ones would be recognized as sclera (Thenmozhi & Gnana Skanda Parthiban, 2013). In a similar manner, the other contours like eyelid and eyelash would be marked and recognized (Arvacheh & Tizhoosh, 2006). Speech recognition biometrics is another example in which the speech activity would be distinguished from non-speech activity in the voice recording (Wayman, 2005).
3.2 Normalization
The aim of normalization is to enhance the quality of the biometric image (Bouridance, 2009). This is done by applying various techniques that will enable "a better recognition power for the system" (Bouridance, 2009). Various biometric system will use various normalization techniques. The following are examples of normalization:
- Geometrical Alignment - In some biometric systems such as face and iris, the image may be "rotated or shifted", so normalization is employed to shift and rotate the image to the "main position" - in the case of face and iris recognition, is the frontal view (Bouridance, 2009).
- Image Size Normalisation - The purpose of this is to "align images such that they are of the same size and are located at the same position and orientation" (Bouridance, 2009). For example, in the iris recognition system, Daugman's rubber sheet model is used to "produce iris regions, which have the same constant dimensions" (Thenmozhi et al., 2013).
3.3 Feature Extraction
After segmentation and normalization, the biometrics data may contain non-repeatable, non-controllable, non-distinctive and redundant elements (i.e. unuseful data) (Wayman, 2005). The purpose of feature extraction is to detect and discard those elements that are of no practical use and preserve the unique, controllable and repeatable traits (Wayman, 2005). The employed methods for feature extraction varies and depends on modality and type of biometrics technology - this is further discussed in Module 3.
3.4 Features Conversion and Template Creation
The extracted features, which are unique, controllable and repeatable, are represented digitally and saved as a template (Das, 2014). This template is a mathematical file which contains information about the unique feature but is non-reversible - that is, the raw image cannot be reconstructed from it (Das, 2014). Every biometric system uses different mathematical models to represent the extracted features (Das, 2014). For example, in the case for fingerprints, the unique features are represented as a binary mathematical file (i.e. represented as zeros and ones) (Das, 2014). Once the template is created, the raw images may be discarded or also stored in a database, depending on the system (Bouridance, 2009; Das, 2014).
There is two distinctive types of digital template - enrollment template and verification/identification template.
1. Enrollment template: During the initial registration, the system captures and extracts the unique characteristics of the user, creates a mathematical file of the extracted features (i.e. enrollment template) and permanently stores the template in a database (Das, 2014). This enrollment template will be used for comparison purposes during subsequent access requests (Das, 2014). 2. Verification/Identification template: During verification/identification, the user's biometric data is captured, processed and features are extracted (Das, 2014). The system creates a verification/identification template of the extracted features and would compare it with the enrollment template (Das, 2014). |
It must be noted that the enrollment and verification/identification template are not 100% the same since the behavioural/ physiological traits are constantly changing. In addition, the environmental effect (e.g. lighting) can cause differences between the enrollment template and verification/identification template (Das, 2014)
3.4.1 Template Type
According to Das (2014), the mathematical model used to create the templates varies depending on the type of system and the sensors that are used. However, the same mathematical model is used to create both the enrollment and verification/identification templates. Here is a sample list of mathematical files according to their sensors:
According to Das (2014), the mathematical model used to create the templates varies depending on the type of system and the sensors that are used. However, the same mathematical model is used to create both the enrollment and verification/identification templates. Here is a sample list of mathematical files according to their sensors:
- Binary mathematical files are used for Fingerprint recognition, and Hand geometry recognition
- Gabor wavelet mathematical file are used for iris recognition
- Eigenfaces and eigenvalues mathematical file are used for facial recognition
- Statistical predictive modeling are used for behavioural biometrics recognition
3.5 Quality control
Quality control may also take place in the data processing component. The focus is to determine whether the quality of the digital template is good enough - that is, whether the features extracted make sense or sufficient for submission to the next component or process (Wayman, 2005). The quality control enhances the performance of the system since it rejects and generates “failure to enroll” error if it receives low quality processed data (Wayman, 2005).
Quality control may also take place in the data processing component. The focus is to determine whether the quality of the digital template is good enough - that is, whether the features extracted make sense or sufficient for submission to the next component or process (Wayman, 2005). The quality control enhances the performance of the system since it rejects and generates “failure to enroll” error if it receives low quality processed data (Wayman, 2005).
4. Biometrics Data Storage
![Picture](/uploads/8/3/2/3/83235392/1468490606.png?250)
Biometrics data storage is the location where templates, models, results etc... are kept (Bouridance, 2009; Wayman, 2005). Decision to store what type of data is dependent "upon the kind of application that will utilize the data" (Bouridance, 2009). For example, raw images may be stored for research purposes (Bouridance, 2009). By storing the raw images, this also allows for the flexibility to make changes to the system or change the system vendor since the feature extraction algorithms are proprietary to the vendor (Das, 2014). As templates are non-reversible, the storage of raw images also allows the template to be constructed "without the need to re-collect data from all enrolled users" (Das, 2014).
Depending on the type of system, usage and policy, biometric templates may be stored in distributed or centralized database. For example, Biometric templates may be stored "in a card, in a central database on a server, on a workstation or directly in an authentication terminal" (Matyas & Riha, 2002).
Depending on the type of system, usage and policy, biometric templates may be stored in distributed or centralized database. For example, Biometric templates may be stored "in a card, in a central database on a server, on a workstation or directly in an authentication terminal" (Matyas & Riha, 2002).
- Centralized Database - As the name implies, "biometric templates are stored onto one database" and biometric templates are "transmitted across the network media...for storage" (Das, 2014). It is used in biometric systems which "performs one-to-N matching" such as for "PINless verification systems" (Wayman, 2005). As the efforts for matching increases, central database partitioning or indexing (i.e. creating smaller subsets of the database) may be required in order to prevent degradation of the speed/performance of the system (Wayman, 2005).
- Decentralized Database - While centralized database uses one database, multiple databases are used for decentralized structure which may be physically located at different areas (Das, 2014).
5. Recognition and Decision Making
![Picture](/uploads/8/3/2/3/83235392/images-1_1.jpg?360)
Biometric systems has two operating modes (Bouridance, 2009, Das, 2014):
a) Verification Mode - "Am I who I claim to be?" (Das, 2014)
b) Identification Mode - "Who am I?" (Das, 2014)
Following the verification and/or identification, the next are authentication and authorization (Das, 2014).
5.1.Verification
Verification is the process of checking if the user's claim of identify is correct (Das, 2014). The system must confirm this claim by performing a one-to-one match - a query of the database to find the stored digital template of the claimed identity (Das, 2014; Rogmann & Krieg, 2015). For example, in face recognition approach, the system scans and extracts the unique features of the user’s picture and this would be stored in a verification template. The system then searches and finds the corresponding stored enrollment template of the claimed identify. If an enrollment template is found, the verification template and enrollment template are compared and a similarity score would be measured (Das, 2014).
a) Verification Mode - "Am I who I claim to be?" (Das, 2014)
b) Identification Mode - "Who am I?" (Das, 2014)
Following the verification and/or identification, the next are authentication and authorization (Das, 2014).
5.1.Verification
Verification is the process of checking if the user's claim of identify is correct (Das, 2014). The system must confirm this claim by performing a one-to-one match - a query of the database to find the stored digital template of the claimed identity (Das, 2014; Rogmann & Krieg, 2015). For example, in face recognition approach, the system scans and extracts the unique features of the user’s picture and this would be stored in a verification template. The system then searches and finds the corresponding stored enrollment template of the claimed identify. If an enrollment template is found, the verification template and enrollment template are compared and a similarity score would be measured (Das, 2014).
5.2 Identification
Identification is the process of determining who the user is without a claim of identity by the user (Das, 2014). The system creates an identification template and performs a one-to-many search against all the templates in the database in order to determine the absence or presence of a match for the extracted features of the user (Bouridance, 2009; Das, 2014). The benefit of this operating mode is to find any possible black list or to perform double enrollment check (DEC) - this important to prevent a user from registering twice into the system such as during elections to prevent double voting (Kindt, E. J. 2013).
Identification is the process of determining who the user is without a claim of identity by the user (Das, 2014). The system creates an identification template and performs a one-to-many search against all the templates in the database in order to determine the absence or presence of a match for the extracted features of the user (Bouridance, 2009; Das, 2014). The benefit of this operating mode is to find any possible black list or to perform double enrollment check (DEC) - this important to prevent a user from registering twice into the system such as during elections to prevent double voting (Kindt, E. J. 2013).
5.3 Matching
In both the verification and identification operating mode, the verification/identification template is compared against an enrollment template (Das, 2014). This is done using matching algorithms which are a set of calculations and statistical models (Das, 2014). The relevant statistical methodology are used to check for resemblance or similarity; a similarity score is used to decide how closely these two templates are similar. If a high similar score is found, the user is authenticated (Das, 2014).
Although the matching algorithms vary from vendor to vendor and are proprietary (i.e. no modification or alteration are allowed), a system administration may specify the “Sensitivity Threshold” which determines how closely an enrollment template and verification/identification template must match in order (i.e. resemblance) to accept or reject the request. This “Sensitivity Threshold” of the matching algorithms is determined by a set of biometric key performance indicators (KPIs) (Das, 2014).
In both the verification and identification operating mode, the verification/identification template is compared against an enrollment template (Das, 2014). This is done using matching algorithms which are a set of calculations and statistical models (Das, 2014). The relevant statistical methodology are used to check for resemblance or similarity; a similarity score is used to decide how closely these two templates are similar. If a high similar score is found, the user is authenticated (Das, 2014).
Although the matching algorithms vary from vendor to vendor and are proprietary (i.e. no modification or alteration are allowed), a system administration may specify the “Sensitivity Threshold” which determines how closely an enrollment template and verification/identification template must match in order (i.e. resemblance) to accept or reject the request. This “Sensitivity Threshold” of the matching algorithms is determined by a set of biometric key performance indicators (KPIs) (Das, 2014).
5.3 Authentication
Authentication means that the system compares the verification/identification template with a stored digital template using a matching algorithms and decides whether the "information and data already exist in the database" (Das, 2014).
5.4 Authorization
Authorization means that the system would grant access to the system to user if the identity has authenticated (Das, 2014).
Authentication means that the system compares the verification/identification template with a stored digital template using a matching algorithms and decides whether the "information and data already exist in the database" (Das, 2014).
5.4 Authorization
Authorization means that the system would grant access to the system to user if the identity has authenticated (Das, 2014).
6. Fusion Module
Fusion is a module that is only used in multimodal biometrics technology when multiple inputs and traits must be fused and integrated in order to create a single integrated schema. According to Ross (2001), biometrics data can be fused at various level:
- Feature extraction level, where extracted features from several input devices would be combined into one single file.
- Matching algorithm level where the multiple derived matching score would be concatenated into one matching/ similarity score.
- Recognition level where the accept/reject decisions of multiple systems are consolidated and decision would be generated
References:
- Bouridane, A. (2009). Imaging for Forensics and Security From Theory to Practice. DOI 10.1007/978-0-387-09532-5
- Das, R. (2014). Biometric technology: Authentication, biocryptography, and cloud-based architecture
- Kindt, E. J. (2013). Privacy and data protection issues of biometric applications: A comparative legal analysis. Dordrecht: Springer. doi: 10.1007/978-94-007-7522-0
- Matyáš, V., & Říha, Z. (2002). Biometric Authentication — Security and Usability. Advanced Communications and Multimedia Security, 227-239. doi:10.1007/978-0-387-35612-9_17. Retrieved on June 23, 2016 from http://www.fi.muni.cz/usr/matyas/cms_matyas_riha_biometrics.pdf
- Prabhakar, S., Panakanti, S. & Jain, A (2003). Biometric Recognition: Security and Privacy Concerns. Retrieved on July 17, 2016 from biometrics.cse.msu.edu/Publications/GeneralBiometrics/PrabhakarPankantiJain_BiometricSecurityPrivacy_SPM03.pdf
- Rogmann, N., and Krieg, M. (2015) "Liveness Detection in Biometrics." 2015 International Conference of the Biometrics Special Interest Group (BIOSIG) (2015): Retrieved on June 25, 2016 from http://subs.emis.de/LNI/Proceedings/Proceedings245/311.pdf
- Ross. A. (2001) Information technology. Biometrics. Multi-modal and other multibiometric fusion. doi:10.3403/30130614u. Retrieved on July 10, 2016 from http://www.cse.msu.edu/biometrics/Publications/Multibiometrics/RossJainQian_BiometricFusion_AVBPA01.pdf
- Thenmozhi, M. & Gnana Skanda Parthiban, P. (2013). Fusion based multimodal biometric authentication with anomaly intrusion detection system. International Journal of Scientific & Engineering Research, 4 (8), Retrieved on July 6, 2016 from http://www.ijser.org/researchpaper/FUSION-BASED-MULTIMODAL-BIOMETRIC-AUTHENTICATION-WITH-ANAMOLY-INTRUSION-DETECTION-SYSTEM.pdf
- Wayman, J., Jain, A., Maltoni, D., & Maio, D. (2005). Technology, Design and Performance Evaluation. Biometric Systems, 1-20. doi:10.1007/1-84628-064-8_1