Access Control - Why Fingerprints are Better Than Keys
May 2019 by David Orme, SVP at IDEX Biometrics
Authentication is any process whereby an individual proves that they are who they
claim to be, and in an increasingly digital world, authentication is the key to
protecting both connected and unconnected assets. We need it to keep out bad people (black hat hackers, identity thieves) and let in good people (staff, customers,
experts) - not just to computers and IT networks, but business premises and hardware as well.
Until recently, most of us relied heavily on fobs, swipe cards, keys, passwords and
PINs to authenticate ourselves and gain access to our places of work, but there is a
hitch. These methods of authentication are either difficult to remember or can be
easily lost and stolen. As a result, we choose incredibly predictable passwords that
virtually anyone can guess[1] or borrow our colleagues passes, fobs or swipe cards.
In short, lots of people are lax about authentication[2].
Poor-quality authentication is risky for individuals, but when it’s scaled up to the
level of a business or organisation, it becomes much more of a threat. If a business
is hacked or compromised, the penalties - which will probably include both financial
and reputational ’punishment’ - are likely to be severe.
That’s why organisations must insist on enhanced methods of authentication, such as
biometrics in the form of fingerprint recognition to authenticate staff. While it’s
quite normal to forget a password, you can’t forget your fingerprint. Ensuring the
right person is using the right entry card to gain access to the areas of the
building they have permission to.
For some businesses the use of fingerprint biometrics to authenticate staff may seem
like science fiction. Remember Tom Cruise in all the Mission Impossible films?
Hardly a blueprint for daily business conduct.
But the truth is that biometrics, and specifically fingerprint biometrics, caught up
with Mr Cruise some time ago and businesses that don’t realise the potential of
fingerprint biometrics to manage employee access, are missing out.
Fingerprint biometrics to protect physical and digital property
Fingerprint readers and smart cards incorporating fingerprint biometrics can control
personnel access to both buildings and computer networks. What’s more, levels of
access can be controlled so that Person 1, for example, can access all areas and all
networks while Person 2 may only be allowed into a particular area of one building,
and specific areas of the IT network/specified servers on data centre racks, and so
forth.
The use of fingerprint biometric smart cards, can optimise security even further.
This is because the fingerprint is held only on the card, so unlike most facial or
iris recognition systems, there is no database of biometric data to be hacked or
stolen. That’s a huge advantage anywhere security is paramount, such as healthcare
or law enforcement facilities, and puts fingerprint biometrics ahead of many other
biometric systems, let alone passwords and PINs.
A similar scenario applies to the use of fingerprint smart cards for access to IT
networks, where it may be possible either to connect fingerprint biometric readers
to the network or to attach individual readers to each device. As with buildings,
access levels can be customised and this type of authentication can be used to
generate robust and reliable audit trails of network and data access.
Indeed, fingerprint biometric smart cards can help businesses to gain pinpoint
control of operations, either in real time or retrospectively (e.g. for disciplinary
or legal proceedings). Using biometrics in this manner tells managers exactly who is
in which building/network/system and when they accessed it. By adding fingerprint
biometric capabilities to portable or employee-owned devices, the ability to manage
remote or flexible working staff is simplified, because management can always see
when staff are logged in and working the hours they claim.
Fingerprints vs. facial recognition
The standards of authentication provided by fingerprint biometric smart cards are
now widely accepted, to the point that fingerprint biometric recognition is fast
becoming the gold standard in smartphones. However, it is human nature to look for
the next big thing, and some have argued strongly the value of facial recognition,
especially for building access.
Facial recognition is a perfectly good biometric in many situations and is a
valuable addition to the armoury of biometric authentication methods. However, as
Apple discovered when they launched the iPhone X, it is not without problems. Apart
from the furore surrounding Face ID’s alleged inability to tell some people
apart[3], Apple itself has admitted there are problems with the camera technology
required to make facial recognition work and have issued formal instructions for
iPhone users experiencing them[4].
To identify a face, the cameras involved must be able to achieve a reasonable degree of resolution. In addition, a significant proportion of the face must be presented
to the camera. Ambient light, clothing (e.g. the wearing of scarves and glasses) and
even the angle of the face when being scanned, can also reduce the effectiveness of
facial recognition. This is a key where fingerprint biometrics presents a more
accurate method of biometric authentication when it comes to access.
To summarise, fingerprint biometric authentication is light years ahead of the
old-fashioned methods of keys, swipe cards, PINs and passwords, and represents a
real step forward in digital identification to access physical and digital
environments. By embracing biometric fingerprint technology into access control,
businesses are empowered to tackle building and system access head on, safe in the
knowledge that only the right people can gain access to sensitive information.
References
[1] https://mashable.com/article/most-common-passwords-2018/?europe=true
[2] https://www.pewinternet.org/2017/01/26/2-password-management-and-mobile-security/
[3]
https://www.theinquirer.net/inquirer/news/3023199/apples-face-id-tech-cant-tell-two-chinese-women-apart
[4] https://support.apple.com/en-gb/HT208114