Many access control systems use ID card readers for enabling access. In these situations, an access card is the sole means of confirming the identity of the individual carrying it, and the decision to authorize access is made based on an individual presenting or scanning a pre–programmed ID access card. The card serves as confirmation of the person carrying it. Obviously, this is the lowest level of identity verification because cards can be stolen, loaned, lost or duplicated, making the link between credential and identity tenuous and vulnerable at best.
Without physical identity verification, the reader cannot confirm that the user is, in fact, the individual to whom a card has been assigned. Two-factor authentication (i.e., access card plus PIN or password) is a security improvement, but even that can be defeated with skimmers and cameras that are readily available. Organizations that use card readers have determined that the low level of security is sufficient for their needs. It is clear that of the three main methodologies, biometrics has the strongest link to an individual’s identity, making it best suited for ensuring the security of an access control system. Within this general category, the main biometric identifiers used to verify identity are fingerprints, facial and iris recognition.
Fingerprints are thought to be unique to individuals, and can, therefore, be used for biometric identity confirmation. One positive aspect of this modality is that most people don't mind having their fingerprints recorded. Fingerprint readers are easy to use and require no special environmental conditions— the messy ink of yesterday has been replaced with digital scanners that take only a second or two to capture the pattern.
As for drawbacks, fingerprints typically require physical contact with something that’s been touched by other people, which poses a hygiene issue, particularly during the cold and flu season. Fingerprints also change over time and as a consequence of activity— for example, age, scarring, calluses and other factors can change fingerprints enough to prevent matching.
Faces contain features that can be used for individual identification. These include the relative position, size, and shape of facial elements such as the distance from forehead to chin and eye to ear, for example. Biometric systems capture selected identifiers and turn them into a unique code, which is stored in the reference database and compared to other images to find a match. One advantage of facial recognition is that it can be performed using a simple image—for both enrollment and identity verification. However, facial characteristics can be easily modified with make-up, hairstyle, facial hair, glasses and similar alterations that could prevent a match. Plus, faces are naturally unstable, with features changing over time—so people must be regularly re-enrolled to maintain accuracy.
Excluding DNA, iris recognition is one of the most accurate among current biometric modalities. Iris identity authentication is also fast—it can take less than a second and readings are non-contact and noninvasive. In the past, iris recognition systems tended to be more expensive than other methods, but new models leverage technology advances in processing power, cameras, and LED illumination, making them available at surprisingly affordable costs. Fixed or mobile readers are available, as well as high-throughput systems that can perform iris-based recognition while users walk by at normal speed.
Some facts and an explanation of how iris reader technology works might help to debunk any misunderstood beliefs regarding iris scanning processes or effects. First, remember that reading an iris is not a retina scan. The retina is a layer at the back of the eyes interior and requires a relatively intrusive scan to capture. The iris is the clearly visible colored portion of the eye and can be captured with a camera in a process similar to taking a photo.
The iris pattern has desirable properties for verification compared to other biometrics because of its uniqueness, stability over time and relatively easy accessibility. And iris recognition has high accuracy among biometrics. According to Cambridge biometric experts, a typical iris is extremely complex, with more than 200 degrees of freedom that can be used for identification. This complexity allows for the development of far more accurate identification systems than could ever be achieved with fingerprints (which have only about 35 degrees of freedom) or faces (which have about 20). Plus, an iris cannot be shared or lost, and iris readers cannot be deceived by makeup, hair or clothing changes. Some readers can capture an iris image through eyeglasses, sunglasses and contact lenses, even in outdoor environments.
As an identity management solution, iris readers have been deployed in applications as diverse as federal, state and local law enforcement, correctional facilities, travel and border security, healthcare, financial services and sports and entertainment venues, in addition to mainstream security locations. The accuracy of iris recognition systems for identity authentication extends their potential use beyond security to applications such as workforce management, inventory control, logical access and more.
In general, a higher degree of accuracy translates into a higher level of security, and vice versa. Card/ badge-based and PIN/password-based access control systems cannot accurately determine whether the user is who he or she claims to be. For this potentially difficult task, biometrics is the only one of the three main access control and credentialing methods that can do the job most effectively. Without question, biometrics is the most fool-proof of the credentialing methods used to verify identity, and today's iris readers meet all three of the main evaluation criteria for access control systems: accuracy, security, and cost-effectiveness. As more organizations place greater emphasis on risk management, iris readers are being deployed in growing numbers to strengthen access control and identity management systems that increase the level of security while delivering numerous additional benefits.