Modi, Shimon K., Artech House «Biometrics in Identity Management: Concepts to Applications»
The implementation of biometric technologies entails a set of advantages for both public and private entities and for end users. Although biometric measures are related to cybersecurity, a large part of their benefits affect the daily lives of users and employees: However, from the point of view of cybersecurity, biometric measures also provide a large number of benefits:
For organizations and end users Organizations must be the main engine promoting and investing in the development of biometric technologies. For this to happen, the potential benefits to be obtained from its implementation must be clear and relevant. The most prominent ones are described below.
Increased security in access control Undoubtedly, one of the most important advantages for companies of the use of biometric techniques is for the authentication of employees, thus guaranteeing that the person is who they say they are, that is, that the characteristics Biometrics are exclusively linked to their legitimate user.
By stealing credentials or identification cards, an individual can access restricted areas or carry out unauthorized operations, blaming third parties. In addition, these credentials may be voluntarily shared among employees. Through the implementation of biometric systems, security is increased by reducing the probability that an unauthorized person will access restricted areas or applications.
Improvement of corporate image. The implementation of biometric technologies contributes to a company being more efficient, more secure and reducing internal fraud. That is why, added to all the advantages described above, there is a significant improvement in the general opinion about the company. Likewise, the entity would be associated with innovation, investment in research and development and a commitment to cutting edge technology.
Possibility of remote procedures. It is possible to use biometric techniques as a form of verification in remote operations in a highly reliable way, being able to surpass current electronic signatures.In this way, unnecessary and inconvenient transfers and procedures for the end user can be reduced.Reduction of maintenance costs for authentication systems, increased efficiency, time control and improvement of the corporate image.
Increased privacy. Using biometric techniques increases the security of the transmission of personal data of customers by encrypting them using a unique and personal key of the customer.It is the consequence of the notable difficulty of falsifying biometric features in order to access the personal information of an end user or client.
Comparison with other automatic identification and authentication systems and Biometric technologies emerge as an alternative or complement to existing identification and authentication techniques.Therefore, it is possible to establish a direct comparison between the two, highlighting benefits that result from the use of biometrics together with aspects in which traditional techniques are superior.The following aspects must be considered.
1. Need for secrecy: passwords must be hidden and cards must not be accessible to third parties, while biometrics does not require these protection measures, which are exclusively dependent on the user.
2. Possibility of theft: cards and passwords can be stolen. However, stealing a biometric trait is extremely complex.
3. Possibility of loss: passwords are easily forgettable and cards can be lost. Biometric traits remain unchanged except in a few exceptions and are always with the subject whom they identify.
4. Initial registration and possibility of regeneration: the ease with which a new password or card can be sent contrasts with the complexity of registration in a biometric system, since it requires the physical presence of the individual in this phase. It should be added that biometric traits are by definition limited, while password generation is unlimited, which is an advantage.
5. Compare process: comparing two passwords is a simple process. However, comparing two biometric traits requires greater computational capacity.
6. User comfort: the user has to memorize one or multiple passwords and, in the case of using a card, they must always carry with them. Using biometric technology, these efforts do not need to be made.
7. Vulnerability to espionage: a discreet surveillance of our activity could be used to obtain our password or steal our card. This method is not valid in biometric systems.
8. Vulnerability to a brute force attack: passwords are several characters long. For its part, a biometric sample uses hundreds of bytes, which greatly complicates brute force attacks.
9. Prevention measures: attacks against password- or card-protected systems have been going on for years, and prevention measures against them are already mature. On the contrary, attacks on biometric systems are an area in which these prevention measures are currently being generated.
10. Authentication of "real" users: the authentication of users by means of a password or card and its effectiveness depend absolutely on the will of the user when making them personal and non transferable. Biometrics is highly related to the user himself as it cannot be borrowed or shared.
11. Cost of implementation: at the time of implementation, the fact of establishing a password system has a low cost, while in the case of a system based on biometric samples it is more expensive.
12. Maintenance cost: the cost of maintaining a biometric system, once it is successfully implemented, is less than that of a password or card system since it does not involve management costs associated with the loss or forgetfulness of credentials.
Biometric Voice Authentication
One of the main attributes of Voice Pay ® is the technology of voice biometrics from ValidSoft ® and the transcription of the voice of SpeechMatics ® , for the verification and authentication of the cardholders voice.
Each persons throat, paddle and vocal cords are uniquely different, and it is these elements that mainly affect the air that is expelled from our lungs and our mouth when we speak. Starting with the raw audio and the waveform generated when we speak, many of which are beyond the human audible range, our biometric speech system processes the audio waveform to extract key characteristics that are unique to each speaker. From this, a statistical model and a voice signature are built for each individual person enrolled in the system. When comparing the voice audio later, for example: When authenticating a person against their previously registered voice signature, the same process is applied and a measure of similarity of the key characteristics is obtained, whose value indicates a pass or fail. There are many different characteristics that can be extracted from a voice signal and speech scientists classify them from low to high level.
Voice biometrics differs from voice recognition; in that `voice biometrics´ knows who you are but not what you are saying and is therefore used to authenticate the identity of an individual, whereas & quot; the speech recognition knows what you are saying but not who youare. And therefore, it is used for voice command applications. It is not unusual for the two
technologies to be used together, but it is important to understand the distinction between them.
ValidSoft ® solution has been awarded the only European privacy seal recognized by the European Union for any biometric voice product, confirming its compliance with European Union data protection law. In fact, ValidSoft ® is the only security company in the world that has received four European privacy seals recognized by the European Union for its privacy-sensitive solutions. ValidSoft ® customers using the ValidSoft ® voice biometric solution can be assured that they will fully comply with all US and EU privacy / data protection laws when using the voice biometric service.