Friday, December 17, 2010

Old Post - Biometrics

05-04-2007

Biometrics, how do they work?

Last Night! my sister called me up and asked how does the biometric systems work, and she wanted to understand it before buying a biometric device and start working with it on a project.

 
 

so, i wrote a whitepaper over how biometrics work, here is an excerpt of the same......

 
 

There are actually 3 phases in the lifetime of an application meant to work with any kind of biometric technology

  1. Installation and configuration of the biometric device
  2. Initialization of device on the basis of parameters
  3. Passing your biometric data and matching with the biometric print of device

 
 

I'll discuss each step one by one in detail

But prior to this you need something to work with, and these are:-

  1. A biometric device.
  2. A signing dll, which can be incorporated with your application, so that you can use its functions to initialize the device, enroll the users with the device, prepare the user database, and later use the same database for login etc.

Now, let us get on with our discussion

Installation and configuration of the biometric device

Any biometric device when installed in your system must follow a procedure, in which your application initializes the device and then enrolls the users with it. You can either call it enroll or simply you can call it "Configure".

Enrollment is a procedure in which your device makes a database of user and user's PRINT. User is nothing but an id, but User's PRINT is something interesting, to understand the print you can also compare and say it's the FingerPrint (Which is unique), but see is it always possible that the angle with which your biometric device might be taking the picture of your finger will always be the same, obviously NOT, so what you need is not the picture but some other smart information about the USER'S PRINT.

For ex –

When you enroll a user with the system, you store his / her name and a character based password (in case something goes bad with that biometric identity, like your finger is hurt).

And then your device asks for your user's Print, a PRINT is nothing but a Defer data structure A defer data st. is not made at one go, so what it asks for is to user to give his print at least 3 times to the device, as 3 times is enough to collect all the possible sets of that biometric identity (which could be your face, fingerprint, eyes, speech). You can say user is training the device to understand him / her.

 
 

 
 

 
 

 
 

Now let us see how a defer data st. might look like

 
 

 
 

User Name brij raj singh      Password    momitaraj

 
 

Defer ds1

 
 

20,30

50,75

64,76

98,104

65,328

45,34

64,76

19,38

50,75

67,57

24,67

98,104

98,104

20,30

65,328

63,54

39,32

64,76

64,76

39,57

 
 

Defer  ds2

 
 

20,30

70,79

65,328

98,104

50,75

45,34

64,72

67,57

50,75

64,76

24,67

28,102

65,328

20,30

98,104

63,54

39,32

39,57

64,76

39,32

 
 

Defer ds3

 
 

20,30

50,75

64,76

98,104

65,328

45,34

64,76

19,38

50,75

67,57

24,67

98,104

98,104

20,30

65,328

63,54

39,32

64,76

64,76

39,57

 
 

So when a user gives his identity 3 times to the device for ascertaining his / her identity, the device actually creates these 3 data structures.

Initialization of device on the basis of parameters

Device initialization is pretty straight forward by calling some simple API's and then the device waits for the event of user's print by user, till the user provides his / her print to the device.

Passing your biometric data and matching with the biometric print of device

When the user provides a PRINT to the device, the device again makes a defer ds and then matches this defer ds with the earlier provided defer ds for the users existing in the database, now this process is pretty critical, and because we have 3 defer ds for one user, it's very much possible that though the user is genuine but the defer ds doesn't match with either one of them.

There is a simple yet effective way to solve this problem, and that is

Make Hash keys for all the 9 combinations possible, and when the user provides his defer ds, make its hash key and match it up with the defer ds hash keys already with you.

This is how the device actually works but if you are buying a commercial Biometric device they usually come with an API set which you can always plug in and use without thinking how it works.

No comments:

There was an error in this gadget