Biometric Security

 

Biometrics is one of the most secure methods of authentication. Because humans have two types of traits physiological and behavioral, these are also two types of biometrics (Java T Point, n.d.). The behavioral biometrics types include many different methods: ear authentication, eye vein recognition, facial recognition, finger vein recognition, DNA matching, footprint and foot dynamics, and gait recognition. Physiological biometric methods include: signature and voice recognition, and keystroke. Some of these are less popular but are still a secure method of authentication and identification.

As with implementing any type of security system, one must ask is, “How do we guarantee the preservation of privacy without downgrading the security and authentication system?” This is the same for biometrics, even sometimes more so because it deals with real life physiological information. The advantages of biometric security implementation are: the ease of use, the malicious hacker must be near you to collect the biometric data it plans to spoof, and biometrics are difficult to spoof or steal (Din, 2021). Some disadvantages include: fingerprint, iris, or voice recognition cannot be revoked remotely, many phones and scanners can be tricked by “master fingerprints”, biometrics last a lifetime and cannot be changed if compromised like passwords can, and vulnerabilities in biometric authentication systems (Din, 2021).

According to Ideco, there are seven steps that can help ensure a successful implementation if biometric systems (IDECO, n.d.). The first step assesses the organization and whether or not biometrics is a good fit for it. This includes identifying and selecting the right biometric system for the company. Once selected, the second step is to ensure every employee is properly enrolled in that biometric system and that the enrollment process follows the highest standards. The third step is to verify that the selected biometrics system delivers exactly what the organization has required and meets these requirements in performance, reliability, and accuracy. The fourth step is to ensure the selected biometric system fits the existing IT infrastructure in terms of integration with already existing systems, server and software requirements, and network capacity. The fifth step is to ensure a certified installer performs the installation of the new biometric system. The sixth step is to make sure the biometric system comes with vendor support, a warranty, and ability for future upgrades into next gen technology. Finally, the last step is to ensure the biometrics system falls within all legal implications of the law. This is done by legally gaining consent by all employees (IDECO, n.d.).

If implementing a biometric security system, I would implement a two factor authentication. I would implement both an iris scan and facial recognition system in my organization for physical entry into the building. For further access into further secure areas internally, I would implement a badge and PIN system. Finally, I would then implement a third type of access when requiring access to the computer systems: a complex password, role based user and administrative account groups, and smart card (token). By implementing these methods, it would take a minimum of seven separate types and levels of security authentication before gaining elevated access to the organizations computer systems.

 

References

7 steps to successful biometric implementation. Biometric Access Control Management Systems. (n.d.). Retrieved December 26, 2021, from https://www.ideco.co.za/post/7-steps-to-successful-biometric-implementation

Din, A. (2021, October 13). What is biometric authentication? definition, how it works, Pros and Cons. Heimdal Security Blog. Retrieved December 26, 2021, from https://heimdalsecurity.com/blog/biometric-authentication/

Pagnin, E., & Mitrokotsa, A. (2017, October 19). Privacy-preserving biometric authentication: Challenges and directions. Security and Communication Networks. Retrieved December 26, 2021, from https://www.hindawi.com/journals/scn/2017/7129505/