Five common misconceptions about biometric access control

SMART Access & Identity 2024 Access Control & Identity Management

In 2022, the digital identity solutions market was valued at US$28 billion. By 2027, this is expected to rise to more than US$70 billion1. Biometrics are everywhere now; 80% of smartphones have biometric authentication enabled. This technology is used in banks, law enforcement, airports, healthcare, and daily interactions, but how much do you know about it?

For a topic that is so frequently a source of debate in the access control field, it is surprising how many myths about biometrics persist. CDVI looks at some of the most common misconceptions.

1. Biometric information can be stolen

Biometric technology uses measurable human characteristics to determine and authenticate identity. It uses physiological factors to distinguish between people. The characteristics that are commonly used for biometrics include:

• Fingerprint patterns

• Facial features

• Voice sounds

• Iris patterns

• DNA make-up

• Hand markings

One of the most significant plus points for biometrics is its inherent higher level of security. An access control system that uses cards, tags, or keypad codes is subject to added risks. Cards can be stolen, tags can be lost, and keypad codes can be forgotten or misplaced. Despite the above very prevalent misconception, your biometrics cannot be stolen.

Someone cannot physically steal your fingerprints, voice, or iris patterns. These factors can be cloned, but not stolen. Any decent biometric security system will have features to identify and repel spoofed or cloned credentials.

For example, ievo fingerprint readers are certified ISOPAD Level 1 compliant. This means that they successfully identify and deny access to fake fingerprints. In addition, ievo readers have liveness detection built in. This technology identifies whether the finger presented to the reader is real skin with live blood flow before granting or denying access.

Biometric information can be copied. It cannot be stolen.

2. Facial recognition is an infringement on my privacy

There are two types of facial recognition systems: one-to-one and public. This distinction is essential for breaking down this widespread misconception.

Public facial recognition systems are those used in places such as casinos and airports. They are generally used for surveillance purposes. Large numbers of faces are scanned and analysed constantly to identify and flag any known individuals. Many people believe public facial recognition systems infringe on their right to privacy.

This is where the myth kicks in. While public facial recognition remains controversial, one-to-one facial recognition is an entirely different matter. These are the kinds of systems used for access control purposes. One-to-one facial recognition does not scan crowds of unknown people and pick out individuals. They do not have access to any other database besides their own internal system. Therefore, the only faces it recognises are people who manually registered their faces onto the system.

Registering your face on a one-to-one facial recognition access control system does not infringe on your privacy. The database of faces cannot be sold or stolen, and no other unconnected device will be able to recognise your face as a result. If you are still uncomfortable registering your face, many facial recognition systems, such as the ievo iface, offer traditional card-swiping technology.

3. My data is at risk in biometric systems

Many people believe that biometric security systems are risky. If your fingerprint image was stolen or hacked, you cannot just replace it like

you can a swipe card or keypad code. It is an understandable fear. But fortunately, it is not one you need to worry about.

Every security system is different, so we cannot speak for all of them, but we can tell you that your data is safe with ievo biometric solutions.

Presenting your finger to an ievo reader ensures a highly detailed photo of your fingerprint. The reader analyses the image and identifies up to 100 tiny details called minutiae. The pattern of those minutiae is used to create a digital template representing your fingerprint. The original image is permanently deleted and cannot be retrieved in any way.

The template that ievo readers create is proprietary. We also use a high-security algorithm to enrol, extract, and match data. That means that even if someone could get hold of the template (which is unlikely), it is useless to them. The template cannot be reverse-engineered to generate an image of your fingerprint. It cannot be used in any other fingerprint recognition systems, either.

Why is it unlikely that someone can steal a fingerprint template? Because there is no data whatsoever stored on the ievo reader. It would be completely useless, even if someone ripped the reader off the wall and ran away with it. All fingerprint templates and other data are stored on the ievo Interface Board. This is a separate module installed away from the reader on the secure side of the door. Even if someone butchered a door and a wall and somehow managed to find the Interface Board, the data on it is still useless to them, thanks to our algorithm protection.

Your biometric data is not at risk if it is in the right hands. ievo solutions protect it robustly.

4. Biometric technology is unreliable

There are two primary measures of the reliability of biometric technology. False Acceptance Rate (FAR) and False Rejection Rate (FRR) indicate how often a system recognises someone it should not, or fails to recognise someone it should. For a long time, the reliability of biometric technology has called its reputation into question.

This is no longer the case. While early biometric recognition systems struggled, technology has come a long way quickly. Sensors are significantly better today than they were 20 years ago. Data can be captured and analysed in much more detail, much more rapidly.

Today, most biometric system manufacturers have to make a conscious choice to prioritise either high security or user convenience. This really depends on where the biometric authenticator is located and what it is for. For example, false acceptances are extremely dangerous in a military facility and cannot be tolerated. In this environment, it matters less if authorised people have to try a few times before being granted access, as user convenience is not as essential as security.

However, if your mobile phone’s fingerprint reader also prioritises security, having to scan multiple times to unlock it would be frustrating. So, it is probably more likely that your phone would allow a higher FAR to make the user experience as smooth as possible.

It is impossible to guarantee 0% FAR and 0% FRR. Many biometrics manufacturers now advertise 0.0001% or lower error rates and biometrics is a lot more secure than passwords; 80% of data breaches still occur due to weaknesses with traditional passwords2. People write them down, tell them to someone else, auto-fill them, and forget them.

Twenty-one percent of Americans admit to resetting passwords more than once a week.

Biometrics is far more reliable than you think.


5. Biometric solutions are too expensive

For many, biometrics still feels like a futuristic, high-tech, Mission Impossible solution, and they assume that that means expensive.

It is all about perspective. The technology and components in biometric access control solutions are indeed newer and generally pricier than traditional card readers. However, looking at the medium- and long-term view, you might save money.

Firstly, there is no ongoing cost of a biometric solution. It is installed, it is used, and that is that. For card readers, that is very much not the case. People do many things with swipe cards: they lose them, forget them, damage them, or have them stolen. With card readers, while the upfront cost might be lower, you are committing to constant ongoing costs to replace or replenish stocks of cards or tags, not to mention the cost to the environment of constantly producing more (usually plastic) cards.

Secondly, there is the future-proofing factor. Investing in forward-thinking technology means it will work better for longer. Biometrics offers higher security and higher technology that increase the practical lifetime of a newly installed system. Opting for a cheaper card-based system, based on older technologies means are already playing catch-up. That might mean you have to rip and replace a system again in the not-so-distant future – with all the added costs that brings.

Things are changing

Understandably, people have reservations about biometrics. They are worried about security, data protection, reliability, and cost. Often, those worries are based on outdated information and technology experiences. Today, biometric solutions are viable, robust, and, dare we say it, cost-effective access control solutions.

For more information contact www.cdvi.co.uk

[1] https://www.statista.com/topics/4989/biometric-technologies/

[2] https://cybersecurity.asee.co/blog/password-statistics-that-will-change-your-attitude




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Smart intercoms are transforming access control
Access Control & Identity Management Products & Solutions
Smart intercoms have emerged as a pivotal tool in modern access control. They provide a seamless and secure way to manage entry points without the need for traditional security guards to validate visitors before granting them access.

Read more...
Easy, secure access for student apartments
Paxton Access Control & Identity Management Surveillance
Enhancing Security and Convenience at Beau Vie II Student Accommodation, a student apartment block located at Banghoek Road, Stellenbosch, with Paxton's access control and video management solution

Read more...
Invixium acquires Triax Technologies
News & Events Access Control & Identity Management
Invixium has announced it has acquired Triax Technologies to expand its biometric solutions with AI-based RTLS (Real-Time Location Systems) offering for improved safety and productivity at industrial sites and critical infrastructure.

Read more...
ControliD's iDFace receives ICASA certification
Impro Technologies News & Events Access Control & Identity Management
The introduction of Control iD's iDFace facial biometric reader, backed by mandatory ICASA certification, underscores the commitment to quality, compliance, and innovation.

Read more...
The future of workplace access
HID Global Access Control & Identity Management
Mobile credentials are considerably more secure than physical access control, because they eliminate the need for physical cards or badges, support multiple security protocols, and add layers of protection on top of basic card encryption.

Read more...
Integrated, mobile access control
SA Technologies Entry Pro Technews Publishing Access Control & Identity Management
SMART Security Solutions spoke to SA Technologies to learn more about what is happening in the estate access world and what the company offers the residential estate market.

Read more...
Bespoke access for prime office space
Paxton Access Control & Identity Management Residential Estate (Industry)
Nicol Corner is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. It is also the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption.

Read more...
Next-generation facial recognition access control system
Enkulu Technologies Products & Solutions Access Control & Identity Management Residential Estate (Industry)
With a modern and innovative design, iDFace is the ideal device for monitoring and controlling people entering and exiting a building using facial recognition technology, including liveness detection, for enhanced security.

Read more...
Long-distance vehicle identification
STid Security Products & Solutions Access Control & Identity Management Residential Estate (Industry)
The STid SPECTRE reader can identify vehicles up to 14 metres away, across four traffic lanes, ensuring secure access to an estate without disrupting the traffic flow.

Read more...