The rapid development of biometric recognition technology has led to biometrics being highly adopted in our daily life. We unlock mobile phones using fingerprints and verify bank transactions with face recognition. Biometrics are also being used in physical access control more than ever, with fingerprints, vein recognition and facial recognition being used to open doors, for example, as well as access cards.
Biometrics to improve convenience
When compared to using an access card for identification, biometrics can give an improved experience. You can forget or lose a card, but you’ll never leave your finger or face at home or lose them. Currently, the most widely used technology for biometric identification is fingerprint recognition, due to it being low cost but still offering reasonably high accuracy.
Using facial recognition or long-distance iris recognition also gives users the ultimate hands-free access. Your face or iris is identified as soon as you’re in range of the sensor, so the doors open as you walk towards them without needing to present a card or finger.
Biometrics to strengthen security
Biometrics are considered to be a better way of verifying that someone is who they claim to be rather than PIN code verification. A PIN can be forgotten or shared with several people, but biometrics can be neither forgotten nor shared. So, in a high security environment, biometrics are often used as a more secure way of verifying identification, in addition to access cards.
Areas of concern
Although biometrics offer huge advantages, there are still areas of concern and even potential risks when using them.
Biometric recognition technology ensures a high probability of identifying someone. It can’t, however, provide 100% accuracy – whether fingerprints, veins, irises or faces are used. Each biometric recognition technology has its own false acceptance rate and false rejection rate. In general, iris recognition is most accurate, followed by vein, fingerprint and then face recognition. There are also external factors that influence the accuracy, such as sunlight and the quality and cleanliness of the sensor.
Biometrics are classified as sensitive personal data in European General Data Protection Regulation (GDPR). So it’s important to use and store people’s biometric information in line with local regulations. In some countries, for example, you’re not allowed to store any biometric data in a central database.
- Failure to enroll
A small number of people can’t be enrolled using some biometric recognition technologies, due to factors such as dry fingers, vague fingerprints, eye disease or irises that are too dark. For applications used by many people, therefore, it’s often better to use multiple biometric technologies.
- Liveness detection
Presenting a photo of a fingerprint or face can fool some biometric devices and so create opportunities for attackers to breach security. To prevent this, choose a biometric device that can detect whether or not the identifier presented is part of a living person.
How to choose
The table below shows the biometric recognition technologies most often used in physical access control and compares their characteristics.
|Fingerprint 2D Optical sensor||**||*||***||*||***|
|Fingerprint 2D Multispectral||***||**||***||*||***|
|Iris long distance||****||*****||****||***||**|
* is the lowest and ***** is the highest
Liveness detection and fraud detection are often implemented as add-on functionalities alongside basic biometric recognition technologies. Common technologies detect the warmth, texture and active blood flow of the investigated body parts, or even the person’s gait. Some biometric recognition systems verify identities using one or more detection technologies, while some don’t verify the identity at all to keep costs low. So choose your system carefully based on the various scenarios you’re likely to face.
To comply with local privacy regulations, biometric templates sometimes have to be stored on access cards instead of in a separate database. This means that each person owns and carries their biometric templates. If someone loses their card or it’s stolen and compromised, only this person is affected. This minimise security risks, but also means that biometrics can only be used for verification – identification is still done by the access card.
Due to limited storage, only one or two biometric templates can usually be stored on an access card. And, compared with centrally stored templates, the templates on cards often have a lower resolution, which makes comparing characteristics more difficult. Storing biometric templates on cards might be sufficient for 1:1 verification, but it definitely lowers the accuracy of the matching.
In general, 95% of PACS customers choose 2D fingerprint recognition – mainly because of the lower price. Among 2D fingerprint sensors, multispectral sensors are often a better choice over optical sensors; they’re slightly more expensive but offer higher accuracy and more reliable performance. For high-security environments, iris recognition provides the best accuracy, followed by palm vein recognition and 3D fingerprint recognition.
While facial recognition and multi-finger solutions are often used in hospitals but tend to have a higher price.
What AEOS offers
As an open platform, AEOS has published a Biometric Restful API and Device Integration Protocol so various biometric systems can easily integrate with AEOS.
- AEOS’s biometric interface ensures privacy by design
By default, no personal information is synchronised between AEOS and biometric systems. Information is only synchronised if the user activates it.
- AEOS’s biometric interface is secure by design
All IP communication between AEOS and integrated biometric systems is secured.
- AEOS integrates with various biometric systems
You can choose from a wide range of biometric technologies in various price ranges to integrate with AEOS – including 2D and 3D fingerprint solutions as well as iris and palm vein recognition., And we’re working closely with TBS, Idemia, Suprema, Recogtech, IEVO and Icognize on future integrations.
Security for life
Our work to enable biometric integrations with AEOS is a great manifestation of our security for life philosophy. For us, security is not just about technology, but about people and how they live their daily lives. We believe that the right access control can remove or minimise any concerns or inconvenience relating to security. And, in turn, set people free to live life to its full potential – this is what we call security for life.
Want to know more about integrating biometrics with AEOS to achieve security for life? Please get in touch.
Want to know more about biometric recognition?
Download our Integration Sheet about Biometrics and AEOS.
Frequently asked questions
At a very basic level, access control is a means of controlling who enters a location and when. The person entering may be an employee, a contractor or a visitor and they may be on foot, driving a vehicle or using another mode of transport. The location they’re entering may be, for example, a site, a building, a room or a cabinet. We tend to call it physical access control to differentiate it from access control that prevents people from entering virtual spaces – for example when logging into a computer network.
If you decide to use an access control system, it’s probably because you want to secure the physical access to your buildings or sites to protect your people, places and possessions. That’s just the start for access control systems though. The right system, used well, can add value in a range of ways. You can use it, and the data it generates, to boost not just security but productivity, creativity and performance.
Today, physical security is about so much more than locks and bolts. Many modern physical access control systems are IP-based, powered by smart software and able to process large quantities of data. This provides more functionality, flexibility, scalability and opportunities for integration. It also means they’re part of your IT network, so it’s essential they’re protected and upgraded – just like your other IT systems.
From our perspective, a centralised access control system is always preferable – whether you have just two locations in the same town or hundreds spread around the world. Centralising your access control brings a range of far-reaching benefits.
For the people using your building, biometrics can give a better experience compared to an access badge. These days, biometrics are used for both identification and verification – sometimes even both at the same time. Being allowed to enter your building just by scanning your hand or face makes access control more convenient than ever.
Mechanical keys are the simplest form of physical access control and the method many smaller organisations use. Even for a small company, however, using mechanical keys has several flaws and limitations – especially as an organisation gets bigger. Below are just some of the problems presented by using keys.