Fingerprinting: Past & Present
First recognized in 1864 as a unique identifier, fingerprint identification is the oldest and most reliable biometric technique in use today. Widely used and accepted in most places as evidence, fingerprints have long been associated with the law enforcement community. The FBI alone has more than 70 million fingerprints on file, most of which were taken using the older inkpad and paper method. This required a human to sit down with a magnifying glass for hours if not days comparing fingerprints. Within the last 10 years, though, they have stopped keeping paper records and have moved to capturing fingerprint data digitally, allowing a computer to sort through hundreds of prints an hour with a human doing only the final examinations.
Other agencies and businesses are starting to see uses for fingerprints besides criminal records. Since it is almost impossible to steal a person's fingerprints, why not use this as a "key" that can grant access to certain areas and systems? PINs and passwords can be forgotten; fingerprints cannot. ATMs, computers and even cell phones are being
equipped with these fingerprint authentication devices to add an extra layer of security. Online companies that accept credit cards online for transactions are pressing
for this technology since it could drastically cut back on fraud. There are even plans for using fingerprints to collect federal assistance money and filing taxes. With technological breakthroughs and drops in prices, fingerprint
authentication has found its way into our everyday lives.
Obtaining & Processing Fingerprint Data
Every fingerprint can be broken down into two basic features, called ridges and valleys. By examining these characteristics, it is possible to extract data from raw fingerprints and store it in a computer database for future comparisons. Images can be captured using one of several devices, including:
- Optical Scanners
- Thermal Scanners
- Capacitive (Solid-State) Scanners
There are currently two accepted methods for extracting this data: minutia-based and correlation-based. Minutia-based is the more microscopic of the two, locating ridge branches and endings and assigning them an XY-coordinate that is then stored in a file. Correlation-based looks into the overall pattern of ridges and valleys. Instead of looking for tiny minutia points, the locations of whorls, loops and arches and the directions that they flow in are extracted and stored. Neither method actually keeps the captured image; only the data is kept, therefore making it impossible to recreate the fingerprint. Both methods have their drawbacks, though. Minutia-based comparison requires that the fingerprint image be high quality, with dirt, water, scars and cuts having a significant impact on proper identification. On the other hand, correlation-based comparisons can be affected by image translation and rotation.
The fingerprint requires one of the largest data templates in the biometric field. The finger data template size can range anywhere from several hundred bytes to over 1,000 bytes depending upon the level of security that is required and the method that is used to scan one's fingerprint. The good news is that there are algorithms being developed that can "enhance" images in order to reduce distortion and false data while minimizing file size.
After the initial setup of an authorized user, every time he or she wants to access the system, the fingerprint is run through the same algorithms used when it was stored. This data set is compared to the original data set on file, then it is either accepted or rejected. Most authentication systems grapple with this False Rejection Rate/False Acception Rate (FRR/FAR). Simply put, authorized users shouldn't be rejected and unauthorized users shouldn't be accepted.
However, no system has been created that is 100% accurate.
Seemingly Endless Possibilities, But At What Price?
With this new technology, it is possible that we would never have to remember another PIN or password or sign for anything again. Everything that we have access to can be tied to a single key. Digital fingerprints are more convenient and less intrusive than most of the other biometric methods, plus they are already accepted as a immutably unique identifier. Life would be simple again. That is, until someone finds a way to steal your identity.
Credit card information can be intercepted during transmission, why can't fingerprint information? What if instead of stealing your actual fingerprint someone steals your digital file? You only have 10 fingers, which means that each mistake is costly. If you have your identity stolen enough times, it's possible you won't be able to access the system ever again.
Another problem faced is that the technology may be readily available, but some people feel that society is not ready for it. These groups and individuals feel that our privacy can be invaded and our personal information abused much the same way credit reports and social security numbers have been.
What is needed before this or any other biometric is used is the establishment of regulations and good encryption and verification methods that can assure us that our information remains safe during its transit and that we can be authenticated without compromising our privacy.
