Information is an essential part of any organization. One important factor is its protection. With the rapid development of the economy, the market environment is becoming more and more challenging. There is a lot of competition thus data protection becomes an important issue that could lead to serious consequences for the company. Database can include information about customers, products, financial information of the company, personal information of citizens, etc. There are huge types of possible information which needs to be protected as in commercial companies as well as in the government structures.
In 2013, data bases will be mostly take damage from such types of threats as Excessive and Unused Privileges, Privilege Abuse, SQL Injection, Malware, Weak Audit Trail, Storage Media Exposure, Exploitation of Vulnerabilities and Misconfigured Databases, Unmanaged Sensitive Data, Denial of Service, Limited Security Expertise and Education (Imperva, n.d.). All these threats can be eliminated by not complex measures and continuous monitoring of security. Best practices in it are such as finding of vulnerabilities databases, their assessment, the establishment of limited rights to sensitive data, database protection from external attacks, data theft, adduction database in compliance with the requirements of the industry; moreover, the measures are not related to technical implementations such as the promotion of a culture of use databases and confidentiality of information (Imperva, n.d.).
The great role in ensuring the safety of databases and society plays an identification and authentication of people. This issue is becoming a challenging task when it needs to be done automatically. The methods that are used now such as the identification of a person based on personal documents or PIN verification cease to be effective in providing safety. However, the need for identification and authentication occurs more often: conducting transactions crossing state borders, access to government programs. The most common reasons for searching of new ways for identification are the possibility of loss of documents, their theft or falsification, as well as elementary forgetting PIN or other authentication data. All of these cases lead some times for a long and complicated process of restoring this information and documents. Thus, the alternative could be in using biometrics. In addition, biometrics can solve the problems related to physical security and computer security.
The term 'biometrics' is known since the 20th century as a science dealing with methods (including statics and mathematics) of analyzing problems related to biological science. Lately, this term started to be used in automatic identification based on personality traits that are unique, cannot be stolen or forgotten such as fingerprints or hands geometry, signature or voice, an iris image. Generally, biometrics has been used before. For instance, fingerprints usually used in identifying and apprehend criminals in forensic science. Now, biometrics is widely used in a lot of applications such as USA-VISIT program and visiting Walt Disney Park (Biometrics Institute, n.d.).
Using fingerprint has a lot of positive aspects such as a long history of its using in law enforcement, large legacy databases mostly of criminals, fingerprint lends itself well to forensic investigation and fingerprints left by criminals on some subjects help in the investigation by restoring the picture of what happened. In addition, fingerprint is simply sampled in a small-tech way, and the size and value of fingerprint scanners are still declining (they are available at price under 100 $). For this reason, digitizing of fingerprints is becoming easier, better and of a higher quality. Hence, fingerprint verification is already widespread in many applications. Besides, potentially able of great accurateness (minimal cases of wrong acceptance) fingerprint machines can suffer from usage mistake among insufficiently disciplined users (higher cases of mistaken refusal) such as might be the case with broad user bases. Fingerprint verification may be a great option representing in household set where suitable interpretation and training can be offered to users and where the system is performed within a stable environment.
Despite its positive side, using fingerprints has its limitations as well. For example, for some people fingerprints are associated with criminals, in some cultures fingerprints are associated with illiterate people. In addition, the quality of fingerprints depends on characteristics like age, grease, cut or worn fingers and even lifestyle influence on it. Moreover, there are issues about public hygiene and cleanliness of the sensor appears with using of fingerprint scanners for wide public.
As it was said before, the biometric technologies already used in applications like visiting Walt Disney Park, exactly biometric verification based on hand geometry. This method is easy to implement and does not require sophisticated technical equipment, compared with other types; moreover, it provides high accuracy since measurement hand and fingers occur in three dimensions. Still, hand geometry is only used for verification applications because of its large size and some people can be discriminated due to their hands features.
Voice verification authorized person on words he or she pronounces. Physical and behavior components participate in the generation of voice. The size and shape of lips, nasal cavities, vocal tracts and mouth related to physical features; furthermore, the movement of jaws, tongue, lips, larynx, and velum related to behavior features. In addition, if compare this method with fingerprints it is less associated with criminals, hence it has more support from public. Voice verification can be used for applications like tele-banking, but it has several limitations. Voice recognition is sensitive to background noise and behavior component; however, voice can change with a lot of causes like a medical condition or age. Moreover, some people lost the ability to speak or do not have it from birth and it is possible to lose voice for a some period of time.
Retinal scanning can work well in spite of some opposition from the people. All that is necessary to focus at one point, which may not be very convenient for people who wear glasses and avoid direct gaze. This method is highly accurate and can be used to gain access to the ATM or other electronic devices, wherein the identification is obligatory condition.
Iris scanning is widely believed to be the most accurate technique according to false acceptance rate. High reliable personal identification based on iris scanning is claimed to be accurate because of the picture of iris includes complicate structure from stripes, furrows and pits. Despite the high cost of such sensors, the system was still used, for example, in border crossing to the United Arab Emirates. Another disadvantage of this method buyout prevents widespread adoption in government applications is limited databases.
Signature is a widely used means of identification of the person in the commission of various operations such as buying with a credit card. However, since this is a behavioral trait than the physical, it can change over time and there is a high probability of a fake signature. There have been attempts to improve the accuracy of identification using online signature that require a pressure-sensitive stylus. However, the use of signature-based verification has received wide implementation in automatic identification.
People have the ability to recognize each other in the face and it is a good feature for biometric identification. This method is now widely used in passports and driving licenses. It is using with a manual inspection purposes. Hence, this method is widely accepted by the public. However, for the automatic identification of a person's face there is a long list of technical requirements that are difficult to fulfill. There are also associations with the work of criminal enforcement.
There are expectations from biometric systems such as high performance, proper operation, and higher level of security. Despite the numerous scientific and research work in this area, biometric systems are susceptible a large number of errors such as failure to enroll, false accept rate, and the false rejection rate. In order to minimize the occurrence of errors system should be trained on real examples from population for a proper period of time in real conditions of it further usage. The biometric identifier design size seldom establishes a great metric for accurateness performance; furthermore, one most decisive determinant from differential identities overlap and the extent to which in the person identifiers stay invariant. For instance, transcription a person's weight whatever more precisely than to the closest kilograms will not support accurateness in identification. From the point of view of safety research was conducted on face recognition in airports which showed that this method requires further improvement and learning (Biometrics Institute, n.d.).
As expected from biometrics a full security cannot be provided in accordance because no entire technology can guarantee a 100 percent result. Especially, when it is a new system that deals with people's traits, which can be changed due to different conditions or time.
The most acute problem of using biometric technology, which identified according to the interviews, is the issue of confidentiality of personal data. This factor is the main because people are afraid of using such technologies. In fact, these technologies could be used vice versa. For example, by giving developed safety and accounting mark on medical document, or by providing authentication without the revelation of individual data in comparison with the entire universal use of social security number, mother's maiden name, or driver's license representing identification (Biometrics Institute, n.d.).
In addition, one more point has a huge impact on social acceptance of biometrics technologies. It is for a reason that many sensors require direct contact for their performance, but interacting with it considered as a threat to public hygiene (Biometrics Institute, n.d.). In fact, this is false thought because in comparing using of sensors with using public doorknobs or using money is not a threat.
At the end, the cost of deploying biometric often measured by its direct and indirect components. Direct component includes hardware components (sensor, processor and memory) and software modules (GUI and overlap). The sensor should be of a low cost and should be easy to embed it into your existing security infrastructure. There are multi-faceted components that make up the indirect costs of the use of biometric systems. They include system installation, training/maintenance requirements, and most importantly, user acceptance (Jain, Bolle & Pankanti, 1999).
Government Policy and Public Acceptance
Government has the greatest duty to ensure the privacy and security of its citizens. Hence, implementing of biometrics technologies should be running by its control and support. Ensuring and monitoring the implementation of these technologies should be done by creating a legal framework and standards. In addition, the government should fund research and development of these technologies. Businesses also put safety first. The main duties of it in this direction are protection against fraud, improving technology, monitoring and implementation in large volumes. For users of technology based on biometrics, a priority is the protection of biometric information by representatives of the law (Chu & Rajendran, 2009). Another important aspect for society is the preference in the use of technologies that do not require a large number of innovations and specially trained people. Despite the fact that there are countries such as the UK, which already introduced biometric ID, in the U.S. distribution of this innovation is slowed because of the high cost, risk of misuse of data, security and confidentiality of personal information (Chu & Rajendran, 2009). However, the Department of Motor Vehicles works on creating of fingerprint biometric system in the driver's license in some states of U.S (Bolle, 2004).
There are some changes in implementation of biometrics systems in immigration issues. According to the session of the Senate Judiciary Committee on May 17, 2013 was stated "Some members of the committee said they want solid information on the likely cost of a biometric system to track whether persons who come to the United States on temporary visas exit the country before their visas expire" (Kammer, 2013). There were also some bad news, but still the movement in favor of the large-scale introduction of biometric systems is gaining momentum.
According to surveys about preferred places of using of biometric technologies, respondents want these technologies used mostly for office security, travel, airport check, medical procedures, government functions and financial transactions. Many of respondents were against the usage of biometric technologies in educational institutions (Chu & Rajendran, 2009).
According to the surveys that have been conducted through personal interviews 77% of respondents understand the usefulness of biometrics for identification and authentication; 16% prefer biometric technologies because of its precision, scalability, ethics of use and security it provided; the last 7% were against these technologies (Chu & Rajendran, 2009). In addition, respondents were asked about acceptance of certain technologies. On the first place, they put fingerprint recognition, then iris recognition and the last place was given to signature recognition (Chu & Rajendran, 2009).
According to prediction by TechCast and current trends in the daily increasing demand for these technologies 'biometrics is expected to enter the mainstream (at a 30% adoption level) in 2015 with a $380 billion U.S. market size, a $1368 billion world market, predicted at a 73% expert confidence level' (Chu & Rajendran, 2009).
Deficiency of authorized identity contributes a cycle of poorness and social lockout for various individuals in the growing world (Jain, Bolle & Pankanti, 1999). Robust national identification systems are crucial for common, governmental, and financial growing, and they can reinforce aid delivery. After all, the success of any national ID program-biometric or not-depends more on processes than on technologies. Identification should be viewed as an element of evolution policy, rather than being seen as only an expenditure on a program-by-program base (Jain, Bolle & Pankanti, 1999). Within such a principal model, state and contributor can make an effort to succeed in the identification gap, and in the process improve both implementation and the effectiveness of various programs.
Biometric systems are vulnerable to potential security breaches from fraud and various attacks. Therefore, these systems should offer a high degree of protection to various vulnerabilities resulting from intrinsic failures and adversary attacks (Biometrics Institute, n.d.). In the end, the return on investment or cost-benefit analysis is crucial for creating the case for biometric systems in most applications.