What is Biometric Authentication?

Definitions and FAQs

General Biometrics FAQs

Biometric authentication is the use of a person’s unique human characteristics for verifying their identity.

Continuous biometrics recognizes the uer throughout their interaction with the protected system. The recognition score dynamically updates, enabling the system to detect the introduction of a new user.

Facial recognition compares many characteristics of a person’s facial structure, not eye or skin color, against a previously stored model of that person’s facial structure to determine a match. Facial recognition works because facial structure is significantly different for each person.

Facial liveness, short for facial liveness detection, determines if a face presented to a facial recognition system is that of a live person or a high resolution photo, cut out photo, 3D mask, or video. Typical liveness techniques include asking the person in front of the camera to blink, smile, move their head a certain way, or move the camera itself in some way, all resulting in time and complexity for detecting liveness. Further, there are known techniques for beating these active liveness methods. Passive facial liveness is the ability to determine liveness without the person’s participation. Facial liveness is a critical step in the process of accurately authenticating a person with facial recognition technology when the facial recognition system is operating without human supervision, such as authentication on a mobile phone.

Behavioral biometrics uses the uniquely identifiable patterns in a person’s activity — like the way they type, move a mouse, or how they walk — to verify a person’s identity.

Keystroke dynamics is a type of behavioral biometric that uses the patterns and rhythm of a person’s typing on a keyboard, keypad, or screen. Patterns include the length of time a key is held down (hold time) and the delay between keystrokes. Keystroke dynamics are useful to verify identity.

Test dependent and independent voice verification are both types of voice biometric authentication. Text dependent verification involves the user speaking a previously enrolled phrase or pin. Text independent verification doesn’t require the speaker to say a specific phrase during enrollment or verification — both of which can happen in the background during the user’s normal interactions.

Biometric spoofing is an attempt to gain access using falsified biometrics to appear as a real person. For example, a voice biometric spoofing attempt may use a recording of the target person’s voice.  Or the spoofing attempt may use a computer to synthesize the person speaking a voice biometric passphrase. For facial recognition systems, the spoofing attempt may be a photograph, cut out photo, video screen, or a moving video. Spoofing attempts like these are best combated with voice liveness and passive facial liveness detection technology.

In biometric authentication, a false acceptance is the incorrect verification of a user resulting in an impostor passing as an authorized user, whereas a false rejection results in an authorized user being blocked.  These are the two types of errors that occur in biometric verification systems. A plot of these two errors, usually the false accepts on the x-axis and false rejects on the y-axis, provides a quantitative assessment of the performance of a biometric system on a given data set.  This plot is called a Detection Error Trade-off curve with the rate of false acceptances called the False Acceptance Rate (“FAR”) and the rate of false rejects called the False Rejection Rate (“FRR”).

Neural networks simulate activity of the human brain such as pattern recognition and use artificial intelligence to learn to perform tasks. A deep neural network is a complex neural network with more than two layers – generally an input layer, and output layer and at least one layer in between. These layers perform sorting and ordering to manage and classify unstructured data. For example a DNN can be trained to recognize the sound of a dog barking by being presented with labeled recordings containing various types of barking in addition to recordings with no barking. Proper training requires large data sets.

A Presentation Attack is the term used in the biometric industry to refer to a biometric spoofing attempt.  The Presentation Attack may be either an attempt to create a false identity or impersonate someone else.

A vector in machine learning is an array of numbers that correspond to features used in classification. X-vector is the newest extraction algorithm, replacing i-vectors with embeddings produced by a deep neural network (DNN). X-vector technology offers high performance for classifying individual speakers, accuracy in short speech utterances. 

A convolutional neural network is a type of deep neural networks that is typically used for analyzing and classifying visual imagery .

Equal Error Rate (EER) is a metric used to determine threshold values for false acceptance and false rejections in a biometric security system.  The EER is the point that the false acceptance and false rejection rates are equal. The EER is a commonly used term because in a single number, it conveniently provides an indication of the accuracy of a biometric system without having to look at a plot of false accepts vs. false rejects. 

These are standardized metrics for performance.

Bona fide Presentation Classification Error Rate (BPCER) is the proportion of bona fide presentations incorrectly classified as presentation attacks in a specific scenario.

Attack Presentation Classification Error Rate (APCER) is the proportion of attack presentations using the same PAI (Presentation Attack Instrument) species incorrectly classified as bona fide presentations in a specific scenario.

Average Classification Error Rate (ACER) is defined as the average of the APCER and the BPCER for a pre-defined decision threshold.

When a person attempts to gain access through voice biometric authentication, the characteristics of their voice is compared with a stored voice template or “voiceprint”.

Voiceprint is another term for a voice biometric template.

Voiceprints are stored in an encrypted format that is meaningful without access to the backend for processing it.

Speaker recognition is another term for voice recognition.

Voice recognition is the technology used to identify the person speaking (“who’), whereas speech recognition is used to recognize the words being spoken (“what”). Voice recognition is used for biometric authentication.

Speaker diarization is a capability used to segment individual speakers in an audio stream with multiple speakers. When used in combination with speech recognition systems, it can determine speaker identity and thus who is speaking when. This can be useful in voice biometric enrollment, biometric authentication and transcription.

FIDO stands for “Fast Identity Online.” The FIDO Alliance is an open industry association with the mission to develop and promote authentication standards and reduce over-reliance on passwords. Learn more at www.fidoalliance.org