Problem solve Get help with specific problems with your technologies, process and projects.

How to choose the right biometric security product

Identity management and access control expert Joel Dubin discusses the different types of biometric security products on the market today, and offers advice on how you can choose the right biometric product for your organization.

Which is the best among the different types of biometric security products and why is it the best? What considerations go into choosing a biometric security product? Are there new technologies I should be considering?
There are at least a dozen different types of biometrics products on the market today. The choice of product for a company should be driven by business needs, technology infrastructure, the risk of the systems to be protected and acceptance by users -- whether they're employees or customers.

In other words, there isn't a best product. It depends on a corporation's specific needs.

But, that said, here's a quick rundown of some common products and what to look for when shopping around for a solution.

Far and away, the most common biometrics devices are still fingerprint scanners. Despite a lot of new products on the market, including some rather esoteric ones, fingerprint scanners remain the old standby. This is partly because they were one of the first biometric technologies invented and partly because of their ease of use.

But that doesn't mean fingerprint scanners should be the only consideration for a company's first biometrics implementation. There are also face and voice recognition systems and iris and retinal scanners, as well as new devices that "learn" typing patterns or identify electrophysiological signals.

Each has its own strengths and weaknesses. Fingerprint scanners have been around for a while and have a good track record. But they can be defeated, sometimes by a putty mold of a fingerprint, for example. They're also prone to errors. If a fingerprint is damaged from an injury or smudged, the reader might not work. Face and voice recognition systems suffer from some of the same issues -- they can be recorded, copied or spoofed. Iris and retinal scanners suffer from lack of customer acceptance. Who wants a light beam shining on their eye?

On the more esoteric side, BioPassword uses what they call keystroke dynamics to measure and record a user's typing speed and style. Aladdin is piloting a device that measures electrophysiological signals, which are a combination of heart rate and other cardiovascular metrics that can be read through a fingertip put on a reader.

Whichever route you choose, make sure there is a clear business case. Biometrics of all types requires an investment in hardware. If the data being protected is of low risk, biometrics is overkill. It should only be considered for access to highly sensitive data and high-value transactions. Otherwise, stick to more traditional authentication systems.

Make sure the devices are compatible with your network architecture. Biometrics has had a renaissance lately because the devices have gotten smaller; some are the size of key fobs and plug into USB ports.

The next consideration is the security of the device and its supporting systems. Data from biometrics devices is sensitive, like any other authentication credential. It should be gathered on a tamper-proof device, transmitted over an encrypted channel and stored in an encrypted database. Both Active Directory and LDAP offer these capabilities, and it's a best practice to check if the device is compliant with either of these authentication directory systems.

Then, of course, user acceptance is key. Whether for employees on the job or customers outside the company, if users don't want it, or think it's too difficult to use, consider something other than biometrics.

For more information:

  • Learn more about fingerprint door lock technology, as Joel Dubin unveils whether or not this technology can be controlled through a network.
  • In this tip, learn the pros and cons of single sign-on (SSO) products and federated identities.
  • This was last published in December 2007

    Dig Deeper on Biometric technology

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.