biometric authentication

Contributor(s): Matthew Haughn

Biometric authentication is a security process that relies on the unique biological characteristics of an individual to verify that he is who is says he is. Biometric authentication systems compare a biometric data capture to stored, confirmed authentic data in a database. If both samples of the biometric data match, authentication is confirmed. Typically, biometric authentication is used to manage access to physical and digital resources such as buildings, rooms and computing devices.

Once seen mostly in spy movies (where it might be used to protect access to a top-secret military lab, for example), biometric authentication is becoming relatively commonplace. In addition to the security provided by hard-to-fake individual biological traits, the acceptance of biometric verification has also been driven by convenience: One can’t easily forget or lose ones biometrics.  The oldest known use of biometric verification is fingerprinting. Thumbprints made on clay seals were used as a means of unique identification as far back as ancient China. Modern biometric verification has become almost instantaneous, and is increasingly accurate with the advent of computerized databases and the digitization of analog data.

Types of biometric authentication technologies:
Retina scans produce an image of the blood vessel pattern in the light-sensitive surface lining the individual's inner eye. 

Iris recognition is used to identify individuals based on unique patterns within the ring-shaped region surrounding the pupil of the eye. 

Fingerscanning, the digital version of the ink-and-paper fingerprinting process, works with details in the pattern of raised areas and branches in a human finger image.

Finger vein ID is based on the unique vascular pattern in an individual's finger. 

Facial recognition systems work with numeric codes called faceprints, which identify 80 nodal points on a human face.

Voice identification systems rely on characteristics created by the shape of the speaker's mouth and throat, rather than more variable conditions.

Watch a video introduction to biometric technologies for authentication:

This was last updated in December 2014

Continue Reading About biometric authentication

Dig Deeper on Web authentication and access control

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

I love biometrics. But for every system, there's a way around it. So dual authentication (or more) is the path I think we should continue to move in. It might be enough for some folks to get voiceprint or retina scan, but once that is found to not be enough, are we ready to add in a few other verification steps to keep data safe?
It ultimately comes down to not letting machines decide if our stuff is secure, but to have a human element to assist in making that decision. A guard at a desk checking an ID is far more likely to thwart a facility breach than a door with key-card access that might be hacked via RFID readers and lazy employees.
Nowadays we have to conscious that we can't keep delegating all responsibility about our identity data on a security password. Passwords are not secure since you have to change them frequently and if they are difficult enough to be secure they are not useful or easy to remember. Therefore,  adding an extra multi-biometric authentication factor is key in order to avoid identity theft fraud. 
Anyway, you can go deeper into the subject reading about the benefits derived from the biometric authentication: