Recently contacted by your credit card company because of a data breach or were you a victim of identity theft? Many of us have either been affected by identity theft or know someone who has been affected. Many consumers are seeking a secure environment that is also user-friendly. Businesses are seeking the same, with absolute certainty, that only valid users can access critical data. How can your company tackle these security and usability requirements while ensuring customer satisfaction?
Today's three primary biometric modalities are fingerprint, facial and iris, and each has its own strengths and weaknesses but due to the global COVID-19 pandemic, touchless is highly preferred. Any company claiming their technology is best for all applications is likely being disingenuous. The key is to first prove a biometric is required, and once decided, the following five steps will help select the best biometric modality and supplier.
Today's three primary biometric modalities are fingerprint, facial and iris, and each has its own strengths and weaknessesBiometrics can provide a mechanism to tackle these issues head-on by moving from what you know (password) and have (ID card) to who you are (your biometric), which dramatically increases the level of security while also being user-friendly. But how is the best biometric modality selected for an upcoming product?
User interaction
Start by defining the planned customer usage model, including the typical user, normal or desired interaction, and product in-field environment and placement, as well as any strategic plans. Think through the clothing the users will wear (e.g., face masks), the height of the users, hygiene requirements and opt-in requirements. Decide how quickly the biometric must respond and test this during the POC testing. The better the enrollment image (template), the better the matching performance and overall user experience.
Biometric storage
Start by defining the planned customer usage model, including the typical user, normal or desired interaction, and product in-field environment and placement, as Due to the global COVID-19 pandemic, touchless is highly preferredwell as any strategic plans. Think through the clothing the users will wear (e.g., face masks), the height of the users, hygiene requirements and opt-in requirements. Decide how quickly the biometric must respond and test this during the POC testing. The better the enrollment image (template), the better the matching performance and overall user experience.
Cost and security
Start by selecting which product lines will use the biometric and establishing the desired price point(s). Decide how the biometric will fit into the product and get bulk pricing to understand unit costs at volume. Software is typically handled as a license fee and often negotiable. The production cost per unit decreases as volumes increase. Choose the biometric modality that best meets functional and security requirements while hitting the targeted price.
The biometric security level required depends on the assets being protected and the matching usage model. A 1:1 model, such as a cellphone, may be fine with a low-security biometric application. However, in a 1:N model, such as airport security, requires a more secure biometric such as iris.
To select the best biometric for the product, compare each company's false acceptance rate (FAR) and false rejection rate (FRR). FAR indicates the biometrics ability to keep intruders out, while FRR indicates the biometrics ability to allow enrolled users in. Ensure that all biometric companies being considered can provide this information at a minimum. It is better to get each company's detection error trade-off (DET) curve, which shows how FAR and FRR vary relative to each other.
Criminal activity
Hackers and criminals are always trying to break technology, including biometrics. Be certain each technology has robust presentation attack detection (PAD), which ideally is third-party certified. Understand what if any personally identifiable information (PII) needs to be captured, and decide how the PII will be handled, including who will manage the data (i.e., your company, the biometric supplier or another third party). Be certain that whoever controls the PII uses the latest encryption standards and employs techniques to secure this data in memory, crossing the network and in the biometric database. Understanding the European GDPR Compliance standards if applicable will also be important.
Supplier consideration
Each supplier being considered should be evaluated throughout the POC testing process. Ensure the supplier is trustworthy, provides good customer support and meets its commitments. Evaluate the supplier's engineering capability and support model to ensure it can support any desired design changes and support your Be certain each technology has robust presentation attack detection (PAD)engineers to deliver the best functioning product.
Selecting the best biometric for your exact use case will take some time and effort, but it has the potential to grow your business and delight your customers. Do not shortchange the process and go with the cheapest solution without doing some research. As the saying goes, you get what you pay for.