Previous computer-based security tools
Until now, the most common category of tools used to guarantee a secure authentication have been passwords. A password refers to what somebody knows. It is a combination of words and numbers arbitrarily chosen by a person in order to limit access to external users. However, unsophisticated passwords, which is often the case, can be easily guessed, stolen, or cracked by some external parts. The second category of tools that have been developed to control access are physical devices called “tokens”. Tokens refer to what somebody has and knows. A token, combined with its corresponding password, has to be connected to the appropriate computer-based receptor in order to be granted access. The most widespread tokens in the market today are the “magnetic strip card” and the “smart card”. The first one is equipped with a magnetic strip containing confidential information to be used with a personal password where as the latest has a built-in microchip able to store and process information.
Does biometric technology have the potential to replace them?
Many argue that biometric devices are the security tools of the future. Because they require the physical presence of the user, biometric devices refer to what somebody is. However, biometric recognition system are not infallible. Indeed, authorized users can be rejected while unauthorized users can be accepted. Therefore, an FRR ( false rejected rate) and a FAR (false acceptance rate) is associated with each biometric device to evaluate its degree of reliability. Biometrics devices alone do not provide a perfect level of security, so they do not have the potential to replace passwords and tokens. Instead, a combination of passwords, tokens, and biometrics all together, which refers to what somebody knows, has, and is, allows to increase the level of security. For example, a smartcard requiring a corresponding password can hold a biometric fingerprint sample of the card owner.
References:
- www.fdic.gov/consumers/consumer/idtheftstudy/technology.html#part5
- www.interpol.int/Public/TechnologyCrime/CrimePrev/ITSecurity.asp
- www.answers.com/smart%20card
- Merkert, Robert. Smart card and physical access control system. Opening the digital word. Biometric consortium 2005 conference. SCM Microsystems.<www.biometrics.org/bc2005/presentations/conference/wednesday%2520september%252021/wed_washab/merkert_smartcards_and_biometrics.pdf+smart+cards+and+biometrics+in+physical+access+control+systems&hl=fr&ct=clnk&cd=1&gl=c
