A Guide To Biometric Use in Access Control

Biometric access control systems have become more widespread in recent years, and their evolution has led them to be a reliable and high-security method of credential identification, shaping the future of access control. Their capability to identify, verify and gather data that cannot be replicated sets them apart from other credential readers.

Versatile in their uses, biometric readers are widely used as a crucial component for the security and safeguarding of companies across the globe of varying size and industry sector. Their ability to integrate into PC based access control systems and also work as standalone access control offers many opportunities to utilise their security. 

Biometric readers have historically been something you would expect to find in a Bond movie, but their technology has become a reality and is now improving access control and security systems more than ever before. Many smartphones now employ the use of biometric readers as a security feature. This large scale application proves the reliability of the technology and how far it has evolved in recent years to become part of our everyday lives.

What are the advantages and disadvantages of a biometric reader?

There are many varied benefits to using biometric identifiers in access control such as:
  • Accurate identification and verification
  • Easily integrated into an automated system
  • High-security
  • Low false authentication rate
  • Prevents the sharing of credentials
  • User friendly
  • Efficient
  • Scalable
  • Reduced consumable costs (access cards/fobs)
  • Reliable
  • Low maintenance
  • Security cannot be compromised by the loss of a credential

As with every technology, biometric identifiers do have their disadvantages:
  • Less convenient if the user group changes frequently
  • Higher installation and component cost compared to other access control readers. Depending on the facility, this could be outweighed by the reduced maintenance and consumable costs.
  • In rare cases, some users do not have the biometric identifiers the system requires. 1 % of the population are unable to be identified through their fingerprints
To negate some of these disadvantages, sometimes a combined system may be used. For example, regular users could access biometric identifiers whilst visitors could be allocated a unique and temporary PIN. This will obviously increase initial costs but does offer the system far more flexibility for those who need it.

What is a biometric access control system?

Biometric readers enable access based on an individual's physical, chemical or behavioural attributes, such as fingerprints, facial recognition, voice recognition, or retinal scans. The basic principle of a biometric reader is that it recognises and gathers unique patterns from a user. When it rereads the unique pattern, it focuses on a specific relevant feature and compares its focus feature to the system's relevant gathered data. Once the feature is verified, it performs a pre-set action, such as allowing access through a secured door. Identification by physical attribute makes false authentication more difficult due to the complexity of the credential. For example, fingerprint biometric recognition technology works by scanning the unique ridges and patterns within a person's fingerprint. This is almost impossible to replicate in a real-life scenario. 

Unlike readers that require an access card, fob or PIN, biometric access control relies on information that the user cannot forget or lose, information relating to who they are rather than an item in their possession, which encourages accountability and ensures reliable audit trails.

In the wake of COVID-19, it is becoming more common to use thermal imaging systems within biometric access control to measure an employee's temperature before granting them access to the building. This is another way to keep your employees safe as a high temperature could indicate a highly contagious COVID-19 infection.

Biometric access control system components

Biometric readers, as standard, are comprised of four main components:
  • a sensor 
  • an assessment unit 
  • a comparison and matching unit
  • a credential database
Some of these components and actions may be within the software if the reader is used within a PC based system.

The sensor 

The biometric scanning device or sensor is a vital component of the device, forming the interface between the access control system and the user. It is used to obtain and read the user's biometric identification data to verify it against the user database. For example, fingerprint readers use an optical sensor to detect and recreate an image of the structures and ridges of the fingerprint at the fingertip.

Due to this component's importance, it is crucial to ensure the failure rate is kept to a minimum and careful attention to the positioning of the unit at install is a critical factor in doing this. As most biometric data is captured using images, the quality and specification of the camera is an important consideration to ensure the best quality and most useful data is obtained. 

Data assessment

In any access control system, assessing the data provided by the user is arguably one of the most important processes as this is what prompts a decision to made to allow or deny access to a secure area. To ensure this process is effective, the quality of the data received from the user must high. A signal enhancement algorithm is often applied to the incoming data to improve this process and prevent the user from being asked to resubmit the data. The data captured is known as a biometric template, and after processing, specific features will be selected from the template and focussed on for verification. This biometric template will be reduced down to its unique features and stored in the access control system database or compared to the existing database information by the comparison and matching component.

Data comparison and matching

Once the reader has obtained the unique biometric template from the user, processing data comparison and matching against the existing database will commence. This component uses the focusses' unique features on the template to match any identical points with the database information. A match score is produced, which is the number of matching points the comparison has produced against stored data. The quality of the image captured will affect the match score and fluctuations will occur between readings. The match score is the information used by the system to allow or deny access.

Credential database

Any access control system will utilise a database of user credentials. With a biometric system, the biometric template is inputted into the database often accompanied by additional user information. Many systems will store multiple biometric reading samples from the same person to allow and compensate for variations and therefore reduce the failure rate. Facial recognition tends to use multiple templates as facial features are more commonly subject to change. With fingerprint readers, sometimes templates will be stored from multiple fingers to allow for reading and verification of a user in the event of their primary digit rendered unreadable, for example, an injury.
How is biometric technology likely to evolve?

Biometric technologies are ever-evolving, growing more complex to keep systems secure as fraudulent methods also evolve to bypass these measures. We are in the midsts of huge technological advances, and extraordinary technology is resulting. Recent advances such as vein recognition are already widely used in the Japanese banking sector and appear to be the future of standard biometric advances. Vein technology can be used in both fingerprint and palm readers offering the main benefit of contactless access which is particularly relevant at this point with the ongoing Covid-19 pandemic. The scanners in these biometric devices use infrared light to highlight and capture the vein patterns with the ability to capture data even through gloves. Vein patterns are unique to each user, and unlike fingerprints, they are not changed over time or through injury, which is a crucial benefit to the sustainability of the technology.

It is important to remember that, as with everything, not all biometric readers are produced to the same standard and quality. The technology used in smartphones would not be reliable or robust enough to secure a property in an access control system. By the same admission, not all access control biometrics are produced to the same standard either.

Deciding on a biometric unit for an access control system needs to be considered carefully. There are testing procedures and certifications when the highest security is required, for example, military operations. 

Higher security readers will encompass technology that prevents the unit from being duped by cloned or faked fingerprints, such as the ability to check the fingerprint offered for blood flow. These technologies are only going to improve as they evolve.
You can find out about the range of access control solutions available from CMW by clicking here. You can also speak to our access control specialist Emma Harris by emailing emma@cmwltd.co.uk