Definition[]
Biometric traits "are tied to an individual — specifically something an individual is or does."[1]
Overview[]
“ | [I]t is generally not possible to replace a biometric trait that has been compromised. This is complicated by the fact that the same biometric trait can be used by different systems, and weaknesses in one system could lead to the compromise of the biometric trait for use in another system.[2] | ” |
Factors required for a suitable biometric trait[]
There are a number of factors that make a physical or a behavioral trait suitable for a biometric application:
- Universality. Every individual accessing the application should possess the trait.
- Uniqueness. The given trait should be sufficiently different across members of the population.
- Permanence. The biometric trait of an individual should be sufficiently invariant over time with respect to a given matching algorithm. A trait that changes significantly is not a useful biometric.
- Measurability. It should be possible to acquire and digitize the biometric trait using suitable devices that do not unduly inconvenience the individual. Furthermore, the acquired raw data should be amenable to processing to extract representative features.
- Performance. The recognition accuracy and the resources required to achieve that accuracy should meet the requirements of the application.
- Acceptability. Individuals in the target population that will use the application should be willing to present their biometric trait to the system.
- Circumvention. The ease with which a biometric trait can be imitated using artifacts — for example, fake fingers in the case of physical traits and mimicry in the case of behavioral traits — should conform to the security needs of the application.[3]