...
Cyber Security

Computer Biometrics For The Benefit of Cybersecurity

Pinterest LinkedIn Tumblr

Today, both in the digital and traditional world, multiple threats to the security of companies are increasing, where external factors take advantage of the vulnerabilities of communications and systems such as those related to the identity of things and people on the network.

54% of companies nationwide claim to have suffered some kind of economic fraud in recent years, highlighting cyber-attack crimes that will be gaining weight significantly.

Therefore, one of the most implemented tactics in companies today is the fact of knowing how to stop fraud attacks, increasing certain security measures, and strengthening customer authentication systems in all communication channels and access points.

Having access to a system where your security depends on a security control that sends you an SMS to your mobile after entering the access data is easily manipulated by any hacker, and it is no longer enough, so now it is necessary that authentication incorporates something that the customer does not have to remember and can not be transmitted, such as your own voice, your behavior, your fingerprint or your face, for this, it seems that this new form of cybersecurity is in biometrics, which aims to have great potential in the not so distant future.

What is biometric authentication?

Biometric authentication can be defined as the development of verifying the identity of a subject, using unique characteristics and measurements of his body, validating that “he is him” to subsequently compare it with a database, and then log into a service, an application, a device, authenticating the subject in action.

How does biometric authentication work?

The function of biometric authentication is performed by correlating the identification of two sets of data; the first one is subject by the owner of the device, and the second one corresponds to a user visiting the device, by detecting various techniques to carry out the suitable process such as determining fingerprints, voice, among others.

If both data are somewhat identical, the device knows that “visitor” and “owner” are one and the same, and give access to the person.

Implementing a process so that it does not require an exact match greatly decreases the chance that the device will not recognize the fingerprint, but also increases the likelihood that in extreme cases the fake fingerprint of an attacker impersonating the real user will be considered legal.

Popular Biometric Authentication Methods

Voice Verification Systems

Voice recognition systems identify a sequence of sounds and their patterns to determine if the person is who they say they are. To perform authentication, it is necessary to perform certain prototypes for correct recording of data such as the absence of noises, echoes, etc.

The best method to access the system is through the implementation of dependent text phrases because with this determinant the system will “propose” to the person the pronunciation of certain words extracted from a fairly large set to maximize the amount of data, that is, in the process recognize the words of the correct user through certain intonation, pronunciation of diphthongs, words with many vowels, analyzing and contrasting his voice with the database to facilitate or deny access.

The main problem with voice recognition is the time it takes for the user to speak in front of the system. Although currently in most of these devices a single sentence is enough, it is common that the user is forced to repeat it or the immunity against replay attacks, which is a model of simulation attacks in which an attacker reproduces by means of a tape recorder words that the legitimate user pronounces to access the system.

Handwriting Verification Systems

The main objective of this system is not to interpret what the user writes, as most people would describe it, but rather authenticate it based on characteristic features.

There is a great bed in differentiating the type of signatures that we make day to day signing contracts, to the existence of the verification of writing with a biometric system, since in these dynamic characteristics are established as the time used, the times that the pen is separated from the paper, the angle at which each stroke is made, among other points, to implement this system involves aspects such as obtaining a certain number of signatures example, from which the system extracts and stores certain characteristics; This stage is called learning and the main obstacle to its correct execution are the users that usually do not sign uniformly, which reduces its security.

After the system knows the signatures of its users, when they want to access it, they are asked for such a signature, with a certain number of attempts. The entered signature is captured by a stylus or by a sensitive reader, and access is granted once the user has entered a signature that the verifier is able to distinguish as authentic.

Fingerprint Verification Systems

Systems based on fingerprint verification are relatively cheaper compared to other biometrics, although they have the temporary inability to authenticate users because, if there is a problem with the condition of the skin on the fingerprint, such as a wound or dirt, the pressure exerted on the reader can cause erroneous readings.

Its function for authentication is at the time of placing the user’s finger on a reader, it takes an image through a system of fine mirrors to correct angles, and then extract the minutiae, ie certain arcs or swirls of the fingerprint that are compared with those already assigned and stored in its database with the help of these minutiae by the relative position of each of them, not by the fingerprint itself to allow or deny access.

Eye Pattern Verification Systems

This type of model is expensive for most organizations, it focuses on two different technologies: the first one analyzes retinal patterns, and the second one focuses more on iris analysis. These methods are usually considered the most effective, although its main disadvantage is that, looking through a binocular (or monocular), is not usually comfortable enough for those who implement this technique, nor reliable due to the beam of rays that spreads through the user’s eyes analyzing different patterns, this type of tests can also detect the presence of medical characteristics, so the user believes they could steal their privacy.

On the other hand, retinal verification technology is implemented through a process where the user must look through binoculars at a certain point, adjust the interocular distance and finally press a button to start such analysis that will detect the retina with spiral infrared radiation of low intensity, detecting nodes and branches of the retinal area to compare them with those stored in a database; if the sample matches the one stored for the user that the individual claims to be, access will be allowed.

As for iris verification, the amount of information that can be extracted is greater than that which can be found in fingerprints, by taking a black and white photograph of between 5 and 24 inches with a camera that is certified by international standards of safe lighting, using a non-invasive method of near-infrared rays, In this way, inner and outer edges of the iris are located, encoding certain patterns of the eye in a process called demodulation, which implements a code called IrisCode® for the texture sequence in the iris capturing features in a robust way that allows a very fast and easy comparison against a large database of patterns.

Hand Geometry Verification Systems

These authentication systems based on the analysis of the geometry of the hand are the fastest within the biometrics, that is, in about a second they are able to determine if a person is who he claims to be, the process is determined when the user places his hand on a device as marked by the correct position of the reader, where cameras take a top and side image, from which certain data is extracted – width, length, area, and certain distances, transforming this data into a mathematical model that is contrasted against a base of patterns, the system is able to allow or deny access to each user.

Conclusion

If we think of an average user, their knowledge of security is limited and their interest is limited to comfort and usability, so there are a variety of systems that can be attached to determining factors and needs of each company or user, although much of their concerns is the fact that they have the knowledge that in the field of information security nothing is protected 100%.

Security analysts have shown that it is relatively easy to fool a biometric sensor. This is why most providers of biometric authentication solutions have improved their software systems to prevent, for example, the use of static images of a face for facial recognition and to make this system as valid and secure as possible.

There is no doubt that such systems can make an improvement in the implementation of cybersecurity and it all depends on the method that is used for its ideal operation.

Professional Cyber Security. Web Dev and Social Media Specialist. Music lover. Friendly organizer. Entrepreneur.

Write A Comment

Optimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.