Various systems need to uniquely identify its users and also to verify their identity. Example of such system is secure access in buildings, data centre, personal computers and laptops, mobile phone and ATM machines etc. To accomplish the task, the systems need a method that can be based on ‘what the user knows’, ‘what the user has’ or ‘what the user is’. Traditional password based authentication system is based on ‘what the user knows’. And biometrics authentication system or biometrics is based on ‘what the use is’. The main goal of this paper is to find out the acceptability of biometrics over traditional password based authentication method.
This chapter presents the reader with an over all idea about the contents of the whole research paper. A precise background about the research topic is discussed here. A description of the related research area is also discussed with the purpose of the research as well as the goal and audience.
Security is always considered as an important issue of every system. People have always felt the necessity to have a method to uniquely identify an entity which will be permanent and provide better performance than existing ones, which have acceptability to all. And obviously the method will provide hundred percent security. Pursuing these necessities, different methods have been developed at times. Some of them have been accepted and some became extinct. While talking about secure system professor Eugene H. Spafford said that, “The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards – and even then I have my doubts.” . But that could not stop people from trying to make the systems absolutely secure.
For a security system to work properly it is necessary that authentication is performed accurately. Matt Bishop defined authentication as, “binding of an identity to a subject”. Information provided by the entity makes the system confirm its identity. This information may be based on ‘what the entity knows’, ‘what the entity has’, ‘what the entity is’ or even on ‘where the entity is’ . Among all the stated sources ‘what the entity is’ is little bit different, as here the entity itself is the means of its authentication. And here comes Biometrics as a means of authentication method. Biometric recognition, or simply biometrics, can be defined as a means of automatic recognition of individuals based on their physiological characteristics, behavioural characteristics or combination of both . Some examples of Biometric methods are finger print, hand geometry, retina pattern, voice recognition, keystroke and pointing pattern.
1.2 Description of the Research area
The word Biometrics is derived from two Greek words ‘bio’ which means life and ‘metric’ which means to measure . Ross Anderson defined Biometrics as a method of identifying people by measuring some aspects of their physiological characteristics, behavioural characteristics or even combination of the both .
The use of biometrics as an authentication technology is definitely not a new one. People have been using handwritten signatures for hundreds of years. History says in 14th century merchants in China used stamped handprint and footprints of children to distinguish them from one another . And now, as the technology is developing day by day, the biometric technology is also getting more and more updated. Numbers of new biometric methods have been introduced in the market over the last couple of decades. All of the different Biometrics methods have some pros and cons of their own which has been discussed in detail elsewhere .
1.3 The purpose of the Research and its role within the research area
The purpose of the research was to assess the acceptability of Biometrics Security System to general people. Our findings will help to resolve some issues of different biometrics methods regarding user acceptability and will also help to make it more effective and useful.
1.4 Goal and Audience
Our main goal was to assess the acceptability of Biometric Security system over the traditional personal identification system. Our audiences are the people who want to work with biometric security system for the general people. People who want to know about the acceptability of Biometric security system are also in the range of our audience.
2 Materials and Methods
To accomplish our research work and to achieve the goal we have divided our work into some steps. First of all we have prepared a research question. Then we have carried out a literature study. We have studied a number of research papers, journals, publications and some related books. The purpose of the study was to acquire a clear understanding about Biometrics, the level of security and reliability provided by Biometrics over other available authentication methods and to be familiar with different Biometric techniques. From our reading and observation we formulated a hypothesis. Then we developed a questionnaire and distributed it among people from different backgrounds.
2.1 Research Question
What is the acceptance level of biometrics security system over the traditional ‘what the user knows’ based authentication system?
2.2 Literature Review
Security Engineering, A Guide to Building dependable distributed systems, by Ross Anderson: Basically we started our study with this book. And found it as a bible of not only Biometrics but also for many other security aspects. Our research supervisor Louise Yngstrom referred us the book as a good source of information.
Biometrics, Identity verification in a Networked world, by Samir Nanavati, Michael Thieme and Raj Nanavati: This book also helped us to make a good foundation of our knowledge about Biometrics. We searched and collected the book from KTH library.
An Introduction to Biometrics Recognition by Anil K. Jain, Arun Ross and Salil Prabhakar: We have found this paper from IEEE. We found it interesting because without just discussing about different Biometric methods they made a comparison among them from different perspective like Universality, Permanence, Performance and User Acceptability.
Perceived Acceptability of Biometric Security Systems by Frank Deane, Kate Barrelle, Ron Henderson and Doug Mahar: We found the paper by searching through Google. It was published by Elsevier Science Ltd. This paper was helpful in a sense that the authors basically tried to assess the acceptability of physiological and behavioral characteristics based biometric methods and we got knowledge about how to conduct a comparison between two systems.
Usability and Acceptability of Biometric Security Systems by Andrew S. Patrick: We found the book by searching through Google. It was published by the National Research Council (NRC) Canada. In this paper the author discussed about the challenge of designing a usable and acceptable biometric system. This paper helps us to know the potential of Biometrics over traditional password based authentication system.
2.3 Observation and Primary Hypothesis
From our literature reading we found that Biometric security system is getting a lot of attention because of its huge potential to increase the accuracy and reliability in the field of identification and authentication. A number of factors are working behind the increased usability of different biometric methods. The manufactures are manufacturing chips to use in biometric security devices which are smaller, cheaper and durable. The biometric devices are now designed with better ergonomic features. Its necessity is gradually being realized in the military applications also . Not only that, Biometrics is going to be used in the Passport system in European Union . For the last couple of years the use of Biometrics in consumer products (e.g. Computer mouse, keyboard, and mobile phone) is noticeable. Besides a lot of research is going on to improve the Biometric Algorithms. Over all we found from our study that to make a seamless access control and authentication environment there is no alternative to Biometrics .
From our literature reading we also found that Biometrics is now considered more secure than the password based authentication system or even using smart cards . Biometrics is resolving the problems of passwords and PIN codes, which are considered as the most frequently used authentication technology. Biometrics security system introduces increased security, convenience and accountability compared to traditional password based authentication systems. When passwords have a threat to be guessed easily, Biometric data cannot be guessed in that way. Biometrics relaxes the users from memorizing a huge number of passwords and managing them. And as a result of these some big organizations have already moved to Biometrics system leaving the password based system behind . These issues are discussed in more detail in .
We also saw that a lot of research has been conducted about the assessment and evaluation of the performance of different biometric systems. But few pieces of research have been done on the acceptability of the systems even though they are being used by general people. So we became interested about the acceptability of the Biometrics security systems as compared to the most frequently used password based authentication systems. And from our readings we hypothesized that – as having more reliability and excellent features the Biometrics security system will be more acceptable to the general people than the traditional password based authentication system.
2.4 Testing the Hypothesis by real life survey
In our survey total participants till date are 68. 87% are male. Most of the participants are in the age range of 26 to 30 years and that is 51% of the participants. 98% of the participants are computer savvy. 65% of the participants are students and 32% are jobholders. All the participants have at least minimum knowledge and/or experience about biometrics. And 99% use computers in their daily work.
Participants were given a questionnaire to complete. They were asked to provide their biographical data (e.g. age, sex) and level of computers usage. There was a question to assess their satisfaction level of using biometrics. A 5-Point-Likert-type scale was used to do that. There was a question to assess whether the presence of Biometrics have ever influenced them to buy a product or service. They were asked about their preference among different biometric authentication methods and traditional password based identification methods. There were also questions to assess which authentication method they think most secured.
We conducted a field-based survey. Participants were met in groups and they were given a briefing about the research topic and purpose of the survey. All their confusions and questions were resolved on spot. They were informed that the survey is anonymous, voluntary and that they are not bound to answer all the questions. They were requested to provide unbiased opinion. They were asked to provide their email address if they want to know the result of the survey as well as the project and it was definitely kept optional.
The objective of our research work was to assess the acceptability of different biometrics methods to general people. To find out the research answer we have conducted a survey. From the survey we have obtained some interesting findings which will be presented here.
There are many biometrics methods available now-a-days, among them we have chosen voice recognition, facial recognition, pointing, finger print, hand geometry and retina scan as because these are the most well known methods. Now Figure: 1 shows that 41% of the total participants think finger print is the most secured method than any other authentication methods. Retina scan has been supported by 26% of the total participants. Position of the password based authentication method is 3rd and only 23% people think it
is a secured method than the others.
Fig: 1. Authentication method that participants think most se