Biometrics Access Control Systems
by
Capt. (Retd.) S B Tyagi, Senior Manager (Security), GAIL (India) Limited, New Delhi.

  What is Access Control?

 The potential cost to business when security is breached can weigh heavily on a company’s safety, reputation, viability and ultimate profitability.

 Staff’s well being, product integrity, secret processes, collateral and intellectual property is all at great risk.
Access Control provides the ability to control, monitor and restrict the movement of people, assets or vehicles in, out and around a building or site.

 Today’s bustling; exciting business needs the ability to:
To know who is in the premise.
Know where people are
Restrict access to certain areas where sensitive business activities are going on.

 For this a simple and flexible system is required that can be built upon in future in pace with the changing scenario and solve the immediate problem of people losing their ID tags regularly.

 Why Access Control? 
Access Control provides "owners" with the ability to protect their people, assets and intellectual property.

 Unlike old-fashioned methods, such as the lock and key, Access Control provides not only security but also a record of events that have occurred. It also offers the potential of unique identification of individuals or goods entering or leaving controlled zones within a building or site. 

Where should Access Control be used?
Access Control should be considered wherever there is the need for restriction or control of access. Typical applications include staff and visitor movement around an office building or site, the controlled movement of assets in, out and around a building. For example, the entry of personnel into secured areas, the movement of patients, staff and/or visitors around a hospital or the control of entry into car parks.

 YOUR BODY: YOUR PASSWORD: BIOMETRICS

No guard to be seen, no receptionist either.  You can see no men inside the building.  Still you want to go inside as you have an appointment.  You approach the main gate and a voice commands you to put your hand on a penal, prominently placed at the entrance.  After few seconds, gates open automatically for you.  Next time or any other time, gates will open or close for you depending on type of authorization accorded by the Security Manager.

 This is the science of identification in which various body parts are used to identify the person.  These body parts have unique feature which no two persons can have and these become unique identification references for the Access Control System based on biometrics technology.

 What is Biometric Security?

 Biometrics is based on the scientific fact that few body parts of every human being have distinct features which are unique and different than others.  There are many physiological / biological attributes in one person which makes him different than others.  Finger prints, shapes of years, retina, body odor etc. are few such attributes which can be used for identification purpose.

 A biometric, also called a biometric characteristic or a biometric trait, is a measurable physiological or behavioral trait of a living person that can be used to determine or verify the identity of that person in criminal forensics or for access control.

Biometrics is the strongest single-factor user authentication methods and are, therefore, better than a memorized password or token. The biometric — e.g., a fingerprint or iris pattern — is uniquely bound to each person and cannot be forgotten or mislaid.

Biometrics usually are categorized as:

Physiological biometrics (also known as static biometrics): Biometrics based on data derived from the measurement of a part of a person's anatomy. Examples include fingerprints and iris patterns, as well as facial features, hand geometry and retinal blood vessel patterns.

Behavioral biometrics (also called dynamic biometrics): Biometrics based on data derived from measurements of an action performed by a person and, distinctively, incorporating time as a metric — i.e., the measured action has a beginning, middle and end. Examples include voice (speaker verification) and signature.

 Face recognition, Veins identification, Iris scan, Hand Scan, ginger print scan and voice scan are few such technological processes used for biometrics based Access Control Systems (ACS).  Iris scan is considered to be most successful technique as it can also be used for identification of criminals, if their pre-scanned reference files are available in the server of the ACS.  Voice recognition technique is considered to be the weakest as voice is prone to changes according to emotional condition, climate, weather, illness etc.  That’s why it is not trustworthy technique.

 Biometrics ACS has already been very popular in European countries.  These systems are fool-proof and cannot be compromised.  System keeps generating reports based on the pre-arranged program such as entry/exit time of all/specific employees, presence of specific employees in specific place, location of all or certain employees at any given time.  How employees cannot befool their employers as system keeps information on their `comings’ and `goings’.  The data generated by Biometrics ACS is more dependable and trustworthy than time-punching card for attendance recording as it ensures that only “The Person” is gaining entry as in case of card punching, any one can punch the card.

 Normal token based access control systems are fraught with possibilities of misuse as there can be lost, stolen or duplication.  Employees themselves damage the cards or pretend to have them at home.  No such eventualities are probable in biometrics based systems.

 At most of the airports or high profile public meetings in Europe, face recognition based ACS are used to identify / know criminals / terrorists in the crowd as their photographs are stored in the data base of server of ACS, which constantly keeps matching them with the crowed which is under observation through CCTV Cameras.  Where there is similarity, which has reliability percentage up to 97%, there is audio-visual alarm generated.  Thus, a criminal can be identified even in a crowed of thousands.  Security and confidentiality related complexities have improved the technology based biometrics and it has been instrumental in preventing breach of security and discouraging criminals.

 It is general belief that biometrics based ACS is very dependable system and it cannot be fooled.  Your face or hand can become your identity card which cannot be lost or stolen.  Still this technology needs to be perfected as there are possibilities of fooling this system. It has been observed that at least 12% finger print sans are faulty or the matching with data base is not correct.  The finger print scanning matching of barber, lab chemist or aged persons is very difficulty.

 International Biometrics Industry Association made data available based on which by year 2000 business on biometrics system was 100 million USD whereas it increased to 170 million USA.  It is expected to reach 1000 million USD by year 2004.  The quantum increase indicates the trust and faith its users are entrusting to Biometrics.  Even though presently the cost of ACS based on biometrics is high compare to conventional ACS its use is slowly increasing world over due to its effectiveness.

Benefits:

 Built-in security
The sophisticated, in-built, tamper-proof security features offer unmatched safety against system or program abuse. Even if the system is turned off completely, data is always secure.

 Instant customizable reports 

Want to find out administrative staff who signed out before 5:00 p.m. on Wednesdays? Sure, required reports can be generated through a simple menu selection, which in turn can be customized to create different options.

Out-of-the-box setup 
It can be set up to operate within minutes. Employees can be added on to the system in less than 30 seconds. NO technical knowledge is required for installing and running it. 

Ease and economy
offers an easy and economic way of organizing employee details. It eliminates paperwork and time spent in tracking employees;

Global system
can be web-enabled to help companies monitor personnel movement across multiple locations. 

Automatic wage calculation option
provides an option for automatic remuneration calculation based on differential wage rates for shift hours or overtime.

Customization
can be customized to meet your specific requirements

HOW THE SYSTEM WORKS 
It is a secure and reliable system that can be configured to perform either verification or identification functions. 

Verification means that the system is used to verify the identity of the person seeking access. This is the most secure access control mode available.

Verification requires the use of a proximity card, key code, or other unique identifier which tells the system who the person requesting access claims to be. In verification mode system reads data from your existing system’s proximity card reader or keypad, and then uses this information to retrieve the cardholder’s security profile. The system takes a live photo of the user and matches it against the ‘face on file’ to verify the user’s identity.  Average recognition time is ~2 seconds from the time the user swipes the card or enters keypad data. The system can also notify your security force when the user’s identity is not authenticated.

Identification means that the system is being used to identify the person in front of the camera, without requiring provision of any other source of identification—except a face.  Many biometric security systems require a person seeking access to be actively involved, either by touching a print reader, looking into an eyepiece, or using a proximity card.  System can be configured to be non-invasive and user-friendly. 

When an authorized person approaches the access door a camera takes their picture, the biometric system then uses the picture to create a face print (subject template) and matches the person’s face print to a database of authorized face prints.  If a match is found, the system unlocks the door, notes the transaction in the activity log, and the authorized person enters the building. To a user, it’s as if someone inside recognized them as they approached the door and pressed the lock release button.

If the system does not recognize the person at the door (not registered to the system) the door remains locked.

Although to the unidentified person at the door it seems like nothing extraordinary has happened, behind the scenes the person’s photo is captured and stored in the database, and the transaction is registered in the activity log. This is purely a security precaution so the administrator will have a record of every person that enters the door, rather than just people who are registered.

The system works the same way even when several people approach the door at the same time; it finds each face in the camera frame and matches it against the database. All recognized faces are logged, any unrecognized faces are photographed and logged, and if the door is already open when an unauthorized face is found, an “unauthorized entry” alarm can sound, notifying the staff to immediately look into the matter.

WHAT ARE THE BENEFITS?

For users:
Convenience—(in Identification mode) no card key to keep track of or access code to remember, and no bags to juggle while searching for a token or punching in an access code.

For Administrators:

Peace of mind -
Secured areas entrusted to their care are protected from inadvertent lapses in security due to security workers being distracted, and from knowledge that you are no longer reliant on token-based security alone.

Affordability -
In many cases, it enhances security without replacing existing security devices.

Compliance -
In rare situations where a person under protective orders (court orders restricted access to the person by a known individual) or you simply don’t want someone being where they shouldn’t be, the system can be configured to actively look for individuals, identify them, and notify the administrator if the person approaches the secured area. 
It is the best way to improve the security of your site without having to replace your existing systems.

FINGERPRINT READERS

It has an optical scanning device that uses digital holography to 3-D scan a finger and compares it against a previously enrolled template. 

It has following features-

Fully featured biometrics fingerprint reader.
Multiple finger enrollment
Very low false acceptance rate of less then 0.0001%
Fast verification
Requires a three dimensional finger – thus copies or images provide no risk to threat to security
Fully compatible with other window based access control system for integration.

 How it works?
 There is an optical device that uses digital holography to 3-D scan a finger and compare it against a previously enrolled template. Templates are stored as an ASCII file against as ID number.

 This system comprises of a reader, a processor and a power supply. To enroll a person takes 25 seconds approximately. A person carries out verification by entering PIN (personal identification number) or swiping their card and placing their finger on the reader platen.

  Benefits:
 Fully featured biometrics fingerprint reader.
Multiple finger enrolment.
Very low false acceptance rate of less than 0.0001%
Fast verification.
Requires a 3 dimensional finger - thus copies or images provide no risk or threat to security.
Fully compatible with JANUS access control for integration as a total security system.

 Applications:
 Very high security
Access control to buildings, car parks, isolated and remote facilities.
ATM, vault and safe control.
Identity verification of visitors to secure installations.
Prisons and military establishments.

Basic System Schematic
 The basic system comprises of a PC, a converter and a 2 or 4 wire data chain connecting to Intelligent Door Controllers (IDCs) & Intelligent Peripheral Controllers (IPCs). The current version of IDC can be installed using a 2 or 4 wire Comms connection.

 Multiple Comms lines can be installed on each  system. The maximum number of controllers per Comms Line is 32

  Intelligent Door Controller (IDC)
 An Intelligent Door Controller (IDC) wires directly to a Card Reader, PIN Pad Interface/PIN Pad, Door Contact, Lock and Egress Switch for two complete door sets. In addition, each IDC has 4 alarm inputs and 4 relay outputs that are available for alarm monitoring and ancillary equipment control.