Limitations Of Biometrics

Limitations Of biometryThis paper foc utilisations on the limitations of biometry and demonstrates how the theory of empennagecellable biometry can mitigate such limitations. Cancellable biometry gives biometric systems, theoretic in ally, the ability to re-issue biometric signals. Thus, if a biometric informationbase is ever compromised, the biometric run across can be re-set. Our team believes that cancellable biometry should be a best practice when utilizing biometric technologies. This paper begins with a earth of biometric technologies, the global biometric foodstuff, and general limitations of biometry. The main body foc determinations on the background, concepts, and function of cancellable biostatistics offered as a solution for some of the limitations addressed. Finally, an analysis of cancellable biometrics advantages and disadvantages concludes our paper.What is Biometrics?To fix biometrics, you can look at the Greek translation. Bios translates to life and metric translates to measurement. This leads to a direct translation of biometrics to life measurement. (Biometric Definition-What, 2005) Biometrics is a technique for appointment of people that uses body characteristics or behavioral traits and is increasingly existence utilise instead of or in conjunction with other(prenominal) plays of identification based on something you collapse (e.g. ID card) or something you know (e.g. password or PIN). (8.5 Biometrics) The direct Greek translation of life measurement is fitting because biometrics looks to measure physical or behavioral traits of a human for identification purposes.There are two types of biometrics behavioral and physical. Behavioral biometrics measures the characteristics that an individual naturally acquires over the scotch of their lifetime. Examples of this engine room include speaker recognition, signature verification, and keystroke verification. Physical biometrics measures the physical characteristics and body measurements of an individual. Examples of this technology include seventh cranial nerve recognition, fleur-de-lis and retinal scan fingerprinting, and deoxyribonucleic acid typing (Biometric Definition-What, 2005). There are also two modes that biometrics can operate in verification and identification. Verification is used to validate a somebody against who they claim or present themselves to be. It is a one to one match between the acquired guide of the individual and a stored pathfinder for duplicate. This mode relies on individuals go in their biometric information into the system prior to trying to gain opening to it (8.5 Biometrics). Identification is the process of trying to figure out who an individual is. This involves a comparison of the individual to a list of guidebooks stored in the entropybase. (Yun, 2003) Physical biometrics can be used for either verification or identification while behavioral biometrics is typically only used for verification purposes. (Bi ometric Definition-What, 2005)The History of BiometricsBiometrics seems to be a modern sidereal day technology, but its concept was essentially employ as far back as the fourteenth century. Chinese merchants used fingerprinting during the fourteenth century to identify children (Osborn, 2005). In 1890, Alphonse Bertillon developed a form of biometrics known as anthropometrics. Anthropometrics is a method of identifying individuals based on precise measurements of their body and physical descriptions. This method fell out of use when it was observed that multiple individuals could share the resembling body measurements. (Biometrics History, 2006) Early in the 20th century, an applied mathematician named Karl Pearson used statistical history and correlation to biometrics research. Signature biometric stylemark was developed during the 1960s and 1970s, marking a capacious breakthrough in behavioral biometrics. (Osborn, 2005) Also during this time, the FBI pushed for automating t heir fingerprint recognition process. This automation was the start of modern day biometrics, a combination of the biometrics process with information technology. During the 2001 Superbowl in Tampa, Florida, face recognition software was installed at the stadium to identify known criminals. (Biometrics History, 2006) Post 9/11 terrorist attacks, there was a huge push by the U.S. government to implement biometrics on a large scale. The government began installing facial recognition hardware and software in airports to identify suspected terrorists. (Osborn, 2005)Generic Biometric SystemWhile there are more biometric technologies in use today, and many more being invested in and researched on, they all share a similar process flow (Yun, 2003). The following image is a basic block plot of a biometric system witnesser (Yun, 2003)The process always starts with some type of sensor device. This is what captures the biometric information. The capture information is then sent through a tr eat phase. Here the information is cleaned up, noise is removed, and the important info is enhanced. The processed data is then put together to form a guide. A template is what represents the biometric data within the system. If its the first time the individual is using the system, the template is stored within the system. Otherwise, the generated template is compared against an already stored template during the matching process. If the biometric technology is operating in a verification mode, the generated template is matched against a specific stored template. If the technology is operating in an identification mode, the generated template is matched against a list of stored templates. If the matching process yields a controlling match, then the individual is granted access to the application device. (Yun, 2003)Current Global Biometric MarketIt is important to consider the prevalence of biometrics. Although it whitethorn seem futuristic, biometrics is being used in countries all over the world. According to Prabhakar, Pankanti, and Jain, biometric applications fall into threesome main categories commercial, government, and forensic. The commercial category includes applications used in e-commerce, banking, and social networking sites. Governments use biometrics for drivers licenses, immigration control, and e-passports. Forensic applications include devices used in criminal investigation and prisoner identity control. (Prabhakar, Pankanti, Jain, 2003)According to BCC research, the global biometric revenue increased from $1.950 million in 2006 to $2.7 billion in 2007. The compound annual growth rate from 2007 to 2012 was pass judgment to be 21.3% (The Global Biometrics Market, 2007). As you can see from the figure below, the biometric technology being used ranges from fingerprint scanners, leading the market, to hand geometry scanners.The market statistics above were derived in 2007. As a means for comparison, our group thought it best to notice mar ket research from at least one more source. According to a more recent article, issued by homeland credential newswire on January 18, 2011, the market is expected to grow at 18.9% per year until 2015, bringing estimated global revenue from biometrics up to $12 billion in 2015. Fingerprint technologies forget hush up dominate the market, with face, iris, vein, voice recognition following (Biometrics market expected, 2011). BCC assumed a 21.3% annual growth rate, which would fuddle made 2011 expected revenue around $5.8 billion, the actual 2011 global biometric market revenues totaled $5 billion (Biometrics market expected, 2011). The main point is that the global biometrics market has been growing as expected and is expected to grow.Biometric technology offers significant advantages, but there are some limitations that need to be addressed as the biometric market continues to grow. For example, although the US has been the leader of the biometric market, scanning of iris or fing erprints to use ATM machines has not been implemented due to privacy and expense concerns. (Biometric ATMs not, 2005) angiotensin-converting enzyme of the major limitations is the issue of privacy. The issue of privacy and other limitations, if not resolved, may continue to prevent the biometric market growth as seen by Americans lack of biometric ATM machines. The following section will discuss limitations of generic biometric systemsLimitations of BiometricsAn obvious issue with biometrics is costs. The table below was derived from the product offerings of a leading biometrics supplier, digitalPersona, Inc., using the framework from their whitepaper on best practices. This chart includes all aspects of a typical assay-mark system. As you can see the cost of biometric technology hardware and software is expensive in itself and costs for training, design, maintenance, and security will also be incurred.CategoryDetailsCostTimeTrainingUsers, administrators$100-$1,500 per user1 hour 5 daysDesignEnsure compatibility with other systems$1,000-$4,0001 day 10 daysInstallationHardware and software purchases/configure$3,000-$50,00010 days 30 daysUser enrollment learnedness of biometrics$50-$175 per user.75 hrMaintenanceAdd/modify users$25-$200 per instance0.5 hrSecurityExtra safeguards within system to fancy privacy$500-$20,0001 day 10 daysSource (Best Practices, 2009) some other area of concern with biometrics is the fact that once a biometric image has been leaked or obtained by an unauthorized source, that image is no longer secure for use with any application (Teoh, Kuan, Lee, 2008). Authentication tools, such as passwords, keys, and identification cards have always been easily cancellable and renewable, but biometrics have been a concern because users only have, in general, one face, two eyes, one set of fingerprints, etc. (Ratha, Connell, Bolle, 2001). Although it is thorny to do, determined data thieves can extract biometric images and put them to improp er use, rendering stolen images useless in terms of security.The figure below demonstrates eight vulnerabilities of ordinary biometric systems.Source (Ratha, Connell, Bolle, 2001).Figure www.fidis.net formerly original biometric data is obtained, reproduction can easily be achieved. Attacks around the sensor may include inputting fake or copied biometric signal (point 1) or using a copy of a genuine biometric, tape with fingerprint, to bypass the sensor (point 2) (Ratha, Connell, Bolle, 2001). The other parts of the system, feature extraction method (points 3 and 4), the matching device and decision (points 4 and 8), the database that holds the biometric images (point 6), and the communication channel between database and matcher (point 7), are much harder to attack, but if successfully breached will result in the stealing or transmutation of biometric templates which cannot be replaced (Ratha, Connell, Bolle, 2001).The biggest disadvantage of biometrics is that biometric data cannot be changed or reset. For example, if a password is stolen, a new password can be created. However, if a biometric characteristic is stolen from a database, a new biometric characteristic cannot be issued. Thus, if a biometric database is compromised, that biometric used for authentication purposes cannot be used again.Finally, there is a huge privacy concern, as seen with the USs delay of implementing ATMs with biometric systems. The uncomparableness of biometric data raises this concern. There is already an enormous amount of data being collected by social networking sites, employers, the government, sell stores, medical centers, etc., Each entity may identify someone with data that can either be changed or is not solely unique to them, such as an email address or a name (Joe Smith). Thus, if the government wanted information from a retail store about a particular person, they may not be able to determine, from the retailers database, whether it is Joe Smith from Californ ia or Joe Smith from Arkansas. Currently to make data sacramental manduction possible, data would have to be diametrical with more data in order to identify the right person and then share information about that person between entities. This idea of data sharing among entities produces a fear in some people with regards to the use of biometrics because biometric data is completely unique to a person. If all these entities have biometric data, data unique to just one individual, all the entities could share data in their databases (cross-matching). For example, data collected by private company can be matched with the governments data. (Ratha, Connell, Bolle, 2001)One solution to this privacy concern is cancellable biometrics (Ratha, Connell, Bolle, 2001). Cancellable biometrics allows authentication biometric signals to be re-set if a database is every compromised. Basically, cancellable biometrics distorts a biometric signal based on a certain veer during enrollment, and conti nues to distort it the same way for every presentation and authentication thereafter (Ratha, Connell, Bolle, 2001). If biometric data is ever stolen, a new transform is used and re-enrollment is allowed (Gaddam, Lal, 2010). The following sections further explain cancellable biometrics and how it can mitigate the risks of biometric systems vulnerabilities.History of Cancellable BiometricsThe study and research around cancellable biometrics is relatively new with near research beginning around the turn of the 21st century. Although many have contributed to the field, several publications, including the Encyclopedia of Biometrics (2009) and The Journal of the chassis acknowledgement Society colligateence Nalini Ratha with the concepts that led to the creation of cancellable biometrics (Teoh, Kuan, Lee, 2008). Cancellable biometrics was conceptualized as a way to address the potential downsides and security concerns of ordinary biometrics. In order to prevent the preclusion of a biometric image, cancellable biometrics was created. The goal of cancellable biometrics is to provide biometric authentication that is not only unique to an individual, but one that also has the ability to be changed. Cancellable biometrics does not provide extra security around biometrically authenticated systems, but does provide a way to avoid losing the ability to use biometrics as an authentication method.As its name suggests, cancellable biometrics allows a biometric template to be cancelled and replaced with a new image that is based on the same biometric data, resulting in one of many possible permutations (Teoh, Kuan, Lee, 2008). According to the Encyclopedia of Biometrics (2009), cancellable biometrics allows biometric images to be reset by encoding each biometric image with a disparate distortion scheme for each application that uses the image (Lee Jain, 2009). In order to assure the security of each permutated biometric image, a unique distortion scheme moldinessin ess be used for each unique application (Teoh, Kuan, Lee, 2008). The use of a distortion scheme creates an image for storage in a database that is not an accept match to the original biometric measure, therefore changing the image is as easy as changing the distortion scheme. Next we will discuss the concepts behind cancellable biometrics that are used to increase the security of biometric authentication and to keep biometric data unique.The Concepts Behind Cancellable BiometricsThere are three criteria that a cancellable biometric template must meet in order to be useful and secure (1) each cancellable template must be used for only one application, (2) the revocation and separate procedures must be straightforward, and (3) the template computation must not be able to be reversed in order to protect the original biometric data. These three steps may also be referred to as diversity, reusability, and one-way transformation, respectively (Teoh, Kuan, Lee, 2008).Using the same bio metric template for multiple applications exposes data to the same threats that using the same password for multiple applications would. If an unauthorized user gains access to one application, access can be achieved to all applications that use the same template. When using one template for multiple applications, no matter how strong the security is for the strongest application, the security of all the applications with the same authorization template is only as strong as the weakest link.Addressing the atomic number 16 criteria, that revocation and reissue procedures must be straightforward, is as it says, straightforward. Without a straightforward way to cancel and reissue a biometric template, biometric data is subject to interception and physical alteration (Teoh, Kuan, Lee, 2008).The third criterion, that the computation of the template not be reversible, is also meant to protect the integrity and the identity of the original biometric data (Teoh, Kuan, Lee, 2008). If a co mputation can be reversed, and the original biometric data is revealed, the biometric measurement will be useless and unsecure. A popular method for creating non-invertible biometric data is to use a hasheeshing function. Due to the unique characteristics of individual biometric data, there are several guidelines that a hashing function must take into account when creating non-invertible data. For example, regarding fingerprint data, Tulyakov, Mansukhani, Govindaraju, and Farooq (2007) suggest that hashing functions should have similar hash values for similar fingerprints, different values for fingerprints that are different, that the rotation of a fingerprint should not affect the hash value, and that, if sufficient minutiae is available, partial fingerprints should be matched. Minutiae refer to uniquely identifiable points on a set of fingerprints (Tulyakov, Farooq, Mansukhani, Govindaraju, 2007).Within cancellable biometrics there are two distortion techniques that are widely r ecognized, signal human race distortion and feature ground distortion. What signal and feature domain distortion basically provide are ways to either distort a biometric image directly after acquisition or extract features from a biometric image, such as minutiae, and then distort the features, respectively (Ratha, Connell, Bolle, 2001). Signal domain distortion creates an self-directed image to be registered by a biometric reader, but still provides landmarks that can be compared to the original image, e.g. points on a persons face or eyes, for authentication. Feature domain distortion extracts template features and scrambles them, providing a sufficient technique for biometric measurements, such as fingerprints, which would be difficult to preserve accurate minutiae and a similar image (Lee Jain, 2009).How it full treatmentCancellable biometrics is achieved when a normal biometrics pattern is modified onward it is stored in an intentional and repeatable method. This change in the pattern can be initiated by several methods, however this topic is still in development and a single industry best practice has not yet been distilled. kinda of the actual values from the biometric sensor being stored, a value that is the combination of the modifier and the sensors reading is stored. In the case that the biometrics is impersonated or the database is compromised, the modifier can be changed and the user can be authenticated with the system. (Ratha, Connell, Bolle, 2001)Modifiers can be anything from a random number, a personal identification number, or even another biometric reading. The combination of these two items, similar to two-factor authentication, can create a unique key that uses both an individually unique value with the independent but derived from the biometric. (Ratha, Connell, Bolle, 2001)Once the biometric reader scans the individual, an algorithm is applied to the value. This transformation can happen in either the scanning device or post-p rocessed within the computer system before it is validated against the record within the database. These readers can be hardware devices that connect to a computer network or appliances which are self-contained. After successful verification of credentials the user is granted authentication. (Ratha, Connell, Bolle, 2001) Demo use ppt slides to explain the images and how they are distorted and stored for cancellable biometrics.Advantages of Cancellable BiometricsDifferent entities and different applications use different transforms for the same signals. This prevents the sharing between databases of different entities (Gaddam, Lal, 2010). For example, a law enforcement agency will use one transform for a fingerprint scan, and a commercial entity will use a different transform for the same fingerprint scan. This idea of diversity makes cross-matching impossible. As seen in the figure below, the merchant takes the biometric data from the customer and compares it to a transform from o ne of the transform databases associated with a particular service (Ratha, Connell, Bolle, 2001). This should ease privacy concerns as different transforms are held in different databases per entity.Source (Ratha, Connell, Bolle, 2001)Also, the authentication emcee never stores original biometrics (Ratha, Connell, Bolle, 2001). The benefit is that the risk of identity theft is significantly reduced because the transforms are non-invertible. Even if a hacker accessed a template database, there would be no way for he/she to figure out the original biometric.The reusability feature, described in the section titled The Concepts Behind Cancellable Biometrics of this paper, protects the biometric authentication process from becoming obsolete. If cancellable biometrics did not offer re-usability and data continually was compromised, theoretically, people would start to run out of body parts to use.Limitations of Cancellable BiometricsCancellable biometrics is not the solution to all of the limitations of biometrics. Cancellable biometrics provides a solution for privacy concerns and resetting issues related to biometrics. However, it does not decrease the enormous cost associated with biometrics. Also, it does not prevent the use of a copied biometric signal (Ratha, Connell, Bolle, 2001). For example, if someone found a way to obtain a copy of a fingerprint and used that copy of the genuine biometric to access a system/account/place etc., matching could be possible and access could be granted. Cancellable biometrics prevents identity theft by the use of non-invertible transforms and it increases privacy by preventing data sharing among entities because original biometric data is never stored, it doesnt prevent people from using copies of genuine biometrics. As discussed in the section Limitations of Biometrics, biometric systems are subject to attack. Cancellable biometrics does not prevent an attack, however, if a biometric database or other parts of the system are compromised, a new transform can be used for the authentication process and the hacker will not be able to obtain the original biometric. Thus it mitigates the damage, but not the risk of attack. Another limitation of cancellable biometrics is the trade-off of higher protection for higher error rates. The invertible feature increases protection of original data, but causes a decrease in recognition accuracy (Cheung, Kong, Zhang, Kamel, You, Lam). This may lead to a higher false rejection rate. A higher false rejection rate is inefficient and costly.ConclusionThe global biometric market is expected to continue growing. However, limitations of generic biometric systems may inhibit the market growth from its full potential. General limitations of generic biometric systems include enormous costs, fake enrollment, physical copies bypassing sensors, attacks on the system parts and/or database, threat to privacy of individuals, and failure to reset biometrics. Cancellable biometrics provides a solution to some of generic biometric system limitations. With cancellable biometrics, a biometric template must have three criteria (1) each cancellable template must be used for only one application, (2) the revocation and reissue procedures must be straightforward, and (3) the template computation must not be able to be reversed in order to protect the original biometric data. These three criteria, also known as diversity, reusability, and one-way transformation (Teoh, Kuan, Lee, 2008), disallow data-sharing among entities, protect the overall biometrics from becoming obsolete, and prevent a hacker from obtaining genuine biometrics. Our team believes that due to the demand for biometrics in general, cancellable biometrics has a potential market. IBM has been researching and developing cancellable biometrics. According to an article off IBMs website, luck enhance security and protect identities, several large banks have been talking with IBM about the use of cancellab le biometrics. Cancellable biometrics also is applicable to sectors of the government like the IRS, Social Security administration, and law enforcement organizations (Helping enhance security-). Thus, cancellable biometrics may grow from research and development into a marketable tool that may refresh the global biometrics market.Work Cited8.5 Biometrics. University of Leicester. Retrieved April 26, 2011 from.Citation (8.5 Biometrics)Biometric ATMs not being used in U.S. (2005, October 11). Retrieved April 25, 2011from http//www.msnbc.msn.com/id/9660429/ns/technology_and_science-security/Citation (Biometric ATMs not, 2005)Biometric Definition What Is Biometrics? Biometrics Technology Explained. (2005)Retrieved April 25, 2011 from .Citation (Biometric Definition-What, 2005)Biometrics History. (2006). Biometrics.gov. NSTC Subcommittee on Biometrics,April 18, 2011. .Citation (Biometrics History, 2006)Biometrics market expected to hit $12 billion in 2015. (2011, January 18).Retrieved April 25, 2011 from http//homelandsecuritynewswire.com/biometrics-market-expected-hit-12-billion-2015-0Citation (Biometrics market expected, 2011)Best Practices for Implementing Fingerprint Biometrics in Application. (2009).DigitalPersona. Retrieved April 25, 2011 from http//www.digitalpersona.com/uploadedFiles/Collateral/White_papers/DP-wp-appbestpractices2009-08-21.pdfCitation (Best Practices, 2009)Cheung, H.K, Kong, A., Zhang, D., Kamel, M., You, J., You, T., Lam. H-W., (n.d.). Ananalysis on accuracy of cancellable biometrics based on biohashing. Unpublished manuscript, Department of Computing, Hong Kong Polytechnic University, China. Retrieved April 22, 2011 from http//pami.uwaterloo.ca/cswkkong/publication/CheungKES2005Final.pdfCitation (Cheung, Kong, Zhang, Kamel, You, Lam)Gaddam, S.V.K, Lal, M. (2010). Efficient cancellable biometric key generationscheme for cryptography. International Journal of Network Security, 11(2), 61-69. Retrieved April 22, 2011 from http//ijns.femto .com.tw/contents/ijns-v11-n2/ijns-2010-v11-n2-p61-69.pdfCitation (Gaddam, Lal, 2010)Helping enhance security and protect identities. IBM. Retrieved April 26, 2011 fromhttp//domino.watson.ibm.com/odis/odis.nsf/pages/board.10.html(Helping enhance security-)Lee, S.Z., Jain, A.K. (2009). Encyclopedia biometrics. Retrieved April 22, 2011 fromhttp//books.google.com/books?id=0bQbOYVULQcCpg=PA175lpg=PA175dq=definition+of+cancellable+biometricssource=blots=hGzi-8vSaHsig=-nkyxjWspXze1UzIzF9BCfGPdlQhl=enei=sOWwTePoAcjXgQfM9oToCwsa=Xoi=book_resultct=resultresnum=4sqi=2ved=0CCoQ6AEwAwv=onepageqf=falseCitation (Lee Jain, 2009)Osborn, A. (2005, August 17) Biometrics History the History of Biometrics from pastto Present. Video Surveillance Systems, Security Cameras CCTV Equipment Guide. April, 25, 2011. .Citation (Osborn, 2005)Piuri, Vincenzo (2008) Fingerprint Biometrics via Low-cost Sensors and Webcams.IEEE. Retrieved April 25, 2011 from http//clem.dii.unisi.it/vipp/files/prin/2008_Conf_BTA S__ImageProcessingForFingerprintBiometricsViaLowcostCamerasAndWebcams.pdfCitation (Piuri, 2008)Prabhakar, S, Pankanti, S, Jain, A. K. (2003, March). Biometric recognition securityand privacy concerns. IEEE Security and Privacy. Retrieved April 25, 2011 from http//www.cse.msu.edu/biometrics/Publications/GeneralBiometrics/PrabhakarPankantiJain_BiometricSecurityPrivacy_SPM03.pdfCitation (Prabhakar, Pankanti, Jain, 2003)Ratha, N.K., Connell, J.H., Bolle, R.M. (2001). Enhancing security and privacy inbiometrics-based authentication systems. IBM Systems Journal , 40(3), 614-634 Retrieved April 22, 2011 from http//www.google.com/sclient=psyhl=ensite=source=hpq=Enhancing+security+and+privacy+in+biometrics-based+authentication+systemsaq=faqi=g1aql=foq=pbx=1bav=on.2,or.r_gc.r_pw.fp=f4864d47f9f205c8biw=1366bih=583Citation (Ratha, Connell, Bolle, 2001)Teoh, A.B.J., Kuan, Y.W., Lee, S. (2008). Cancellable biometrics and annotations onbiohash. Journal of the Pattern Recognition Society, 41(6 ), 2034-2044 Retrieved April 22, 2011 from http//www.sciencedirect.com/science?_ob=ArticleURL_udi=B6V14-4RBYCY01_user=513551_coverDate=06%2F30%2F2008_rdoc=1_fmt=high_orig=gateway_origin=gateway_sort=d_docanchor=view=c_searchStrId=1731821718_rerunOrigin=google_acct=C000025338_version=1_urlVersion=0_userid=513551md5=475892d68fa817e0474084b6dcd88f78searchtype=aCitation (Teoh, Kuan, Lee, 2008)The Global Biometrics Market. (2007, December). Retrieved April 25, 2011 fromhttp//www.bccresearch.com/report/biometrics-global-market-ift042b.htmlCitation (The Global Biometrics Market, 2007)Tulyakov, S, Farooq, F, Mansukhani, P, Govindaraju, V. (2007). Symmetric hashfunctions for secure fingerprint biometric systems. Pattern Reconition Letters, 28(16), 2427-2436. Retrieved April 22, 2011 from http//www.sciencedirect.com/science?_ob=ArticleURL_udi=B6V15-4PFW6247_user=513551_coverDate=12%2F01%2F2007_rdoc=1_fmt=high_orig=gateway_origin=gateway_sort=d_docanchor=view=c_searchStrId=1731826413_rerunOr igin=google_acct=C000025338_version=1_urlVersion=0_userid=513551md5=827daed9e4525f816e7cf49eaa173152searchtype=aCitation (Tulyakov, Farooq, Mansukhani, Govindaraju, 2007)Yun, W. (2003) The 123 of Biometric Technology. web Accessed 18 April 2011from www.itsc.org/sg/synthesis/2002/biometric.pdf.Citation (Yun, 2003)