What Are Biometrics?

How this measurement technology is part of your life

A close up of a hazel eye with an overlay of a computer-generated retina scanner
Many annual wellness checks include digital retinal imaging as an (optional) enhancement to comprehensive eye examinations. Anthony Lee / Getty Images

Biometrics is defined as the study and application of scientific and/or technological methods designed to measure, analyze, and/or record a human’s unique physiological or behavioral characteristics. In fact, many of us already use biometrics now in the forms of our fingerprints and our face.

Although biometrics has been used by various industries for decades, modern tech has helped it gain more public awareness. For example, many of the latest smartphones feature fingerprint scanners and/or facial recognition to unlock devices. Biometrics leverages human characteristics that are unique from one person to the next – our own self becomes the means of identification/authentication instead of having to enter in passwords or pin codes.

Compared with so called "token-based" (e.g. keys, ID cards, driver’s licences) and "knowledge-based" (e.g. PIN codes, passwords) methods of access control, biometric traits are far more difficult to hack, steal, or fake. This is one reason why biometrics are often favored for high-level secure entry (e.g. government/military buildings), access to sensitive data/information, and the prevention of fraud or theft.

Characteristics used by biometric identification/authentication are predominantly permanent, which offers a convenience – you can’t simply forget or accidentally leave them somewhere at home. However, the collection, storage, and handling of biometric data (particularly with regards to consumer tech) often brings up concerns about personal privacy, security, and identity protection.

of 03

Biometric Characteristics

A medical researcher in a laboratory examining a DNA gel
DNA samples are used by doctors in genetic testing to help individuals determine risks and prospects of developing hereditary diseases/conditions. Andrew Brookes / Getty Images

There are a number of biometric characteristics in use today, each with different means of collection, measurement, evaluation, and application. Physiological characteristics used in biometrics relate to the shape and/or composition of the body. Some examples are (but not limited to):

  • DNA

  • Fingerprints/palm prints

  • Iris/retina

  • Face

  • Vein geometry

  • Scent/odor

Behavioral characteristics used in biometrics – sometimes referred to as behaviometrics – relate to unique patterns exhibited through action. Some examples are (but not limited to):

  • Voice

  • Gait

  • Signature

  • Keystroke

  • Heartbeat

Characteristics are chosen because of specific factors that make them suitable for biometric measurements and identification/authentication. The seven factors are:

  • Universal – Each individual has to have it

  • Unique – There should be enough differences to distinguish separate individuals from each other

  • Permanence – The resistance to change over time (i.e. how it holds up against aging)

  • Collectability – The ease of acquiring and measuring

  • Performance – The speed and accuracy of matching

  • Circumvention – How easily it can be faked or imitated

  • Acceptability – The openness of people to the particular biometric technology/process (i.e. easier and less invasive techniques, such as fingerprint scanners in smartphones, tend to be more widely accepted)

These factors also help determine if one biometric solution may be better to apply in a situation than another. But cost and the overall collection process are also considered. For example, fingerprint and face scanners are small, inexpensive, fast, and easy to implement into mobile devices. This is why smartphones feature those instead of hardware for analyzing body odor or vein geometry!

of 03

How Biometrics Work

A thumb in the process of recording a print with black ink
Law enforcement agencies regularly collect fingerprints to help establish crime scenes and identify individuals. MAURO FERMARIELLO/SCIENCE PHOTO LIBRARY / Getty Images

Biometric identification/authentication starts with the collection process. This requires sensors designed for capturing specific biometric data. Many iPhone owners may be familiar with setting up Touch ID, where they have to place fingers on the Touch ID sensor over and over and over again.

The accuracy and reliability of equipment/technology used for collection help to sustain higher performance and lower error rates in subsequent steps (i.e. matching). Basically, new tech/discovery helps to improve the process with better hardware.

Some types of biometric sensors and/or collection processes are more common and prevalent than others in everyday life (even if unrelated to identification/authentication). Consider:

  • Forensic Science: Law enforcement agencies regularly collect fingerprints, DNA samples (hair, blood, saliva, etc.), video surveillance (face/gait recognition), handwriting/signatures, and audio recordings (speaker recognition) to help establish crime scenes and identify individuals. The process is frequently portrayed (i.e. dramatized with varying degrees of actual realism) in movies and television shows. You can even purchase forensic science toys for aspiring detectives.

  • Computer Security: Fingerprint scanners are a growing type of security feature to be incorporated in mobile devices – these scanners have been available (both integrated and as a separate unit) for desktop/laptop computers for years. Facial recognition, found in smartphones such as the Apple iPhone X with Face ID or any Android using Google Smart Lock, perform security actions (typically unlocking) either in lieu of or in addition to fingerprint scanners.

  • Medicine: Many annual wellness checks include digital retinal imaging as an (optional) enhancement to comprehensive eye examinations. Photographs of the inner of eye help doctors screen for eye diseases/conditions. There is also genetic testing, used by doctors to help individuals determine the risks and prospects of developing a hereditary disease/condition. Paternity tests are commonplace too (often a recurring theme of some daytime talk shows).

  • Home Entertainment/Automation: Speech recognition (different from speaker recognition, which is used by forensics to identify individuals through voice patterns) has been available for quite some time. It’s mostly applied for word recognition, such as speech-to-text , language translation, and device control. If you’ve had a conversation with Apple’s Siri, Amazon’s Alexa, Android’s Google Now, and/or Microsoft’s Cortana, then you’ve experienced the entertainment of speech recognition. Many smarthome devices can also be automated through voice activation.

  • Purchases/Contracts: If you’ve ever paid using a credit card and/or established an agreement (e.g. ID cards, bank checks, medical/insurance, titles/deeds, wills, renting, etc.) with a person/entity, you’ve likely had to sign your name. Such signatures can be examined to help establish identity and/or forgery – trained professionals are able to discern natural variations in one’s handwriting versus differences that indicate a completely different writer.

Once a biometric sample has been captured a sensor (or sensors), the information undergoes analysis by computer algorithms. The algorithms are programmed to identify and extract certain aspects and/or patterns of characteristics (e.g. ridges and valleys of fingerprints, networks of blood vessels in retinas, complex markings of irises, pitch and style/cadence of voices, etc.), typically converting the data to a digital format/template.

The digital format makes the information easier to analyze/compare against others. Good security practice would involve encryption and secure storage of all digital data/templates.

Next, the processed information passes along to a matching algorithm, which compares the input against one (i.e. authentication) or more (i.e. identification) entries saved within a system’s database. Matching involves a scoring process that calculates degrees of similarity, errors (e.g. imperfections from the collection process), natural variances (i.e. some human characteristics can experience subtle changes over time), and more. If a score passes the minimum mark for matching, then the system succeeds at identifying/authenticating the individual.

of 03

Biometric Identification vs. Authentication (Verification)

A close up of hands holding smartphones using biometric access for mobile banking apps
Fingerprint scanners are a growing type of security feature to be incorporated in mobile devices. mediaphotos / Getty Images

When it comes to biometrics, the terms ‘identification’ and ‘authentication’ are often confused with one another. However, each one is really asking a slightly different yet distinct question.

Biometric identification wants to know who you are – the one-to-many matching process compares biometric data input against all other entries within a database. For example, an unknown fingerprint found at a crime scene would be processed to identify who it belongs to.

Biometric authentication wants to know if you are who you claim to be – the one-to-one matching process compares biometric data input against one entry (typically yours that had been previously enrolled for reference) within a database. For example, when using the fingerprint scanner to unlock your smartphone, it checks to ensure that you are indeed the authorized owner of the device.

Was this page helpful?