Access control is nothing new. For as long as people have had doors, there has been someone protecting that door, or keys to lock it. This has evolved into pin pads, card/fob readers, electric locks, and video monitoring. Depending on the level of security required, different types of access control are deployed to limit access to certain places and things to only those who are authorized.
In recent years, there has been an emergence of new technologies as the demand for more secure solutions has spiked – the traditional forms of access control in keys, PIN’s and cards simply do not meet the current security levels that enterprises demand. Today, the most advanced form of access control is biometrics – the unique attributes of each person such as fingerprint, face, eyes or voice.
While traditional means may limit access to those that are authorized, the key, fob, card or PIN is just a physical extension of a person, and therein lies its weakness – that it can be stolen, lost, or shared. Biometrics has emerged as a way to confirm the rightful identity of the person requesting access.
But let’s take a step back – When and how did biometrics emerge as another form factor? Is it here to stay?
Feel free to click the video below to get some context when it comes to the applications of Biometrics as an enterprise security solution:
The Early Years
Popular in law enforcement, biometrics in the beginning were mainly used for crime detection and criminal records. Since the main purpose and use of biometrics was to match fingerprints and handprints to tie to criminal records, biometric data was taken and stored in the form of an image or recording.
There were limitations on usage, and users were reluctant to give up their biometric identities, especially with the assumption that their templates would be stored in such a manner that didn’t properly protect them from fraud. It meant giving up control of their information.
The result? A general perception of fear, “…well, it’s easy to replace a stolen credit card or password, but I won't be able to 'cancel' my fingerprint and get a new one if my fingerprint is lifted."
People didn’t really consider biometric technology outside of crime identification because of the way that biometrics were captured and stored.
The Impacts of 9/11
The first major set of advancements in biometrics was brought on by the horrific events that took place on September 11th, 2001.
In the harshest way possible, government agencies were forced to understand and accept the importance of security – the security of who exactly is boarding planes, overseeing important infrastructure projects, and the degree of certainty that people really are who they say they are.
In the aftermath of 9/11, there was an immense drive for the implementation of biometrics into various government agencies, enterprises, industries, airports, laboratories, and other high security areas.
This is largely due to the fact that advanced software algorithms have emerged, essentially allowing for biometrics to be stored as a template or a mathematical representation of a biometric data versus an actual image. If a hack were to occur, the hacker would be in the possession of a series of 0’s and 1’s.
Having said this, there remained a lack in the quality of accuracy and speed, and as fraudsters became versed in the technology, the risk of spoofing biometrics and hacking of personal information was on the rise.
The company that really pushed the biometrics industry into greater acceptance and widespread adoption wasn’t even in the biometrics industry. It was Apple. In 2014, Touch ID was introduced and the idea of biometric security as part of everyday life became normalized to the average person.
This was a big enabler for the biometrics industry to take off, but with the increased convenience that came with mobile biometrics, it also brought about the awareness that there needed to be a balance with increased security. Touch ID wouldn’t cut it for physical access to high security buildings, applications and areas.
In the physical security world, competition and innovation has led to greater accuracy, speed, convenience and security. Biometric devices for access control are now highly advanced and have come down significantly in price with some models being compared to card readers.
The technology also provides much faster matching speeds and significantly decreased error rates. Consistent innovation has also limited the susceptibility of fraud to nearly zero.
What else is new? The way the technology is deployed. One of the biggest pains with biometrics for access control is that the technology was developed in tandem of innovations with access – the two systems didn’t speak the same language. Biometrics can now also integrate into legacy access control systems, which is a key to cost saving, implementation and user onboarding in legacy security systems.
Where Are We Going?
We will continue to see innovations in biometrics for access control. From the largest and most secure installations, to the phone in your pocket, the potential for controlling access with biometric data is essentially limitless and is being deployed at all scales as adoption rates and technology continually increase.