For systems integrators and dealers contemplating practical ideas to boost revenue in 2008, here is an application that can help jumpstart a winning new year: biometric access control.
There are biometric systems available today that economically meet the needs of almost any commercial access control function. If you already install card readers, then you know how to install biometrics. The key to seizing new business in this specific class of security is to be keenly aware of signs that your customer is a prime prospect for biometric technology.
Consider: If the objective of an access control system is to manage where people - not credentials - can and cannot gain right of entry, only a biometric device is truly able to provide this capability to an end user.
Using this article as a primer, security professionals who are new to biometrics sales can confidently begin educating customers on the benefits of these widely available access control applications. Topics to be discussed include the most common types of biometric technologies, selecting the right device for a specific application, and the value-added benefits beyond managing access to secure areas.
Biometrics Go Beyond Securing a Facility; Offer Cost Savings, More
Biometric technology may often be more commonly associated with highly secure facilities, such as sensitive laboratories, corporate offices, doors leading to tarmacs at major airports, and entrances to facilities where a combination of high security and convenience is desired. A plethora of more straightforward applications for biometrics systems exist as well - from family-owned restaurants to fast-food chains, community hospitals and health clubs, to name just a few.
At the root of all these systems is a device that identifies a person by means of a unique human characteristic, such as the size and shape of a hand or face, the pattern of a fingerprint, or the eye's iris.
Among its practical uses beyond enhanced security, biometrics is well suited for time and attendance; it can confirm a person's identity when clocking in and eliminate timecard fraud caused by "buddy punching." One of the biggest selling points for biometrics is it can eliminate the need for keys or cards. While keys don't cost much and dramatic price reductions have lowered the capital cost of cards in recent years, the true benefit of eliminating these venerable tools is realized through reduced administrative efforts. That's because a lost key or card must be replaced and reissued. There is a price associated with the time spent to complete this seemingly simple task, but when added up, the overall administration of a key or card system is expensive. Conversely, hands, fingers, faces and eyes are seldom lost, stolen or forgotten.
Cost effectiveness is an important point to stress to potential customers. Biometric systems are convenient for end users who otherwise don't need to worry about carrying a card or remembering endless passwords. Since biometrics require minimal operator assistance, organizations can save money by devoting customer service and other personnel to activities other than screening visitors and employees.
For those businesses and organizations that do use card systems, biometrics can offer an enhanced layer of protection. Case in point: Once a badge is lost or stolen, the time from when the badge is missing to the time it is subsequently reported, it is still alive and active in the access control system. By adding a biometric device to the access control system, a badge alone cannot be used to gain access. If your customer uses hand geometry technology, for instance, both the badge and the person's hand are required before access is granted. Thus, you have eliminated a prospective breach.
Hand, Fingerprint Readers Are Most Prevalent Types of Biometrics
Hand geometry readers and fingerprint readers account for 80 percent of biometric access control deployments. The other two technologies typically discussed in access control include face and eye technologies. Let's take a closer look at each of these variations:
Hand geometry - The size and shape of the hand and fingers is used to verify a person's identity. Hand geometry evaluates a three-dimensional image of four fingers and part of the hand, and turns this into a template that is then stored. The template must be matched by a "read" of the person's hand. Hand geometry technology was utilized for the first commercially available biometric appliance, which hit the market in 1976. It continues to be the most widely used biometric device for access control and time and attendance. Because of its low false reject rate, hand geometry is especially practical in high throughput environments of 50 to 100 people or more.
Fingerprint - Law enforcement agencies have used fingerprints for decades to identify individuals; businesses continue to do so when undergoing background checks. However, relatively inexpensive fingerprint access control readers differ from these types of devices. The FBI system takes images of all 10 fingers while an access control fingerprint product may only capture one or two fingers for verification. A template is then created in a process similar to hand geometry readers for local comparison.
Due to throughput concerns, fingerprint access control is best applied in smaller user populations, such as those found in a small lab. Because of cost savings and size, fingerprinting is a perfect choice for single person verification applications.
Importantly, hand geometry and fingerprint readers can be mixed and matched in the same system, using the same database, all the while appearing transparent to the IT system.
Face - The shape of the face - determined by distances between the eyes, the eyes and nose, and other facial characteristics - are put into a template. When viewed using a video surveillance camera, the image is matched against an existing template to verify an individual. This is a technology many are counting on in the fight against terrorism as the system could scan large crowds and/or people waiting in line, pinpointing individuals that could then be further scrutinized. In these instances, facial systems would be combined with other technologies to verify the suspect person.
Eye - An iris scanner can store in a template more than 200 traits found in a person's eye. Most experts agree that eye scanning is the most secure of all biometric technologies.
The user tilts the scanning unit so their eye appears in the center of the image capture area. This image passes to a processing unit via network wiring to be compared with the iris code on file. While the technology is quite accurate, the high cost per door unit limits its widespread adoption for general commercial applications. Throughput is also much slower than the aforementioned technologies.
No Single Biometric Technology Is a Perfect Fit for All Settings
Biometric technologies are complementary; each version meets specific needs in the marketplace. But which technology is right for your individual customer applications?
To answer this important question, a prudent course of action is to concentrate on the two most widely used biometrics. That entails ruling out facial and iris biometric technologies, since they are nearly exclusive to high security or highly specific applications. (In the event face and iris solutions are necessary for a security-intensive environment, you can bet your client's security department will eagerly specify these more complex biometrics.)
Typically, fingerprint readers offer good protection and reliability in smaller, indoor applications such as server room doors. As the user population grows beyond 100, thereby increasing the number of access transactions, hand geometry readers become the better choice. With dramatically lower false reject and failure to enroll rates, the value of hand geometry grows as the number of users and/or transactions increase. Not only do they keep the bad guys out, hand geometry readers ensure the good guys gain access in any size application. This added layer of flexibility is the reason why hand geometry readers cost a little more.
Here's the bottom line on throughput: In small applications with 50 or even 100 people, the slight inconvenience caused by the higher error rates of fingerprint readers is not a big problem. However, when 100 or more people create large numbers of transactions, such as 50,000 to 250,000 daily transactions at San Francisco Int'l Airport, it is a very big deal.
For low-volume openings, however, cost is a key consideration and fingerprint products meet that need, while adding much greater security compared to card-only configurations. For instance, a fingerprint reader is ideal for a lab area accessed by 10, 20 or 30 people. Solutions for similarly-sized applications have been a major growth area for fingerprint products. These diminutive units squeeze into small areas, like at the door to a medical cabinet.
Fingerprint readers are also a perfect choice for single-person verification applications, such as in logical access control, where they are used to log onto PCs or computer networks. In fact, this is another fast-growing fingerprint application.
Hand geometry readers are the installation choice for outdoors or harsh environments. The core technology of these units allow for operation in inclement weather, including severe temperature fluctuations. Special enclosures help fend off vandals and resist storms, while still allowing easy access for the user.
Tailor the Solution to the Application, Organizational Needs
Biometric readers can be standalone or networked and integrated easily into all popular access control and/or time and attendance systems. If a customer is using a smart card, biometric sales will naturally follow because such end users are already implementing newer and more secure technologies. They will be receptive to your biometric message.
Best of all, biometrics for the most part look just like a card reader to an access control system. Dealers and integrators need to be familiar with the differing systems.
Standalone systems - Many biometrics are available in a standalone configuration. Such devices are not only a biometric but also a complete door controller for a single door. Users are enrolled at the unit and their biometric template is stored locally for subsequent comparison. The actual comparison is accomplished within the unit and a lock output is energized depending on the outcome.
Networked systems - Many access control applications control more than one door. While multiple standalone units could be deployed, a network of biometric readers offers many advantages. The most obvious is centralized monitoring of the system. Alarm conditions and activity for all the doors in the system are reported back to the security management system. All transactions are stored on the computer's disk drive and can be recalled for a variety of user-customized reports.
Networked systems also provide convenient template management. Although a user enrolls at one location, their template is available at other authorized locations. Deletion of a user or changes in their access profile is simply entered at the PC. Some biometric systems store all information centrally where template comparisons are also performed. Others distribute template information to the individual readers at each door. Either way, the net effect of template management is the same.
Smart card systems - Integrating biometrics with smart cards is fast becoming the de facto access control solution that leading dealers are adding onto the systems they sell. As costs of smart cards are coming down and their usage is more widespread, biometric devices can leverage the secure data storage they provide.
For example, a single smart card can store both the user's ID number and biometric template. This negates the need to distribute hand templates across a network of readers or require the access control system to manage biometric templates. Therefore, integration to any existing access control application is greatly simplified, eliminating extra network infrastructure costs. Because the template only resides on the card, the solution also eases individual privacy concerns.
A smart card reader is embedded into the biometric reader. A plastic cardholder is affixed to the side of the unit. The verification process takes approximately one second and is virtually foolproof.
With the hand reader, the hand template requires only 9 bytes to define the hand, the smallest in the biometric industry. This ensures response times are fast and that the smart card can maximize its benefits by offering users increased room for other applications.
In addition, the implementation supports multiple secure applications on the smart cards. Possible applications include the storage of additional information to allow for secure logon to a PC or laptop and accessing the company's network using fingerprint biometrics.
If your customers are using or purchasing a smart card access control solution, and you haven't sold them on biometrics, you are simply leaving money on the table.
Third-party system integration - Biometric manufacturers offer a variety of methods to integrate biometrics into conventional access control systems. The most common way is "card reader emulation." This method is very effective when integrating into existing card-based systems to bring extra security to the front entrance or server room. The wiring is identical to the card reader's wiring.
In this mode, the biometric device essentially works with the access control panel the same way a card reader does. The "card reader output port" of the biometric is connected to the panel's card reader port. When a person uses the biometric, it outputs the ID number of the individual if, and only if, they are verified.
The format of the output is consistent with the card technology used by the access control panel. Once an ID number reaches the panel, it is handled as if it came from a card reader. The determination of granting access is made by the panel. The access control panel, not the biometric, handles door control and monitoring.
With this being the season for New Year's resolutions, why not make increased profits your goal for 2008? A straightforward approach to educating customers about biometric access control technologies is a good place to start.
Tips to Make the Best Biometrics Choice
The ability to choose the right biometric for a specific application will make all the difference in the success of the installation. Consider the following key issues to help ensure the right biometric is ultimately selected.
Ease of use - A biometric technology must be easy to use. The larger the population, the more critical this factor becomes. For hundreds of people, 10 extra minutes of training time per person can add up quickly, making the enrollment process a nightmare.
Effectiveness - It may seem obvious, but how well the biometric works will determine if it stays on the job. In the most basic sense, if a biometric is working properly, it does two things: It keeps bad guys out and lets good guys in. Yet, no device is perfect. Typically, much attention is given to how well bad guys are kept out; it is equally important to assure that the authorized users get in.
Throughput - A logistical issue that should be considered carefully is throughput or the total time it takes for a person to use the device. This is difficult for manufacturers to specify since it is application dependent. Most manufacturers specify the verification time for the reader, but that is only part of the equation. Most biometric readers verify identity in a second. However, when a person uses a biometric reader, they typically enter an ID number on an integral keypad, swipe a card or use proximity. The reader prompts them to position their hand, finger or eye where the device can scan physical details. The elapsed time from presentation to identity verification is the "verification time."
Jon Mooney, a 12-year veteran of Ingersoll Rand, is general manager of Ingersoll Rand Security Technologies' Biometric Business Unit. He can be contacted via E-mail at jon_mooney@irco.com .