What are biometrics and biometric solutions?

Biometrics refers to a system which measures the unique physiological characteristics of a given individual for the purpose of reliable identification.

Samsung devices that support biometric measurements and the Samsung Pass product are designed to help individuals and enterprises benefit from reliable identity authentication.

Will users accept biometric authentication?

A 2016 survey of 4000 consumers across the US and UK by Gigya revealed that 52% of participants prefer a modern authentication solution to a traditional login and password.

This preference isn’t based solely on the convenience of biometric authentication. 80% of these users also believe that biometric authentication is more secure than logins and passwords.

Users are also moving away from desktop systems and increasingly using their mobile device to access their information. The website smartinsights.com includes research that shows how fast mobile devices have overtaken traditional devices.

The characteristics of a good biometric measurement

Biometric measurements provide a convenient and powerful alternative to traditional authentication. With biometric measurements, users don’t have to remember abstract strings of values.

In order for a biometric measurement to be an effective means of identifying the user, it must have the following characteristics:

  • Reliability – results of the measurement must be correct. If the measurement cannot consistently identify the user, then the measurement is not reliable, and therefore, not useful.

  • Repeatability – hardware and software must provide the same data with every measurement of a given biometric characteristic. For example, the same fingerprint must be identified as the same in every measurement.

  • Convenience – hardware and software must be affordable, easily available, simple to use, mobile, and must provide results on demand.

  • Stability – the measured biometric characteristic must not change over time, based on their health, or as a result of stress.

Based on these considerations, Samsung has focused on fingerprint authentication and iris recognition.

Fingerprint authentication

Perhaps the most well-known biometric measurement is the human fingerprint.

Perhaps the most well-known biometric measurement is the human fingerprint.

Authorities correctly identified individuals using fingerprints as long ago as the late 19th century. The reason it is possible to uniquely identify an individual is that fingerprints are comprised of ridges and valleys which intersect at various points. These points of intersection can be identified and cataloged uniquely for each print.

Biometric authentication uses this data as the basis for a unique algorithm. Fingerprints have proven to be durable – they can identify an individual over an entire lifetime. This is why a fingerprint scanner can re-create the algorithm for a given fingerprint by re-scanning the finger.

Iris recognition – only through Samsung Pass

Iris recognition technology provides another convenient, non-invasive method of authenticating a user based on the iris in each eye.

Iris recognition technology provides another convenient, non-invasive method of authenticating a user based on the iris in each eye.

The iris is one of the few internal organs which is clearly visible from outside the body and is remarkably stable over time. The iris expands and contracts to control the amount of light which enters the eye.

Samsung devices, which support iris recognition, use near infrared optical technology to capture a detailed image of a user’s iris. It is currently only possible to authenticate the user’s identity with an iris scan by using Samsung Pass.

Just as with fingerprint biometrics, the data from the iris image serves as the basis for a unique algorithm. The algorithm can be reliably re-applied to identify an individual due to the stability of the human iris.

Iris recognition should not be confused with retina scans. Retina scans use the vascular structure at the back of the eye to identify an individual.

What about user privacy?

The Samsung Pass software does not share or distribute the biometric measurements of any users. The biometric measurement is used to seed an algorithm which generates a Binary Large OBject (BLOB).
The BLOB is encrypted and only accessible in the TrustZone.

Furthermore, the software which captures the image from the device camera is provided by Samsung so there’s no connection with the operating system. This way, Samsung ensures the image is handled securely.

Who makes the actual decision to use biometrics?

It is up to the device user to switch from a traditional login and password to biometric measurements. Samsung Pass provides the tools and support for an enterprise partner to incorporate this functionality into their customer-facing app.