How do we make it happen?
Our third post in the series on “The importance of optimizing all parts of a biometric system” by Peter Kollig, Senior Director of Engineering, System Architecture looks at how we make it happen.
Securing a smartcard by including a fingerprint sensor on the card itself may seem like a great idea. But the nature of such cards means you are faced with a very limited hardware capability. This means it can be difficult to make a biometric system work effectively and with sufficient speed.
To make a practical, working solution in such a severely constrained system, you need to be able to optimize the hardware components so that they work in your favor. For this to be effective, it is important to have control over as many parts of such a system as possible.
In the case of a biometric fingerprint sensor system, this means control over the two main elements; the sensor and the matcher. Other components of the card are hard to change, like the Secure Element (SE), or are an off-the-shelf commodity piece of hardware such as the Biometric Micro Controller Unit (B-MCU).
When specifying a system, customers may have their own choice of SE. Since different SEs have a variety of computing architectures and memory sizes available, this choice is a crucial one as it can significantly affect the operation and effectiveness of the system.
This isn’t the only trade-off. Different payment schemes have different trade-offs between security – in terms of False Acceptance Rates (FAR) – and convenience in terms of False Rejection Rates (FRR). These are respectively the chances that the biometric system will wrongly accept an invalid ID as legitimate or fail to spot a correct identifier and reject the transaction.
Using the hardware
In order to overcome these problems within a constrained environment, it is vitally important to utilize the limited hardware to maximum advantage. This can involve making use of any spare SRAM (Static Random Access Memory) or NVM (Non-Volatile Memory) in order to trade memory for latency, or to move functions between the SE and B-MCU, again looking for best latency when considering transfer time and execution time. Of course, in order to protect the integrity of the system, it’s essential that all this is done within the defined security constraints.
These are of course quite minute adjustments and they can only be realized if the biometric system owner is prepared to work closely with all of the eco-system players (payment schemes, SE manufacturers and customers) in the development of the system.
When considering smartcard systems, the constraints imply that standard algorithms looking at minutiae are not viable. This, therefore, forces the algorithm providers to look for different solutions to the problem. These might, for example, be ridge-based or image-based. IDEX has invested into a ridge-based matcher that provides an excellent fit for smartcard implementation and it allows the implementation of the trade-offs described above to produce a secure and reliable biometric verification system.
The previous post in our series on “The importance of optimizing all parts of a biometric system” looked at what does a good biometric system consist of?