02 - General facts


  • Description:: access types, authentication methods, history

Access types

  • authentication to authorized people so they can gather physical or logic access

    • physical access: room, building, area
      • by using face recognition or biometric recognition
    • logical access: electronic resources
      • 2FA
  • having a lot of passwords implies having a lot of problems

    • stored in a bad way
    • re-use

Authentication methods

Traditional authentication methods are based on:

  1. something one owns, that unfortunately can be lost!
    • a card, a document…
  2. something one knows
    • passwords, that can be forgotten or guessed if too easy

Biometric systems are based on someone specific characteristics: pupils, fingerprints…


  • Bertillon: chief Paris police, he was the first to use an identification pioneer, because introduced a new system of measure to identify criminals basing on common characteristics (around 1882)

    • hand shape, head shape, limbs measures, bust measure, face details…

    • the problems on this approach were: time consuming and false positives

    • each measure was divided into small, medium and large groupings

  • this method was lately adopted by USA in 1896

  • William West case: William West and Will West looks very similar. In 1903 Will West, should have been in jail, but it founds that he already was in jail because of William West.

    • when the police compared fingerprints, they looked very different, so they deprecated the Bertillon System and started to use photos and fingerprints
  • Galton introduced in 1892 the concept of minutia and tried to classify fingerprints, because they found out that two individuals are unable to have the same fingerprints.

  • every finger has unique fingerprint

    • it is impossible to capture a fingerprint unless we have a specific dedicated very high resolution camera, because there are many many details

Solutions and sec levels

  1. something you know
  2. you know+you have
  3. you have + you are
  4. you know + you have + you are

Architecture of a biometric system

  • we can only recognize people iff we have captured his data before

Enrollment vs Recognition

Enrollment is the capture and processing of user biometric data for use by system in subsequent authentication operations (gallery).

Recognition is the capture and processing of user biometric data in order to render an authentication decision based on the outcome of a matching process of the stored to current template

Probe: each template is submitted for recognition Gallery: set of templates