Securitybestpracticesand Use Cases Inawsidentityandaccess
Biometric recognition and authentication systems Pages Page 12 of 13 Example use cases Introduction The examples in this section are intended to help you develop an understanding of common uses for biometric technologies. You should not see the examples as models for your own projects. Instead, as you read through them, you should begin to see the areas where biometrics may be of use within your own scenario.
In each case, once the purpose of the biometric has been properly outlined, careful consideration is given to determining the most practical and efficient tools given the specific operating conditions. Phone unlock One of the most common uses of biometric authentication today is in unlocking mobile phones and other devices. A range of modalities can be found as standard on mobile devices and have become widely accepted as a means to unlock them.
Fingerprint recognition was among the first biometrics promoted on mobile devices but not as a security feature, rather, as a convenience factor. But, over time, the use of a biometric system in this context has only subsequently come to be seen as a security feature. This change in purpose has led to increased emphasis on the evaluation of the performance of the technology. Protection of personal biometric data is good. Without being exposed at any point, sensitive biometric data is encrypted on the device and stored using secure hardware-backed storage.
This approach makes the data non-recoverable. It is interesting to note that the use of a biometric to unlock a phone screen has become popular as a security feature largely because it is easier to use than a 4 or 6 digit PIN. It is by providing a more convenient method for achieving the security benefit that the uptake and acceptance of biometrics in such applications has been so successful.
App access An increasing number of online applications use the biometric capability of mobile devices to authenticate identity in support of either log-in, or transaction processing. In this case there are two options open to the developer. First is to use the secure biometric modality that's integrated into the device, such as a fingerprint sensor linked to the hardware security features of the host device. Here, the response from the device/API is typically limited to 'pass' or 'fail'.
Alternatively, a biometric can be captured using one of the device’s other sensors - camera for face or microphone for voice. This information can then be transferred for more complex remote processing. This makes the service provider responsible for the security of the biometric data, and allows for the updating of algorithms used to process it. Remote processing means that biometric data, which is always considered as personally identifying information (PII), will be transmitted over potentially insecure links and stored (at least temporarily) at a remote site.
The added responsibility for protection and destruction, along with the increased liabilities of the PII data, must be considered in the design of the system. Automatic border control (eGates) The existing security processes for passengers travelling by air involve a number of touch points at which they are required to either identify themselves, or confirm a previously-asserted identity. The physical examination of documents (i.e. passports) is the most common method used. There is, however, a strong push to improve the efficiency of the travel experience.
This reflects the need to support greater throughput of travellers and to ensure that expensive security resources can be focused on the cases where they are needed, allowing a more relaxed experience for the majority of travellers. Many airports are now using automated facial recognition at Border Control to compare the face of the passport holder to the face displayed on the passport. Call centre Identity verification when contacting a call centre readily lends itself to the use of voice biometrics because the communications channel already captures voice information.
Call centres also have access to the number from which the call is made, such that only one or a small number of known voices can be expected for each phone number. These systems generally use text dependent speaker recognition, meaning that a repeated pass phrase is used to verify the caller's identity. It would be necessary to have an initial enrolment process, where the digital identity is established. Care needs to be taken that this is not targeted by attackers.
People Also Asked
- Free OnlineUseCaseDiagram Maker
- Exampleusecases| National Cyber Security Centre - NCSC.GOV.UK
- Unique Personalservice -CaseStudy | TIMIFY
- OnlineUseCaseDiagram Tool
- Security best practices and use cases in AWS Identity and Access ...
- Security best practices and use cases in Amazon Identity and Access ...
- AWS IAM Policy Insights from Real-World Use Cases | MoldStud
Free OnlineUseCaseDiagram Maker?
Biometric recognition and authentication systems Pages Page 12 of 13 Example use cases Introduction The examples in this section are intended to help you develop an understanding of common uses for biometric technologies. You should not see the examples as models for your own projects. Instead, as you read through them, you should begin to see the areas where biometrics may be of use within your o...
Exampleusecases| National Cyber Security Centre - NCSC.GOV.UK?
This approach makes the data non-recoverable. It is interesting to note that the use of a biometric to unlock a phone screen has become popular as a security feature largely because it is easier to use than a 4 or 6 digit PIN. It is by providing a more convenient method for achieving the security benefit that the uptake and acceptance of biometrics in such applications has been so successful.
Unique Personalservice -CaseStudy | TIMIFY?
Biometric recognition and authentication systems Pages Page 12 of 13 Example use cases Introduction The examples in this section are intended to help you develop an understanding of common uses for biometric technologies. You should not see the examples as models for your own projects. Instead, as you read through them, you should begin to see the areas where biometrics may be of use within your o...
OnlineUseCaseDiagram Tool?
In each case, once the purpose of the biometric has been properly outlined, careful consideration is given to determining the most practical and efficient tools given the specific operating conditions. Phone unlock One of the most common uses of biometric authentication today is in unlocking mobile phones and other devices. A range of modalities can be found as standard on mobile devices and have ...
Security best practices and use cases in AWS Identity and Access ...?
This reflects the need to support greater throughput of travellers and to ensure that expensive security resources can be focused on the cases where they are needed, allowing a more relaxed experience for the majority of travellers. Many airports are now using automated facial recognition at Border Control to compare the face of the passport holder to the face displayed on the passport. Call centr...
'/><text x='50%' y='52%' font-family='Arial,Helvetica,sans-serif' font-size='44' fill='white' text-anchor='middle' dominant-baseline='middle'>Gombloh</text></svg>)
