Verification vs. Identification — The
Distinction
You will often come across the terms ‘verification’ and ‘identification’ which
are sometimes confused when people are discussing biometrics.
The majority of available devices operate in verification
mode. This means that an identity is claimed by calling
a particular template from storage (by the input of
a PIN or presentation of a token) and then presenting
a live sample for comparison, resulting in a match
or no match according to predefined parameters. Thus
a simple one to one match that may be performed quickly
and generate a binary yes/no result.
A few devices claim to offer biometric identification
whereby the user submits his live sample and the system
attempts to identify him within a database of templates.
A more complex one to many match which may generate
a multiple result according to the number and similarity
of stored templates.
Imagine a scenario whereby you have 750,000 templates
stored in a database. The user presents his live sample
and the database engine starts searching. Depending
on how tightly you define the likeness threshold parameter, the search may result
in 10000 possible identities for your user - now what do you do? You may be able
to apply filters based upon sex, ethnic origin, age and so forth in order to
reduce this list to a manageable size, if indeed you can capture this information
from the user. You may still end up with a sizeable list of potential identities.
Of course, in a smaller database this becomes less of a problem, but it is precisely
with large databases that this functionality is typically sought.
All of this assumes that the system can indeed function
as claimed in identification mode. Certain devices
have been demonstrated to work well in this manner
with small databases of tens of users, but the situation
becomes very complicated with databases of even a few
hundred. The mathematical probability of finding an
exact match within such a database is extremely slim
(to say the least). A large database, such as might
be the case with travellers across borders for example,
would be almost impossible to manage in this manner
with current technology. We haven’t even considered the time taken to search such a database and
the impact of multiple concurrent users.
For these and other reasons, one should exercise extreme
caution when considering biometric ‘identification’ systems. Whilst one can readily understand
the attraction of this mode of operation, it has to date rarely been successful
in practice, except in small scale carefully controlled situations.
Verification systems on the other hand are straightforward in operation and may
easily be deployed within a broad cross section of applications, as indeed has
been the case.
|
