The latest research indicates using a combination of biometric avenues for human identification is more effective and far more challenging Multibiometric Systems BY ANIL K JAIN AND ARUN ROSS T raditionally passwords knowledge based security and ID cards token based security have been used to restrict access to secure systems However security can be easily breached in these systems when a password is divulged to an unauthorized user or a card is stolen by an impostor Furthermore simple passwords are easy to guess by an impostor and difficult passwords may be hard to recall by a legitimate user The emergence of biometrics has addressed the problems that plague traditional verification methods Biometrics refers to the automatic identification or verification of an individual or a claimed identity by using certain physiological or behavioral traits associated with the person see Figure 1 By using biometrics Illustration by Sandra Dionisi 34 January 2004 Vol 47 No 1 COMMUNICATIONS OF THE ACM COMMUNICATIONS OF THE ACM January 2004 Vol 47 No 1 35 it is possible to establish an identity based on who you are rather than by what you possess for example an ID card or what you remember for example a password Current biometric systems make use of fingerprints hand geometry iris retina face facial thermograms signature gait palm print and voiceprint to establish a person s identity 4 While biometric systems have their limitations they have an edge over traditional security methods in that they cannot be easily stolen or shared Besides bolstering security biometric systems also enhance user convenience by alleviating the need to design and remember passwords Moreover biometrics is one of the few techniques that can be used for negative recognition where the system determines whether the person is who he or she denies to be Biometric systems can operate in one of two WHILE biometric systems have their limitations they have an edge over traditional security methods in that they cannot be easily stolen or shared Besides bolstering security biometric systems also enhance user convenience by alleviating the need to design and remember passwords Moreover biometrics is one of the few techniques that can be used for negative recognition where the system determines whether the person is who he or she denies to be modes the identification mode in which the identity of an unknown user is determined and the verification mode in which a claimed identity is either accepted a genuine user or rejected an impostor Biometric systems are being deployed in various applications including computer logins ATMs grocery stores airport kiosks and driver s licenses The successful installation of biometric systems in these ap plications does not imply that biometrics is a solved problem In fact there is significant room for improvement in biometrics as suggested by the error rates shown in the table on the next page Biometric systems installed in real world applications must contend with a variety of problems Among them are Noise in sensed data A fingerprint with a scar and a voice altered by a cold are examples of noisy inputs Noisy data could also result from defective or improperly maintained sensors for example accumulation of dirt on a fingerprint sensor and unfavorable ambient conditions for example poor illumination of a user s face in a face recognition system Noisy biometric data may be incorrectly matched with templates in the database resulting in a user being incorrectly rejected 36 January 2004 Vol 47 No 1 COMMUNICATIONS OF THE ACM Figure 1 Examples of some of the biometric traits used for authenticating an individual Gait image taken from www findbiometrics com Intra class variations The biometric data acquired failure to enroll FTE rate associated with using a sinfrom an individual during authentication may be very gle biometric trait There is empirical evidence that different from the data used to generate the template about 4 of the population may have poor quality during enrollment thereby affecting the matching fingerprints that cannot be easily imaged by some of process This variation the existing sensors is typically caused by a Spoof attacks An Test Test Parameter False Reject False Accept user who is incorrectly impostor may attempt Rate FRR Rate FAR 0 2 0 2 interacting with the Fingerprint FVC 2002 Users mostly in the age to spoof the biometric group 20 39 sensor or when sensor trait of a legitimately FRVT 2002 Enrollment and test images 1 10 characteristics are modi Face enrolled user in order were collected in indoor environment and could fied for example by to circumvent the sysbe on different days changing sensors that Voice tem This type of attack NIST 2000 Text dependent 2 5 10 20 is the sensor interoper Fingerprint Verification Competition bias csr unibo it fvc2002 is especially relevant Recognition Vendor Test www frvt org FRVT2002 ability problem during Face when behavioral traits National Institute of Standards and Technology www nist gov speech tests spk 2000 authentication such as signature and Distinctiveness While a biometric trait is expected State of the art error rates voice are used However with fingerprint face physical traits like fingerto vary significantly across individuals there may be associated and voice biometric systems The large similarities in the feature sets used to represent accuracy estimates of biometric prints are also susceptible these traits Thus every biometric trait has some the systems depend on a number of to spoof attacks oretical upper bound in terms of its discrimination test conditions Multibiometric Systems capability Non universality While every user is expected to Some of the limitations imposed by unimodal biopossess the biometric trait being acquired in reality it metric systems that is biometric systems that rely is possible for a subset of the users to not possess a par on the evidence of a single biometric trait can be ticular biometric A fingerprint biometric system for overcome by using multiple biometric modalities 1 example may be unable to extract features from the 2 6 Such systems known as multibiometric sysfingerprints of certain individuals due to the poor tems are expected to be more reliable due to the quality of the ridges see Figure 2a Thus there is a presence of multiple fairly independent pieces of COMMUNICATIONS OF THE ACM January 2004 Vol 47 No 1 37 evidence These systems are also able to meet the stringent performance