Fingerprint for Access ControlBy: Brian Rhodes, Published on Feb 03, 2013
Despite being touted as the next big thing for access control, fingerprint readers struggle to dethrone traditional manufactured credentials as "the" standard. Despite the promise of high-tech readers making credentials as unique and secure as individual identites, real engineering challenges exist. In this note, we examine how fingerprint readers are best used for access control.
When examining the question "Why don't we use fingerprint readers more often?" several major reasons become clear. A quick survey of biometric readers reveals these acceptance barriers:
- Cost: Fingerprint readers simply cost more compared to 'simple' commodity proximity-type readers.
- Backup Credentials: In most cases, fingerprints are not reliable enough to be used as the lone credential, and must be paired with a secondary PIN or card credential.
- Time: Scanning is not instant, and takes time. Large databases can take additional seconds or even minutes compared to traditional manufactured credentials.
- Outside Environment Impact: Not all readers are reliable in harsh weather.
If the primary desire for choosing biometric reader is convenience (ie: "I no longer need to carry a card"), fingerprint readers frequently are more problematic due to the reasons listed above. However, when the desire for fingerprint scanners is increasing security through implementing multi-factor credentials, almost no other solution is as easy to implement.
In the section below, we contrast the major differences between 'traditional' proximity style readers with biometric fingerprint readers.
When designing access control systems, most end users are surprised to learn how much more expensive fingerprint readers are compared to proximity style readers. For general contrast in pricing, the options below describe readers used in semi-protected outdoor locations (ie: a wall adjacent to an perimeter door):
- Fingerprint reader: Bioscrypt 4GXFXS cost ~$900 USD
- Proximity reader: HID ProxPoint Plus 6005 cost ~$90 USD
When the increase in cost for a fingerprint scanner is ~10 times more expensive than an equivalent proximity reader, most end-users opt for the less exotic option. Even when weighing the additional costs of credential cards (between $0.25 - $4 each), the proximity option is significantly less expensive.
Strip vs Optical
Not all fingerprint readers are the same. Like many electronic devices, quality components cost money. One defining feature that separates consumer-style fingerprint scanners and commercial-grade components are the type of reader technology used.
- Semiconductor Strip: This less expensive type of reader takes up less space, less power, and is widely used in consumer grade electronic devices. As individual fingerprints make contact with the strip, the individual features of a fingerprint make contact with the strip and register a unique 'combination'. While enrollment of an individual fingerprint is easy, the sensor is very sensitive to changes to the print, and even materials as benign as hand-lotion prove to interfere with successful reads.
- Optical Reader: This class of reader costs significant more than other options, but scans a finger on a sub-dermal level, building immunity to skin contaminants and surface cuts or scrapes. The sensor collects an 'image' of the finger, which is sent to a processor for comparison to a library of images. The end result of this process results in vastly more accurate reads, but requires the sensor itself to remain protected from harsh weather. Since many readers are used to protect outside perimeter openings, keeping this style of reader shielded is expensive and is found in high-end offerings.
Both types of readers are used in commercial products. However, most commercial offerings now use the optical readers despite the higher cost, up to 3 - 5 times more than semiconductor strip readers. (ie: ~$225 USD contrasted with the ~$900 cost of optical-based readers) End-users focused simply on price, or with very tight budgets, may choose the cheaper solution. However, understanding the practical limitations of reader performance and the constraints imposed on the users, is paramount. The image below shows a 'semiconductor strip' style door reader:
Regardless of manufacturer claims, no fingerprint reader is accurate 100% of the time. While the 'false positive' rates, or mistakenly granting access to an unrecognized finger, is practically zero, there is potential for frustrating 'false negative' reads, or improperly scanning a previously authorized finger.
Because reader quality varies, and because of frequent fluctuations in weather and the human body, a successful fingerprint scan cannot always take place. This means that some form of secondary credential must also be ready for use. Whether this is a card, PIN, or a mechanical key, the need to carry another form credential is an unwelcome surprise.
The larger the fingerprint database grows, the more processing time is required to match credentials. Because the basis of biometric credentialing is taking a 'read' and comparing it against a 'known' library of records, the size of the comparison database effects how long a read takes to register.
The delay may not be substantial compared to traditional processing delays, but the delay tolerance tends to be much shorter when a user is standing at a locked door, potentially outside in cold or dark environments. Compared to the near instantaneous process of reading and comparing a credential card, fingerprint scanners have a disadvantage.
Not only do the reader devices themselves require protection from outside weather, fingerprints themselves require similar protections. Consequences like dirty hands, cuts and scrapes to finger skin, and the age of the finger bearer all factor in how easily and accurately the print is read. Likewise, readers installed in wet or dusty environments face operating problems.
Aside from direct environment factors, there are 'indirect' considerations as well. For example, everyday accessories like gloves need to be removed in order to read a print. While a small consideration, when used in cold environments asking users to remove gloves before entry is negatively viewed. By contrast, simply flashing a plastic badge not susceptible to surface dirt, moisture, and without need to expose skin to the weather is advantageous, and most proximity style readers are available in 'potted' varieties that do not add significant cost, while making them resistant to harsh weather.
Most Common Applications
Given the special considerations for fingerprint readers, they have not replaced proximity readers as the standard, nor do they appear poised to become standard in the future. For most controlled openings, traditional credentials are not a major hinderance to users, and there is no compelling reason to 'fix something that is not broken' given the high relative cost of fingerprint readers. Because fingerprints and readers alike are subject to environmental factors, they primarily are used in 'high security' indoor applications where 'multi-factor' credentials are important.
'Multi-factor authentication' requires more than a single credential to gain entry. For example, with a traditional credential, even though it's administratively tied to one person, anyone can pick it up and gain access. However, with biometrics, not only is a valid credential required, but biometric 'proof' that you are the person issued the card is also cross-checked. For high-security locations, this extra step of validation guarantees access to certain people, and is where fingerprint readers are most often used.
However, credentialling based on fingerprints have popped up new applications for the equipment. Among the 'uncommon' applications we have found:
- Fitness Center / Gym: Members check-in based on fingerprints, replacing the old and potentially lengthy process of manually being admitted.
- Childcare Facilities: In order to retrieve children, a user must scan a fingerprint that matches the 'approved to pick-up children' list. This function is especially important given custody of children is a contentious legal issue for many people.
- Self-Service Kennels: One application we are familiar with permits access to drop off and pick up housepets based on fingerprint ID.
1 report cite this report:
Most Recent Industry Reports
The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.