Biometrics in Access Control

Overview

The word biometrics has its etymological roots in Greek. Bio has the meaning “life” and metrics refers to “measurement”. While biometrics have been used for decades in physical access control, emerging technologies are expanding the field and making its technologies increasingly robust. In many cases, biometric methods are chosen over traditional means of identification such as PIN numbers and passwords due to their precision and sensitivity. Biometrics systems today look at more than just fingerprints, and can include vein pattern recognition, retinal scans, hand geometry, voice ID, facial recognition, and even DNA. Here we will look at the types of biometrics sensors and systems, how they work, and where the technology is moving in the future.

              A biometric sensor is composed of a transducer that modulates a biometric signature into an electrical signal that can be processed by a computer. These sensors can read energies such as light, heat, and electrical capacity. Modern biometrics may include several sensors including IP cameras for facial recognition and microphones for voice ID. Instead of just fingerprint scans, some devices are made to scan the unique pattern of veins under the hand.

              These biometric access control systems are classified broadly into two types: Physiological Biometrics and Behavioral Biometrics. The physiological methods include the techniques looking at the unique signatures of the human body. Behavioral biometrics is a newer technology that uses analytics to identify based on keystroke, personal name signature, and the cadence of one’s voice.

Fingerprint Recognition

              Modern fingerprint techniques use a specialized program to look at features such as arches, whorls, the outlines of edges, and the minutiae and furrows of the fingerprint. Three ways of matching a fingerprint exist:

Minutiae Based: a digital representation of the fingerprint plane including a set of points are stored on the computer and matched against the corresponding points on the finger.

Correlation Based: an overlay of the fingerprint is matched against the scan and the association between pixels is calculated.

Ridge Feature Based: similar to minutiae based matching, this novel technique is useful as a confirming measure alongside the other methods.

              To capture the prints, optical sensors use a CMOS image sensor; transducer technology which uses thermal, capacitive, piezoelectric sensing. Ultrasound sensors can also be used. In this method, acoustic signals are sent by transmitter near the finger with the signals reflecting back and captured for processing. The fingerprint method has advanced over the years and has multiple levels of redundancy. This makes it a viable means for safeguarding entry to doors, keeping track of and restricting access based on identity, and even managing computer logins. Some banks are even employing fingerprint scans on ATMs.

  

Facial Recognition

              This technology has only recently become viable as machine learning has enabled computer vision techniques considered impossible a decade ago. These systems work by comparing over 80 “nodal points” on the human face including length and width measurements of the nose, cheekbones, eye sockets and more. These systems store this data as a “face print”. While not presently in widespread use as an access control method, the technology is used on phones reliably and on social media sites to tag photos. Because other measures are more precise for access control, facial recognition today remains in the realm of personalized advertising and smartphones.

Voice Recognition

              Voice Identification technology combines physiological and behavioral biometrics captured by speech processing tech. These programs measure nasal tone, frequency, inflection and cadence. Conversational technique and vocabulary form the behavioral component. This technology is generally not used outside of smart phones and government surveillance programs. For example, the NSA has built a bank of “voice prints” on an unknown number of people.

Signature Recognition

              This method leans towards the behavioral biometric approach. Here, a program is used to analyze the physical activity of signing a signature by hand. Pressure applied, speed and stroke order are measured and compared to visual images of the signature. Two methods exist: Static and Dynamic.

              Static mode involves the system taking an image of the signature written on paper and examining its shape. Dynamic mode has the user write the signature on a tablet where it is digitized and analyzed in real-time.

Moving Forward

              As we move into a new decade, we can expect access control to grow as an industry with biometrics in tow. With these technologies paired with machine learning, their accuracy will increase with time and become increasingly reliable. The advantage of biometrics techniques is that unlike a password or PIN, they cannot be stolen or copied easily. They remove security risks such as password sharing and enhance accountability. It is possible that we may reach a point where these technologies become so accurate that passwords will be made a secondary measure or obsolete altogether.

 

Security Technology of South Texas is happy to offer custom access control and surveillance solutions with video analytics to the greater South Texas area, designed either turn-key and from the ground up, or integrated into an already existing series of cameras.

Please contact us through email at admin@gostst.com on our website or via phone at 210-446-4863  24/7 to schedule a consultation.

Intelligent Video and Machine Learning

 

ML “Machine Learning”

Although we are still likely many decades away from anything considered close to “true AI”, many cameras and analytics systems are marketed and sold as being AI-driven or otherwise enriched through machine learning. While some of this is undoubtedly just marketing, there is truth to the notion that data analytics is making an impact in the field of video surveillance.

The ideas behind machine learning reach back into the earliest days of computer science, but only recently (within the last 5-10 years) has both the volume of data and processing power necessary become affordable enough to start making real strides. There are of course the famous industry examples like Google’s DeepMind and IBM’s Watson, but even without access to supercomputer hardware like that there are still many useful things that can be accomplished with a strong, stable connection to the cloud and a quality camera to create good data for analytics to process.

 

As they employ a subset of Artificial Intelligence, it would be more accurate to refer to these “smart” devices as Machine Learning, (ML) devices, that is if ever the average consumer becomes weary of the term AI being thrown around every industry from phone apps to kitchen appliances.

The way this type of technology works is through building a mathematical model using sample data, sometimes referred to as “training data”. This model is used to make predictions or decisions without the need for a programmer to directly intervene in the process. Machine learning is particularly important in the field of “Computer Vision”, the science and technology behind a computer’s processing and analysis of images and video. Because of this, ML has come to reflect a considerable portion of industry leading video surveillance and analytics systems. Historically it has been impossible to use conventional algorithms to perform such a task effectively.

Instead of trying to answer the question “Can we build machines that think?”, ML proposes that we try to “build machines that do what we (as thinking entities) do”.

 

“Smart” Cameras

Here we will take a look at the effect of this emerging technology and its practical application in video surveillance and analytics.

Let’s take a look at what exactly is possible using intelligent video. Smart IP cameras are able to classify the objects they see on their own. Objects entering or leaving the scene can be identified as a person, car, bike, truck, or other object. Because the camera can differentiate objects, it can be told to only alert in the case of a break-in, ignoring things like leaves in the wind or animals wondering through. New low-light cameras allow color-filtering even in scenes with very little ambient light. Even at night, color detection is possible in this way.

Alarm detection can be set to be even more specialized. Rules can be configured to look for specialized behavior patterns such as fighting, running, loitering, path following, abandoned luggage, entering an area, and more. The alarm engine in each camera coordinates with the others in a logical way to interpret this information and determine threat status. All this allows for a very robust alarm condition solution and prevents false and missed alarms.

What’s more, stored metadata enables forensic analysis at a later time. This means that retroactive searches for a specific car or person is possible even if it was not a determined item of interest until well after the event was recorded. Metadata is compact and only barely adds to the size of recordings. It is quick and easy to search through to find a specific event.

 

The logical next step is to continue to improve analytics for video metadata until we approach 100 percent practical use. Predictive analysis of human traffic patterns can predict shoplifting and identify potential events before they take place, and the more data that can be made useful the more accurate these types of predictions will be.

The same technology can monitor customer dwell time at different displays in a store and determine the effectiveness of in-store advertising and product locations. Analyzing customer engagement with these displays can help increase customer engagement with products and lead to increased sales and revenue. As the IoT expands, this type of technology will be more and more critical as there will be many more points of data to analyze. There is no way to fully anticipate the eventual effects this will have on our industry or the world at large.

 

Even though huge volumes of video data are collected every day, most statistics indicate that only 10 percent of this data is ever used. The majority of data collected loses its value very quickly after being generated. The reason for this? Our primary focus tends to be delivering the correct information in a crisis or providing it as evidence after criminal activity has taken place. This causes much data to be “wasted” in the sense that we lose out on the opportunity to perform useful analytics.

Video analytics is an increasingly powerful tool. It helps to improve usability of these vast amounts of video information. Analytics software acts as the “brain” of a surveillance system and is built into IP cameras themselves or processed in separate computing infrastructure. This creates a smarter system that “knows” what it sees and alerts guards to potential threats as soon as an alarm rule or condition is met. Analytics gives operators the chance to act faster and more efficiently with better intel.

 

ML Analytics is like an ever-vigilant system operator within the security system itself. Content analysis information, a form of video metadata, is stored as well. As they reduce operating costs and increase efficiency, intelligent cameras deliver a solid return on investment which can be measured in tangible results to the business or other setting in which it operates.

 

Security Technology of South Texas is happy to offer custom access control and surveillance solutions with video analytics to the greater South Texas area, designed either turn-key and from the ground up, or integrated into an already existing series of cameras.

Please contact us through email at admin@gostst.com on our website or via phone at 210-446-4863  24/7 to schedule a consultation.

Intelligent Video

As brick and mortar companies continue to drive the level of competition up in the retail market space as they compete against online companies offering free shipping and very low prices, they must seek every possible advantage so as to grow their revenues while still addressing conventional security threats such as inventory loss through internal and external theft, also known as “shrinkage”.

Fortunately for those working in a retail space, the security industry has developed products allowing for greatly enhanced security in addition to a whole range of features that are useful in tracking customers and streamlining various processes. There are five key areas associated with the concept of “Intelligent Video”: People counting, traffic pattern analysis, customer satisfaction, the reduction of theft, and monitoring the exterior. Here we will look at these aspects of “Intelligent Video”, more commonly known as analytics enhanced video surveillance.

 

Unlike a company that operates strictly online, traditional storefronts have a difficult time determining just how many people visited their location each day. Counting visitors can enhance efficiency and make it easier to make decisions which could affect conversion rates and per-customer transactions. Cameras at the entrance should use WDR or “Wide Dynamic Range” so as to bring the clearest images to the analytics software.

Using analytics to monitor and analyze traffic patterns can involve heat mapping, which visually shows a hot and cold flow on screen based on customer flow. Regional people counting analysis helps show how people move through the store. Data like this can be used in determining where to place products, how high on the shelf, and etc. This software can also show how much visitors look at any particular display. Ultimately, all this data can be combined to get a very clear picture of what your customers do on average, and therefore what your best options are for the store.

 

As far as improving customer satisfaction goes, it simply follows from the implementation of changes based on analytics information. Line times can be reduced or eliminated in the store. On a broad scale, analytics will determine how many people to bring onto staff on any given day and what hours they should work. HD cameras can also be used to individually capture transactions at the register.

As for reducing theft, a wide range of options is available. IR cameras for very low light areas to motion detection or more advanced tech such as tripwire or removed object analysis will enhance overall effectiveness in managing inventory and reducing theft. PTZ (Pan, Tilt, Zoom) cameras are useful in monitoring the exterior of the building. Having a camera for every corner and corridor also eliminates the possibility of false injury claims and confirms facts in the case of a burglary.

 

One offering for upgrading existing systems comes through a company called Avigilon. Avigilon is a Vancouver based security equipment designer and manufacturer, perhaps most well known for the software they have developed to analyze raw video data, with no input other than the pixels streamed through an HD camera setup.

“Open Video Management” using what they term “Self-Learning” video analytics is the cornerstone of any modern video analytics solution. The company also manufactures several lines of high quality HD cameras and access control gear, but it is not a requirement that all equipment be from Avigilon. Avigilon analytics is performed on-site with a proprietary set of hardware and software, and is effectively limited only by the quality of the video input.

When combined, the elements of a professionally installed video analytics system work in concert to reduce risk and bring new potential to a business.

 

Security Technology offers the integration of security solutions such as these, along with analytics to get the best overall picture of what goes on in your storefront.

Please contact us through email at admin@gostst.com on our website or via phone at  210-446-4863   24/7

Sources: Security Today Magazine

IoT Moving Into 2020

 

The term “Internet of Things” was coined in 1999, gaining significant traction in 2011 after a report by Gartner added it to a list of emerging technologies. As more companies worked on advancing and creating new applications for IoT, the technologies involved gained ongoing global coverage. In its inception people often referred to the IoT as “embedded internet” due to its increasingly pervasive nature and presence in many aspects of our lives. Of course with any emerging technology there are associated risks, and these threats will grow and evolve as the technology does. In this article we will look into these risks, where IoT is moving, and the ways in which organizations are mounting defenses for their networks.

 

IoT is an umbrella term to include all devices with IP addresses connected to the internet. There are presently five types of IoT applications.

These include:

  • Consumer IoT–e.g. Light fixtures, connected thermostats and alarms, and systems such as Nest

  • Commercial IoT–these applications include healthcare and transport, connected pacemakers and other medical implants or wearables, and vehicle to vehicle communication

  • Industrial IoT–including network connected control systems, smart agriculture, and big data

  • Infrastructure IoT–this aspect of the IoT deals with network connectivity of smart city applications such as surveillance cameras, facial recognition, and traffic analysis devices

  • Military IoT–including application of IoT technologies in the military and police, to include network connected robotics and wearable biometrics for police and infantry

 

The technology underpinning the IoT allows users and systems to connect seamlessly to a wide array of networks and expands connectivity between physical and digital systems. With organizations and governments prioritizing this move into the cloud, the technology and protective measures must race to keep up with demand.

The number of IoT devices worldwide have been growing at a rapid pace from the late teens:

  • 2018–7 billion IoT devices

  • 2019–the number of devices more than triples to over 26 billion

  • 127 Devices are connected to the web every second

  • By 2025–more than 75 billion devices are expected to be connected

 

In the year 2020 it is predicted that 93 percent of enterprises will adopt IoT technology, 90 percent of cars will be web connected using IoT technology, and 3.5 billion cellular IoT connections will be installed.

 

According to the 2018 Open Web Application Security Project (OWASP), the most significant vulnerabilities for IoT technology include:

 

  1. Weak, guessable, or hardcoded passwords—such as short, simple, and publicly available passwords.

  2. Insecure or unneeded network services—which are installed on the device and may expose data such as sensitive and financial information to theft and eavesdropping.

  3. Insecure ecosystem interfaces—external interfaces that connect to the device. The connection may compromise the device and its components.

  4. Lack of secure update mechanism—such as un-encrypted data moving from outward sources towards the device, and poor security monitoring.

  5. Use of insecure or outdated components—such as open-source and third-party components that weren’t scanned for vulnerabilities.

  6. Insufficient privacy protection—failure to protect private information that is stored on the device and connected ecosystems.

  7. Insecure data transfer and storage—such as the lack of access control and encryption during the movement of data.

  8. Lack of device management—on devices deployed in production; results in poor security support.

  9. Insecure default settings—the inability to fix insecure settings creates exploits in devices and systems.

  10. Lack of physical hardening—creates a larger attack surface, which threat actors can leverage to take control of a device or system.

More IoT components mean a greater attack surface is exposed. The more points connected to the network, the greater the risk. Endpoint Detection and Response (EDR) tools can be employed to monitor endpoints and send alerts for critical security events. It is also important to scan devices before allowing connection to your network in order to prevent the introduction of vulnerabilities. Vulnerability scans on a regular basis help to ensure the health of the network.

It is also important to segregate network infrastructure to allow least exposure to the internet. This can be done by creating a dedicated network for IoT with limited access.

Moving into the new decade we can expect IoT devices to become more and more embedded in many aspects of our lives, both personal and professional. The technology enables a move towards digital transformation with many industries moving into the cloud. From the protection of personal devices to the defense of an entire network, it is critical that IoT security be taken seriously. With more connectivity comes increased risk of exposure. The more we entangle the physical and the digital, the more real the results of an attack or security leak become.