This paper examines identification methods used in physical security systems to control employee access to facilities. It begins with passcards as a low-security baseline, then evaluates a range of biometric technologies—including retina scans, iris texture, fingerprints, facial recognition, voice recognition, gait analysis, and handwriting analysis—assessing their uniqueness and non-transferability. The paper discusses why organizations favor combining multiple methods for stronger protection and acknowledges the emerging IT security concern that biometric data files themselves may be compromised. It concludes that biometrics have become mainstream due to their widespread adoption in consumer and border-control contexts.
In a physical security system, there are a number of different ways to identify employees for the purpose of granting them different levels of access to parts of a facility. In many instances, a combination of methods will be used for maximum effectiveness. Understanding the strengths and weaknesses of each approach is essential for designing a robust physical security strategy.
Passcards are usually one of the lowest levels of identification. They are easy to create and implement, but they have a key weakness in that they are transferable. Because a passcard can be handed from one person to another, it offers only the lowest level of security and provides no reliable way to confirm the identity of the person presenting it.
Because of this weakness, security professionals look at things that are unique to an individual but are not transferable. This typically involves some form of biometrics — retina scans, iris texture scans, fingerprints, facial recognition, voice recognition, or even the shape of one's ear (Moren, 2014). Things like body shape and gait recognition have also been explored as a means of identifying a person based on what are presumed to be unique physical traits (Boulgouris et al., 2005). There have also been attempts to utilize handwriting analysis as a form of biometric identification, based on analysis of texture (Zhu, Tan, and Wang, 2000).
Retina and fingerprint scans are among the more common biometric methodologies in use. Both are long-established technologies that are relatively inexpensive and relatively reliable. They are not entirely foolproof, however, which is why many organizations prefer to utilize more than one method.
Because no single identification method is infallible, many companies choose to layer multiple approaches — for example, combining a swipe card with a retina scan, or requiring two distinct biometric readings. This multi-method strategy compensates for the individual weaknesses of each technique and raises the overall difficulty for anyone attempting unauthorized access.
"Biometric data files can be compromised by attackers"
Most organizations are moving towards biometrics because they are effective. The fact that fingerprints and facial recognition are in common use — at borders and on consumer electronic devices — has made biometrics mainstream, and companies are taking advantage of this broad adoption to increase their use of such secure identification techniques.
You’re 63% through this paper. Sign up to read the remaining 1 section.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.