4 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, VOL. 14, NO. 1, JANUARY 2004
An Introduction to Biometric Recognition
Anil K. Jain, Fellow, IEEE, Arun Ross, Member, IEEE, and Salil Prabhakar, Member, IEEE
Invited Paper
Abstract—A wide variety of systems requires reliable personal
recognition schemes to either confirm or determine the identity
of an individual requesting their services. The purpose of such
schemes is to ensure that the rendered services are accessed only
by a legitimate user and no one else. Examples of such applications
include secure access to buildings, computer systems, laptops,
cellular phones, and ATMs. In the absence of robust personal
recognition schemes, these systems are vulnerable to the wiles of
an impostor. Biometric recognition or, simply, biometrics refers
to the automatic recognition of individuals based on their physi-
ological and/or behavioral characteristics. By using biometrics, it
is possible to confirm or establish an individual’s identity based
on “who she is,” rather than by “what she possesses” (e.g., an ID
card) or “what she remembers” (e.g., a password). In this paper,
we give a brief overview of the field of biometrics and summarize
some of its advantages, disadvantages, strengths, limitations, and
related privacy concerns.
Index Terms—Biometrics, identification, multimodal biomet-
rics, recognition, verification.
I. INTRODUCTION
H
UMANS have used body characteristics such as face,
voice, and gait for thousands of years to recognize each
other. Alphonse Bertillon, chief of the criminal identification
division of the police department in Paris, developed and then
practiced the idea of using a number of body measurements to
identify criminals in the mid-19th century. Just as his idea was
gaining popularity, it was obscured by a far more significant
and practical discovery of the distinctiveness of the human
fingerprints in the late 19th century. Soon after this discovery,
many major law enforcement departments embraced the idea
of first “booking” the fingerprints of criminals and storing it in
a database (actually, a card file). Later, the leftover (typically,
fragmentary) fingerprints (commonly referred to as latents)
at the scene of crime could be “lifted” and matched with
fingerprints in the database to determine the identity of the
criminals. Although biometrics emerged from its extensive use
in law enforcement to identify criminals (e.g., illegal aliens,
Manuscript received January 30, 2003; revised May 13, 2003. This paper was
previously published in part in the IEEE Security Privacy Magazine and the
Handbook of Fingerprint Recognition.
A. K. Jain is with the Department of Computer Science and Engi-
neering, Michigan State University, East Lansing, MI 48824 USA (e-mail:
jain@cse.msu.edu).
A. Ross is with the Lane Department of Computer Science and Electrical
Engineering, West Virginia University, Morgantown, WV 26506 USA (e-mail:
ross@csee.wvu.edu).
S. Prabhakar is with the Algorithms Research Group, DigitalPersona Inc.,
Redwood City, CA 94063 USA (e-mail: salilp@digitalpersona.com).
Digital Object Identifier 10.1109/TCSVT.2003.818349
security clearance for employees for sensitive jobs, fatherhood
determination, forensics, and positive identification of convicts
and prisoners), it is being increasingly used today to establish
person recognition in a large number of civilian applications.
What biological measurements qualify to be a biometric?
Any human physiological and/or behavioral characteristic can
be used as a biometric characteristic as long as it satisfies the
following requirements:
• Universality: each person should have the characteristic.
• Distinctiveness: any two persons should be sufficiently
different in terms of the characteristic.
• Permanence: the characteristic should be sufficiently
invariant (with respect to the matching criterion) over a
period of time.
• Collectability: the characteristic can be measured quanti-
tatively.
However, in a practical biometric system (i.e., a system that em-
ploys biometrics for personal recognition), there are a number
of other issues that should be considered, including:
• performance, which refers to the achievable recognition
accuracy and speed, the resources required to achieve the
desired recognition accuracy and speed, as well as the op-
erational and environmental factors that affect the accu-
racy and speed;
• acceptability, which indicates the extent to which people
are willing to accept the use of a particular biometric iden-
tifier (characteristic) in their daily lives;
• circumvention, which reflects how easily the system can
be fooled using fraudulent methods.
A practical biometric system should meet the specified recogni-
tion accuracy, speed, and resource requirements, be harmless to
the users, be accepted by the intended population, and be suffi-
ciently robust to various fraudulent methods and attacks to the
system.
II. B
IOMETRIC SYSTEMS
A biometric system is essentially a pattern recognition system
that operates by acquiring biometric data from an individual, ex-
tracting a feature set from the acquired data, and comparing this
feature set against the template set in the database. Depending
on the application context, a biometric system may operate ei-
ther in verification mode or identification mode.
• In the verification mode, the system validates a person’s
identity by comparing the captured biometric data with her
own biometric template(s) stored in the system database.
1051-8215/04$20.00 © 2004 IEEE
JAIN et al.: AN INTRODUCTION TO BIOMETRIC RECOGNITION 5
Fig. 1. Block diagrams of enrollment, verification, and identification tasks are shown using the four main modules of a biometric system, i.e., sensor, feature
extraction, matcher, and system database.
In such a system, an individual who desires to be recog-
nized claims an identity, usually via a personal identifi-
cation number (PIN), a user name, or a smart card, and
the system conducts a one-to-one comparison to determine
whether the claim is true or not (e.g., “Does this biometric
data belong to Bob?”). Identity verification is typically
used for positive recognition, where the aim is to prevent
multiple people from using the same identity [26].
• In the identification mode, the system recognizes an indi-
vidual by searching the templates of all the users in the
database for a match. Therefore, the system conducts a
one-to-many comparison to establish an individual’s iden-
tity (or fails if the subject is not enrolled in the system data-
base) without the subject having to claim an identity (e.g.,
“Whose biometric data is this?”). Identification is a crit-
ical component in negative recognition applications where
the system establishes whether the person is who she (im-
plicitly or explicitly) denies to be. The purpose of nega-
tive recognition is to prevent a single person from using
multiple identities [26]. Identification may also be used in
positive recognition for convenience (the user is not re-
quired to claim an identity). While traditional methods of
personal recognition such as passwords, PINs, keys, and
tokens may work for positive recognition, negative recog-
nition can only be established through biometrics.
Throughout this paper, we will use the generic term recogni-
tion where we do not wish to make a distinction between veri-
fication and identification. The block diagrams of a verification
system and an identification system are depicted in Fig. 1; user
enrollment, which is common to both of the tasks, is also graph-
ically illustrated.
The verification problem may be formally posed as follows:
given an input feature vector
(extracted from the biometric
data) and a claimed identity
, determine if ( ) belongs to
class
or , where indicates that the claim is true (a gen-
uine user) and
indicates that the claim is false (an impostor).
Typically,
is matched against , the biometric template
corresponding to user
, to determine its category. Thus
if
otherwise
where
is the function that measures the similarity between
feature vectors
and , and is a predefined threshold. The
value
is termed as a similarity or matching score be-
tween the biometric measurements of the user and the claimed
identity. Therefore, every claimed identity is classified into
6 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, VOL. 14, NO. 1, JANUARY 2004
or based on the variables , , , and and the function
. Note that biometric measurements (e.g., fingerprints) of the
same individual taken at different times are almost never iden-
tical. This is the reason for introducing the threshold
.
The identification problem, on the other hand, may be stated
as follows. Given an input feature vector
, determine the
identity
, . Here are
the identities enrolled in the system and
indicates the re-
ject case where no suitable identity can be determined for the
user. Hence
if
otherwise
where
is the biometric template corresponding to identity
, and is a predefined threshold.
A biometric system is designed using the following four main
modules (see Fig. 1).
1) Sensor module, which captures the biometric data of an
individual. An example is a fingerprint sensor that images
the ridge and valley structure of a user’s finger.
2) Feature extraction module, in which the acquired
biometric data is processed to extract a set of salient or
discriminatory features. For example, the position and
orientation of minutiae points (local ridge and valley
singularities) in a fingerprint image are extracted in
the feature extraction module of a fingerprint-based
biometric system.
3) Matcher module, in which the features extracted during
recognition are compared against the stored templates to
generate matching scores. For example, in the matching
module of a fingerprint-based biometric system, the
number of matching minutiae between the input and the
template fingerprint images is determined and a matching
score is reported. The matcher module also encapsulates
a decision making module, in which a user’s claimed
identity is confirmed (verification) or a user’s identity is
established (identification) based on the matching score.
4) System database module, which is used by the biometric
system to store the biometric templates of the enrolled
users. The enrollment module is responsible for enrolling
individuals into the biometric system database. During
the enrollment phase, the biometric characteristic of an
individual is first scanned by a biometric reader to pro-
duce a digital representation of the characteristic. The
data capture during the enrollment process may or may
not be supervised by a human depending on the appli-
cation. A quality check is generally performed to ensure
that the acquired sample can be reliably processed by suc-
cessive stages. In order to facilitate matching, the input
digital representation is further processed by a feature ex-
tractor to generate a compact but expressive representa-
tion, called a
template. Depending on the application, the
template may be stored in the central database of the bio-
metric system or be recorded on a smart card issued to the
individual. Usually, multiple templates of an individual
are stored to account for variations observed in the bio-
metric trait and the templates in the database may be up-
dated over time.
III. B
IOMETRIC
SYSTEM ERRORS
Two samples of the same biometric characteristic from the
same person (e.g., two impressions of a user’s right index
finger) are not exactly the same due to imperfect imaging
conditions (e.g., sensor noise and dry fingers), changes in the
user’s physiological or behavioral characteristics (e.g., cuts and
bruises on the finger), ambient conditions (e.g., temperature
and humidity), and user’s interaction with the sensor (e.g.,
finger placement). Therefore, the response of a biometric
matching system is the matching score
(typically a
single number) that quantifies the similarity between the input
(
) and the template ( ) representations. The higher the
score, the more certain is the system that the two biometric
measurements come from the same person. The system deci-
sion is regulated by the threshold
: pairs of biometric samples
generating scores higher than or equal to
are inferred as mate
pairs (i.e., belonging to the same person); pairs of biometric
samples generating scores lower than
are inferred as nonmate
pairs (i.e., belonging to different persons). The distribution of
scores generated from pairs of samples from the same person
is called the genuine distribution and from different persons is
called the impostor distribution [see Fig. 2(a)].
A biometric verification system makes two types of errors:
1) mistaking biometric measurements from two different per-
sons to be from the same person (called false match) and 2) mis-
taking two biometric measurements from the same person to be
from two different persons (called false nonmatch). These two
types of errors are often termed as false accept and false reject,
respectively. There is a tradeoff between false match rate (FMR)
and false nonmatch rate (FNMR) in every biometric system. In
fact, both FMR and FNMR are functions of the system threshold
;if is decreased to make the system more tolerant to input vari-
ations and noise, then FMR increases. On the other hand, if
is
raised to make the system more secure, then FNMR increases
accordingly. The system performance at all the operating points
(thresholds
) can be depicted in the form of a receiver oper-
ating characteristic (ROC) curve. A ROC curve is a plot of FMR
against (1-FNMR) or FNMR for various threshold values
[see
Fig. 2(b)].
Mathematically, the errors in a verification system can be for-
mulated as follows. If the stored biometric template of the user
is represented by and the acquired input for recognition is
represented by
, then the null and alternate hypotheses are:
input does not come from the same person as the
template
;
input comes from the same person as the template .
The associated decisions are as follows:
person is not who she claims to be;
person is who she claims to be.
The decision rule is as follows. If the matching score
is less than the system threshold , then decide
, else decide . The above terminology is borrowed from
communication theory, where the goal is to detect a message
in the presence of noise.
is the hypothesis that the received
signal is noise alone, and
is the hypothesis that the received
JAIN et al.: AN INTRODUCTION TO BIOMETRIC RECOGNITION 7
Fig. 2. Biometric system error rates. (a) FMR and FNMR for a given threshold
t
are displayed over the genuine and impostor score distributions; FMR is the
percentage of nonmate pairs whose matching scores are greater than or equal to
t
, and FNMR is the percentage of mate pairs whose matching scores are less than
t
.
(b) Choosing different operating points results in different FMR and FNMR. The curve relating FMR to FNMR at different thresholds is referred to as rec
eiver
operating characteristics (ROC). Typical operating points of different biometric applications are displayed on an ROC curve. Lack of understandin
g of the error
rates is a primary source of confusion in assessing system accuracy in vendor/user communities alike.
signal is message plus the noise. Such a hypothesis testing
formulation inherently contains two types of errors.
Type I:
false match (
is decided when is true);
Type II:
false nonmatch (
is decided when is true).
FMR is the probability of type-I error (also called significance
level in hypothesis testing) and FNMR is the probability of
type-II error as
The expression (1-FNMR) is also called the power of the hy-
pothesis test. To evaluate the accuracy of a fingerprint biometric
system, one must collect scores generated from multiple im-
ages of the same finger (the distribution
,
and scores generated from a number of images from different
fingers (the distribution
. Fig. 2(a) graphi-
cally illustrates the computation of FMR and FNMR over gen-
uine and impostor distributions
Besides the above error rates, the failure to capture (FTC) rate
and the failure to enroll (FTE) rate are also used to summarize
the accuracy of a biometric system. The FTC rate is only ap-
plicable when the biometric device has an automatic capture
functionality implemented in it and denotes the percentage of
times the biometric device fails to capture a sample when the
biometric characteristic is presented to it. This type of error typ-
ically occurs when the device is not able to locate a biometric
signal of sufficient quality (e.g., an extremely faint fingerprint or
an occluded face). The FTE rate, on the other hand, denotes the
percentage of times users are not able to enroll in the recognition
system. There is a tradeoff between the FTE rate and the per-
ceived system accuracy (FMR and FNMR). FTE errors typically
occur when the system rejects poor quality inputs during en-
rollment. Consequently, the database contains only good quality
templates and the perceived system accuracy improves. Because
of the interdependence among the failure rates and error rates,
all these rates (i.e., FTE, FTC, FNMR, FMR) constitute impor-
tant specifications in a biometric system, and should be reported
during performance evaluation.
The accuracy of a biometric system in the identification mode
can be inferred using the system accuracy in the verification
mode under simplifying assumptions. Let us denote the iden-
tification false nonmatch and false match rates with
and , respectively, where represents the number of
identities in the system database (for simplicity, we assume that
only a single identification attempt is made per subject, a single
biometric template is used for each enrolled user, and the im-
postor scores between different users are uncorrelated). Then,
and
(the approximations hold good only when
). A detailed discussion on these issues is available in [25]
and [27].
If the templates in the database of an identification system
have been classified and indexed, then only a portion of the data-
base is searched during identification and this leads to the fol-
lowing formulation of
and .
•
, where RER
(retrieval error rate) is the probability that the database
template corresponding to the searched finger is wrongly
discarded by the retrieval mechanism. The above expres-
sion is obtained using the following argument: in case
the template is not correctly retrieved (this happens with
probability RER), the system always generates a false-non
match, whereas in case the retrieval returns the right tem-
plate [this happens with probability (1-RER)], false non-
match rate of the system is FNMR. Also, this expression is
8 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY, VOL. 14, NO. 1, JANUARY 2004
Fig. 3. Examples of biometric characteristics: (a) DNA, (b) ear, (c) face, (d) facial thermogram, (e) hand thermogram, (f) hand vein, (g) fingerprint, (h) gait,
(i) hand geometry, (j) iris, (k) palmprint, (l) retina, (m) signature, and (n) voice.
only an approximation since it does not consider the prob-
ability of falsely matching an incorrect template before the
right one is retrieved [28].
•
, where (also called
the penetration rate) is the average percentage of database
searched during the identification of an input fingerprint.
The accuracy requirements of a biometric system are very
much application-dependent. For example, in some forensic ap-
plications such as criminal identification, one of the critical de-
sign issues is the FNMR rate (and not the FMR), i.e., we do not
want to miss identifying a criminal even at the risk of manually
examining a large number of potentially incorrect matches gen-
erated by the biometric system. On the other extreme, the FMR
may be one of the most important factors in a highly secure ac-
cess control application, where the primary objective is deter-
ring impostors (although we are concerned with the possible in-
convenience to the legitimate users due to a high FNMR). There
are a number of civilian applications whose performance re-
quirements lie in between these two extremes, where both FMR
and FNMR need to be considered. For example, in applications
like bank ATM card verification, a false match means a loss of
several hundred dollars while a high FNMR may lead to a po-
tential loss of a valued customer. Fig. 2(b) depicts the FMR and
FNMR tradeoffs in different types of biometric applications.
IV. C
OMPARISON OF VARIOUS BIOMETRICS
A number of biometric characteristics exist and are in use
in various applications (see Fig. 3). Each biometric has its
strengths and weaknesses, and the choice depends on the
application. No single biometric is expected to effectively
meet the requirements of all the applications. In other words,
no biometric is “optimal.” The match between a specific
biometric and an application is determined depending upon the
operational mode of the application and the properties of the
biometric characteristic. A brief introduction to the commonly
used biometrics is given below.
• DNA: Deoxyribonucleic acid (DNA) is the one-di-
mensional (1–D) ultimate unique code for one’s in-
dividuality—except for the fact that identical twins
have identical DNA patterns. It is, however, currently
used mostly in the context of forensic applications for
person recognition. Three issues limit the utility of this
biometrics for other applications: 1) contamination and
sensitivity: it is easy to steal a piece of DNA from an
unsuspecting subject that can be subsequently abused for
an ulterior purpose; 2) automatic real-time recognition
issues: the present technology for DNA matching requires
cumbersome chemical methods (wet processes) involving
an expert’s skills and is not geared for on-line noninvasive
recognition; and 3) privacy issues: information about
susceptibilities of a person to certain diseases could be
gained from the DNA pattern and there is a concern that
the unintended abuse of genetic code information may
result in discrimination, e.g., in hiring practices.
• Ear: It has been suggested that the shape of the ear and
the structure of the cartilegenous tissue of the pinna are
distinctive. The ear recognition approaches are based on
![Fig. 10. An improvement in matching accuracy is obtained when face recognition and fingerprint recognition systems are combined in an identification system developed by Hong and Jain [13].](/figures/fig-10-an-improvement-in-matching-accuracy-is-obtained-when-100yakop.webp)
