Identity verification is an important feature of modern computerized devices.
Computerized devices provide portals to sensitive control systems, confidential information, and personal identity information that should only be accessible to a certain individual or set of people. Aside from security, identity verification can provide a degree of convenience for tracking use of a device or customizing the device for a user. In the case of a multiuser device, the device can use identity verification information to provide data or interfaces that are specifically applicable to a single user or provide a more accurate record of which user conducted which actions using the device. For example, a factory terminal can keep track of which employee used the device to conduct a specific assembly line action. Furthermore, some multiuser devices are designed specifically for identification purposes such as timecard systems that track when an employee clocked in for work, or electronically controlled access points that determine whether a user is authorized to pass through a physical barrier.
Traditional approaches for identity verification include verification operations conducted using various kinds of information that are colloquially referred to as: who you are, what you know, and what you have. Biometric (who you are) information is replacing passwords (what you know) information in an increasing number of applications due to its universality, permanence, and convenience. However, the permanence of biometric information has caused this increase in usage to be accompanied by increased privacy concerns. If a favorite password is compromised by an identity thief, a user can very easily switch to a different arbitrary string of characters. However, if biometric data is compromised, the situation is much more serious. Aside from its permanence, the simple fact that biometric information is a part of one's person leads to an increased level of sensitivity towards the surreptitious acquisition of that information by malicious actors. People that are not usually concerned with permanent personal information like their mother's maiden name being stored externally and used to identify them will sometimes balk at providing a fingerprint or iris scan to a third party.