The present invention relates generally to authentication and identification mechanisms that compare a measured physical trait or characteristic behavior of a person with a previously stored representation of the same trait or characteristic, to determine if the person is who he or she claims to be. This process is termed biometric authentication. More specifically, the invention pertains to techniques for determining individual device operating characteristics for users of a system that employs biometric identification and authentication.
Biometric methods of identification and authentication, whether using fingerprints, speech analysis, or other characteristics, have only limited reliability. Each different biometric device in general will have different levels of accuracy and reliability. A related issue is that a single biometric device will, in general, exhibit an accuracy that varies from one user to another. One measure of the accuracy of a biometric device is the false acceptance rate (FAR), indicating the frequency (usually expressed as a percentage) that the device provides positive identification for someone who seeks authentication but is not the enrolled user of the device. Higher values of FAR are indicative of a higher security risk posed by use of the biometric device. Another measure of accuracy is the false rejection rate (FRR), which indicates the frequency (usually expressed as a percentage) that the biometric device rejects properly enrolled users. Designing or adjusting a device to provide a low FAR, and hence a low security risk, will usually result in a high FRR. The FRR may be viewed as a measure of inconvenience of using the device. It will be appreciated, therefore, that there is a statistical tradeoff between security risk, as measured by FAR, and inconvenience, as measured by FRR.
Biometric device vendors typically provide a claimed authentication accuracy for each attempted access or other use of the device. Some provide a simple yes/no result and others provide an authentication score, but each vendor""s measure of the results of a biometric comparison is likely to be different from the others. Because no single biometric authentication technique has been able to provide an acceptable compromise between security and convenience, systems are often designed to employ multiple biometric devices for each attempted access; for example, fingerprint and voice identification. When multiple biometrics are used in a single system, the system designer faces a significant challenge in deciding how to combine the results of each biometric device. One possibility is simply to grant access if both devices supply a xe2x80x9cyesxe2x80x9d result and to deny access otherwise, but without regard to any quantitative interpretation of each xe2x80x9cyesxe2x80x9d result. While the simplicity of this approach is appealing, it usually leads to an unnecessarily high false rejection rate (FRR).
It will be appreciated from the foregoing discussion that there is a need for a technique for quantifying the authentication accuracy of biometric devices, to facilitate analysis, comparison and combination of the results of different biometric devices. The present invention addresses this need.
The present invention resides in a method and apparatus for normalizing biometric test scores generated by multiple biometric devices for multiple users. Briefly, and in general terms, the method of the invention comprises the steps of, for each user enrolled to use each biometric device, maintaining a statistical database containing a standardized measure of accuracy for each possible score of the biometric device for this particular user; obtaining a current score from a biometric device for this particular user; and converting the current score to a standardized measure of accuracy obtained from the statistical database.
More specifically, the step of maintaining a statistical database includes the following steps performed each time a user successfully accesses a protected system using a biometric device: obtaining current biometric data from this user; comparing the current biometric data of this user with stored biometric templates of other users enrolled to use the same biometric device, wherein the biometric data of this user are compared as xe2x80x9cimpostor dataxe2x80x9d with the other user templates, and a comparison score is obtained from the biometric device; after each comparing step, updating a count of impostor comparisons performed for each of the other users, and updating a count of the number of times the resulting comparison score is obtained for impostor comparisons relative to each other user; updating the probability of occurrence of each comparison score; and computing an equivalent false acceptance rate from the probabilities of occurrence of the comparison scores, wherein the false acceptance rate provides an objective measure of security risk for this particular user and biometric device. With the statistical database maintained in this matter, the step of converting the current biometric score to a standardized measure of accuracy simply includes retrieving from the statistical database a false acceptance rate corresponding to this user, the current biometric device and the current biometric score.
Alternatively, or in addition, the method also includes generation of false rejection rate data. Thus the step of maintaining a statistical database may include the following steps performed each time a user successfully accesses a protected system during a data gathering phase of operation and provides data to a biometric device: obtaining current biometric data from this user; comparing the current biometric data of this user with a stored biometric template of this user obtained during enrollment to use the same biometric device, and obtaining a comparison score from the biometric device; after each comparing step, updating a count of test comparisons performed for this user, and updating a count of the number of times the comparison score is obtained for this user; updating the probability of occurrence of each comparison score; and computing an equivalent false rejection rate from the probabilities of occurrence of the comparison scores, wherein the false rejection rate provides an objective measure of convenience of use for this particular user and biometric device. If the statistical database includes false rejection rate data, the step of converting the current biometric score to a standardized measure of accuracy includes retrieving from the statistical database a false rejection rate corresponding to this user, the current biometric device and the current biometric score.
In terms of novel apparatus, the invention may be defined as a biometric score normalizer for use in an authentication system having multiple biometric devices and multiple users. Briefly, and in general terms, the biometric score normalizer of the present invention comprises: a statistical database containing, for each user enrolled to use each biometric device, at least one standardized measure of accuracy for each possible score of the biometric device; means for accumulating data in the statistical database, wherein at least one standardized measure of accuracy is updated as users attempt access to the authentication system; and means for converting a raw biometric device score into at least one standardized measure of accuracy by accessing the statistical database.
In the biometric score normalizer as defined above, the statistical database preferably contains an equivalent value of false acceptance rate for each combination of user, biometric device and biometric device score. Thus the means for accumulating data in the statistical database includes: means for obtaining current biometric data from this user; means for comparing the current biometric data of this user with stored biometric templates of other users enrolled to use the same biometric device, wherein the biometric data of this user are compared as xe2x80x9cimpostor dataxe2x80x9d with the other user templates, and a comparison score is obtained from the biometric device; means operative after the means for comparing, for updating a count of impostor comparisons performed for each of the other users, and updating a count of the number of times the comparison score is obtained for impostor comparisons relative to each other user; means for updating the probability of occurrence of each comparison score; and means for computing an equivalent false acceptance rate from the probabilities of occurrence of the comparison scores, wherein the false acceptance rate provides an objective measure of security risk for this particular user and biometric device.
Alternatively, or additionally, the statistical database contains an equivalent value of a false rejection rate for each combination of user, biometric device and biometric device""s score. The means for accumulating data in the statistical database further includes: means for obtaining current biometric data from a user during a test phase of operation; means for comparing the current biometric data of this user with a stored biometric templates of this user obtained during enrollment to use the same biometric device, and obtaining a comparison score from the biometric device; means for updating a count of test comparisons performed for this user, and updating a count of the number of times the comparison score is obtained for this user; means for updating the probability of occurrence of each comparison score; and means for computing an equivalent false rejection rate from the probabilities of occurrence of the comparison scores, wherein the false rejection rate provides an objective measure of convenience of use for this particular user and biometric device.
It will be appreciated from the foregoing summary that the present invention represents a significant advance in the use of biometric devices for identification and authentication. In particular, the invention provides for the ongoing accumulation of false acceptance rate and false rejection rate data for each combination of user, biometric device and biometric device score. Thus the invention also provides data that permits more objective assessment of biometric device scores, particularly in cases where multiple biometrics are used to authenticate each prospective user. Other aspects and advantages of the invention will become apparent from the following more detailed description, taken in conjunction with the accompanying drawings.