Biometric Security Template Storage


Every biometric authentication device and application performs 4 major functions: image capture, feature extraction, template creation and storage, and comparison. The template that is created and stored is not the biometric data itself (e.g., the fingerprint image) but instead the results from some kind of analysis and summary of the biometric data. This might be an analysis of the locations of minutia contained in fingerprints or a mathematical summary of the patterns in an iris image. These templates contain the unique characteristics of a user's biometric information, and they are the master copies that each future data acquisition would be compared to.

Biometric device vendors are careful to create systems where the encoding of the biometric data is one-way. That is, presenting the same biometric pattern can result in the same summary template, but the template cannot be used to reconstruct the biometric pattern. Nevertheless, proper storage and security of the template is important for the reliability and robustness of the system, and for users' trust.

The acceptance of biometric security devices by the general public is dependent on perceptions of how securely the biometric information template is stored. Privacy concerns have been raised because a biometric information template by itself is a unique identifier of a person. Although the template cannot be decoded back to the biometric data, it could be used to track the activities of an individual. If there is a database anywhere that ties the user to the unique biometric template, it could be used perform tracking functions.

Currently, there are 4 major locations for storing the template: in a token or smart card, in a central database on a server, on a workstation, or directly on the sensing device. Each of the locations have their own advantages and disadvantages:

Device-Specific Discussions

Biometrics Trailer

This page is part of a project on the Usability and Acceptability of Biometric Security Devices.