Authenticam (Authentication Camera for Desktop/Laptop Security

Panasonic

BM-ET 100US

• Camera
• Camera Holder
• Authenticam Operating Instructions
• Software CD

"Do not place your camera near a bath tub, washbasin, or other source of water."
"Do not expose the camera lens to direct sunlight or extreme lighting conditions."
"Avoid placing the camera in areas where excessive vibration could damage electronic components."

Plug the device into the computer's USB port when advised by the instructions in the software installation procedure.

Camera Lens with Iridian's Private ID iris capture program

• Iris Channel
  
  • Focus: Manual 315/16 inches (100mm) to infinity
  • View Angle: Horizontal: 51 degrees Vertical: 38 degrees
  • Pick-up system: Image device: 1/4-inch CCD
  • Pixels (approximate):Effective: 320,000 (659H x 494V); Total: 350,000 (699H x 506V)
  • Sensitivity: Recommended Illumination: 40 lx to 10,000 lx
  
  
• Videoconferencing Channel
  
  • Image Sensor: Progressive scan CCD with VGA resolution
  • Recommended Illumination: 40 flux at f2:0 for optimum performance in video conference mode
  • White Balance: ATW Automatic or Manual control (selectable)
  • Privacy Shutter: Yes
  • Frame Rates: VGA (640 x 480): 12.5 fps; QVGA (320 x 240): 30 fps; CIF (352 x 288): 30 fps; QCIF (176 x 144): 30 fps
  
  
• Physical Dimensions:: 42 mm (w) x 90 mm (h) x 74 mm (d)
  
  
• Weight: 160 g

Videoconferencing:
"Although primarily used for iris recognition, Authenticam can record video e-mail messages and be used to participate in LAN\WAN and internet-based video conferences."
Non-Invasive:
"The Panasonic Authenticam takes a video-based image from 19-21 inches away, and requires no contact, only cooperation, from users. The Authenticam does not use any lasers or bright lights, which are often used in retinal "scans", nor does it require physical touching like most fingerprint-based solutions.

Avoid extreme temperature: operating temperature is from 0 C to 40 C
Avoid extreme humidity: operating humidity is from 20% to 80% RH

SecureSuite 3.1 with Private ID 2.0

Software

• Microsoft IE 4.x or higher in order to use Secure Session feature (IE 5.5 recommended)
• Windows 2000

Hardware

• Intel Pentium MMX-class, 333 MHz or higher
• 64 MB of RAM (minimum); 128 MB of RAM (recommended)
• 40 MB of free hard disk space (minimum); 60 MB of free hard disk space (recommended)

Before installation, the user must have administrative privileges on the local machine. There are 4 major steps to installation: installing Private ID 2.0 software, connecting and testing the camera, installing the SecureSuite software, and configuring the required administrator account. Below is a screen capture of the welcome screen that guides the user during the installation process.

	The Private ID 2.0 software package includes the software needed to capture the iris image from the Panasonic Authenticam. It also includes the software drivers to allow the camera to be used as a video conferencing camera. To install this software, the user just has to follow the instructions in the Private ID installation wizard. The process is completed with a PC reboot.
	After the camera is plugged into the USB port in the PC, in order to make sure that the Private ID software and the camera are fully operative, several tests need to be conducted. Through Private ID's interactive help system, Authentication Diagnostics and Live Video Tests are performed. In these tests, the user practice aligning his/her eye with the camera lens, and then a live video is presented on the computer screen.
	The next step in installation is to install the SecureSuite. This is middleware that provides the authentication platform on top of the Private ID image capture program. To install this software, the user has to follow the instructions given by the installation wizard. The process ends with a PC reboot.
	SecureSuite requires a default Administrator account be created as part of the installation process. To avoid the possibility of error or conflict with existing Windows passwords, users are instructed to create an Administrator password entirely different from the current Windows login.

Number of Templates
During the enrollment process, 4 iris scan templates are created.

Creation of Template
After image capture of the iris, an algorithm quickly defines the suitable area of the iris for feature extraction and analysis. In this process, areas covered by eyelids, deep shadows, and specular reflections are excluded. The algorithm then automatically adjusts the width of the pupillary boundary-to-limbus zone to maximize the amount of iris analyzed, given varying ratios of pupil to iris sizes due to different lighting in the environment. Then the iris pattern goes through a calculation called demodulation, in which complex-valued 2D Gabor wavelets are used to extract the structure of the iris as a sequence of phasors, whose phase angles are quantized to set the bits in an IrisCode. It is not clear how Iridian technology merge the 4 templates, but it is suspected that it would be a similar process as fingerprints.

Below on the left is a diagram that outlines the usable zone in an iris image. Below on the right is a diagram illustrating the anatomy of the eye, and location of the iris. Below in the centre is a picture of a template with Iriscode.


Authentication Process
During the authentication process, when an iris is presented to the image capture camera, an iris image is transformed into an IrisCode in the same way the template is created. Any given IrisCode is statistically guaranteed to pass a test of independence against any IrisCode computed from a different eye; but it will uniquely fail this same test against the eye from which it was computed. Thus the key to iris recognition is the failure of a test of statistical independence. After this process, if the test fails, then the user is granted access to the computer.

Several problems were encountered during enrollment.

Eye Alignment with the Camera and availability of Feedback
From the tester's experience, to align the eye with the camera requires some practice. When the eye is at a good distance and in focus with the lens, the light inside the image capture lens changes from orange to green. When the image is captured, the user can see three red lights blinking at the bottom of the camera, and hear an audio feedback that mimics a real camera when taking a picture. All of this feedback provides users with some help when placing their eye in the correct position, but it is a trail and error process. The user has to position their about an arm's length from the camera, and then gradually move toward the camera until (hopefully) the light turns to green. There's no guidance during the alignment process, only feedback when the alignment is successful.

What makes alignment even more challenging is the fact that there is no ideal location to place the camera. Though the user guide suggested putting the camera on the monitor, this does not produce an ideal height difference between the user's eye and the camera. Note that the user's eye should be just a little lower than the image capture lens. One improvement might be to design a camera holder to mount the camera on the monitor

Users with Glasses
The reflection of camera illumination onto glasses surface, and the glare on the metallic rim of the glasses caused by the lighting condition in the room, both blocks the iris image and prevents successful enrollment. Although some practice of positioning with the camera can reduce the reflection, it's easier to just take off the glasses. Without glasses, some users may not be able to focus on the lens, but that is not a large concern. As long as the lens can focus and is at a right distance to the eye, the capture will be successful.

Squinty Eyes
Although the algorithm is claimed to accommodate eyelids that partially covers the iris, in practice the program rejects the image when the complete iris is not visible. This is a problem for users who have small and squinty eyes, such as the tester. Therefore, the tester had to hold up her eyelids during the enrollment process, and it was not a very comfortable experience.

Visibility of Feedback

The image shown on the right is a capture of the enrollment window showing live video feedback. This feedback would be a great help to the user when adjusting their position and to detect any problems such as glare and reflection, if only the user could see it with their own eyes while looking into up to the camera.
The photograph on the right was taken during product testing. Notice how the user is unable to see the image of their eye on the screen while focusing on the camera.

	Admin GUI The functionality of the Admin GUI is divided into 4 categories as seen in the screen capture shown at the left: User, View, Options and Help. The Help section is standard documentation and search, and the View section simply allows the administrator to sort the users in the screen. In the User category, the administrator can create or delete users profiles, or change user properties. The User property window is essentially the same as the regular user GUI. The administrator can create up to 5 users on one workstation. In the options section, the administrator can change global settings and monitor and create an even log that records the sign-on successes and failures.
	Conversion Tool This is another GUI for the administrator. With this interface, the administrator can convert regular Windows users on the machine to SecureSuite users. The administrator has the choice to let the windows users keep their original user name and password, make a new one, or append letters/digits to the end of their username and password.
	Regular User GUI In the regular user GUI, the user can change their information, such as first and last name and description, and their method of authentication. The available methods of authentication are dictated by the kinds of biometrics devices available on the local machine. In this particular situation, the user can choose to sign on with the iris scan or password or both. This interface also shows all Secure Session templates created by the user, please refer to the Single Sign-On section below for detailed explanation of Secure Session features. The user can choose to use these templates or make them inactive.

• Login Control
  The program allows the user to log in with either their password or the biometrics authentication device or both.

  This is a very ideal arrangement, so the user can choose which level of security that they desire. For example, users who do not handle very sensitive information can adopt an OR setting, whereas users who are very concerned about their information can adopt and AND setting. The users do not have to be overly concerned about lock outs, because the administrator can always change their account information. However this rest a lot of responsibility on the administrator. If frequent lockouts occurs then that wouldn't lessen the work load of the administrator, which is one of the benefits claimed by biometrics authentication devices.

• Password Protected Screen Savers
  When the screen saver is turned to password protection mode, the user needs to present a registered eye (or password or both depending on the authentication mode the user has chosen) in order to regain access of the computer. After pressing Ctrl+Alt+Del, the user is able to start the authentication process.

  The requirement to press Ctrl+Alt+Del hinders the usability of this device, the BioconX software for the Sony FIU (Puppy) has similar problem. Please refer to that page for more detailed discussion.
  
  

• File Encryption
  Available, and it is called SecureFolder. This feature protects sensitive files in an encrypted folder. Only the owner of the information has access to update or publish it because it is protected by a single, non-transferable IrisCode record. The owner has instant access after a glance at the camera (if the owner sets iris only as the authentication method). To encrypt a folder or a single file, the user would right click and then choose the SecureSuite icon called "secure". Once the a file or folder is encrypted, it has a SecureSuite icon on it.

  This feature is well designed from two aspects. First it utilized the knowledge acquired by users of Windows. In Windows, to encrypt a file, the user has to right-click on the file or the folder and to choose from the drop down menu. Here the same procedure is used, therefore the users do not have to re-learn the process. Secondly, once the file is encrypted, a logo appears to indicate that the file is secured. This contributes to the user's overall mental model of the software and is a good use of metaphor. Below is a screen capture of this feature.

  
  
  
  
  
  
• Single Sign-On
  There are two features that are classified as single sign-on: SecureSession and SecureApp (secure application).
  
  

  For SecureSession (shown at the right), when the user logs onto a web site with their username and password the SecureSuite application automatically asks the user if they want to replace the user name and password with SecureSuite login (iris recognition and/or password). If the user chooses this single sign-on feature, then the next time the user tries to log on a web page, a help window would appear. That help window is called SecureSession. The user has to verify their identity and then press Logon. The user have to manually press submit in the end of the process.

  For SecureApp (shown at the right) the administrator can prevent any Windows-based application from being launched by unauthorized users. Authorization can be controlled using iris recognition. The SecureApp is even capable of protecting applications that do not have password protection. The screen capture below on the left is a demonstration of SecureSession, and the screen capture on the right is a demonstration of SecureApp.

  
  
  

  The SecureSession offers flexibility because it allows the user to choose whether they would want to submit their biometrics every time they log into a password protected web site or not. For example, they might prefer to just login in when working in a private office environment, but they may want to add extra security in a more public setting such as an Internet cafe. The fact that the application has divided the single sign-on feature into SecureSession and SecureApp is logical and elegant, because the administrator may want to subdivide the users into working groups and a few users may have similar application grants, while the SecureSession profiles should be unique and user controlled, since everyone visit different sites. The double password submission for each web site is time consuming, however, and the application should automatically submit the user name and password.
  
  

• Customization
  Minor customization is available. The administrator is not able to adjust the sensitivity of the image sensor, however, the administrator is allowed to adjust the type of feedback in the Admin GUI, the minimum number of images captured to create an IrisCode (4 to 8), and the number of incorrect logons allowed before lockout.
  
  
• Training
  There is training utility available with Private ID 2.0, but the user can only access it with the software CD. Also, on the software CD there is an option for the user to test image capture.

  As discussed in the enrollment section above, although there is feedback, the users cannot see the live video capture because they cannot look at the camera and the computer screen at the same time. If the captured image would stay on the screen after the practice attempts and failed logins, this would enhance the usability of the Authenticam greatly. In addition, the feedback might include a description of the likely problems that occurred during image capture, whether it is the eyelids, or the background lighting, or the viewing angle, or the distance. This way, the user would know how to improve their image capture techniques.