You are on page 1of 50




In Partial Fulfilment of the Requirements for the Award of Higher National Diploma (HND) in Computer Science SEPTEMBER 2010

This is to certify that this project was written and carried out by OPARA CHIZOMA EDITH with the matriculation number 085022007 under the supervision of MRS OKUNADE T.A. in partial fulfilment of the award of the Higher National Diploma in Lagos State Polytechnic, Ikorodu Lagos.

-----------------------------Students signature


------------------------------Supervisor signature (Mrs Okunade T.A)


------------------------------HODs Signature Prince Adesanya Sunday



I dedicate this project to Almighty God for his mercy, life, good health, strength and grace during the execution of the project and throughout the Academic sessions for my Higher National Diploma. May all Glory be ascribed to His holy name. I also dedicate this project to my family for their support and encouragement, may God continue to bless them in all their endeavours. AMEN.

My appreciation goes to God almighty for granting me life till this day and my parents and family for their moral and financial support. I wish to thank my project supervisor Mrs. Okunade T.A. for her motherly advice counsel and understanding and for letting part of her experience and professional knowledge poured out from her well structured brain to me, which guided me through the process of accomplishing this project. I am also grateful to Mr. Fassasi S.A. for his knowledge, counsel and advice, also to my amiable skilled and wonderful lecturers in the computer science department for being part of a dream come true.

One of the many challenges facing schools today is accurately identifying students. Now more than ever, accurate student identification is the key to the efficient operation of a school. Biometric is the science and technology of measuring and analyzing biological data in information technology. Biometric refers to technology that measure and analyze human body characteristics, such as fingerprints, eye retinas and irises, voice pattern, facial patterns and hand measurement for authentication purposes. The evolution of information technology is likely to initiate interdependence between human and technology. This fusion has been characterized in popular science fiction as the chip implementation. The next step in evolution of biometric came from the desire not only to match an individuals data with the individual but also to restrict access to that peoples information to those who have such access. It was the point that biometrics technology began to ensure that only the peoples who have access, those with biometric key was able to unlock the information contained in the code. By using biometric identification in schools new standards of accountability will be put in place.


CHAPTER ONE 1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7



CHAPTER TWO2.0 2.1 2.2 2.3 2.4 2.4.1 2.4.2 2.4.3 2.5 2.6 2.6.1 2.6.2 2.6.3 2.6.4 2.6.5 2.6.6 2.6.7 2.6.8 2.7 2.8 2.9



3.0 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8


CHAPTER FOUR 4.0 4.1 4.2 4.3


CHAPTER FIVE 5.0 5.1 5.2 5.3 5.4




The accurate identification of individuals is a key concern for many government agencies, schools and corporations. It is important to them because it contributes significantly to administrative efficiency and the control of fraud and can offer benefits to clients as well. A key focus of information systems security in recent years is the intensification to establish accurate identity. Three conventional form of identification are in use today. The first is something you have, such as a card. The second form is something you know, such as a password or PIN (Personal Identification Number). The third form of identification is known as biometric. The term biometrics has two distinct meanings: bio meaning living creatures and metrics meaning the ability to measure an object quantitatively. Schemes base on the items and knowledge which people possess has many weaknesses. For example cards are regularly forgotten, fake blanks of even the highest integrity cards are generally available in East Asian countries within weeks of the first cards being issued. The general availability of sophisticated manufacturing equipment has placed the ability to forge such documents into the hands of a much wider group of criminals than was previously the case. PINs (Personal Identification Number) are easily forgotten, swapped or stolen. A high integrity biometric system appears from the perspective of information users to be an ideal solution to such problems. The development and application of technical standards has meant that communications among the information systems of different organizations is increasingly simple. The application of a biometrically based identifier for each individual would be a natural further step. Yet from the perspective of individuals, any move towards a biometric identifier carries enormous risk many systems do not live up to expectations because they prove unable to cope with the enormous variations among large populations or fail to take into account the practicalities of human behaviour, and the need of people. Individual autonomy and freedoms may be compromised by the need for a high level of compliance with the

scheme. In many western nations, the stigma of criminality is associated with fingerprinting and by association with other biometric techniques. If a scheme is applied across multiple organizations behaviour in relation to one organization might lead to a domino effect of cross enforcement activities involving suspension of entitlements or benefits by other organizations. Individuals who cannot or will not use the prescribe system become outcasts on the edge of society.


With our daily lives becoming more dependent on computer system, we find ourselves relying on them for applications because they are becoming independent tools where security has to be proven through some means of authentication. This is based on the three key basic foundations namely: 1. POSSESSION: what we have; token keys. 2. KNOWLEDGEMENT: what we know; password PINs 3. CHARACTERISTICS: what we are; fingerprint, Iris, voice etc. Each one of these is theoretically more secured than the next and the combination of these further increases this security of a system. Biometrics (Bi O met riks) system can be define as automated identification and data capture (AIDC) for verification and recognition of individual using unique biological characteristics that in general. It is the study of measurable biological characteristics in computer security. Biometric refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked. Biometrics is the science and technology of measuring and analysing biological data in information technology. Biometrics refers to technologies that measures and analyse human body characteristics such as fingerprints, eye retinas and irises, voice pattern etc. that is, the automatic identification of a person based on his/her anatomical (e.g. fingerprint, Iris) or behavioural (e.g. signature) characteristics or traits for authentication purposes. Authentication by biometric verification is becoming increasingly common in corporate, schools and public security systems, consumer electronics and point of sale (POS) applications. In addition to security, the driving force behind biometric verification has been convenience.

Biometric devices such as finger scanners consist of: A Reader or Scanning device Software that converts the scanned information into digital form and captures match points. A database that stores the biometric data for comparison. To prevent identity theft, biometric data is usually encrypted when its gathered. Here is how biometric verification works on the back end: to convert the biometric input, a software application is used to identify specific points of data as match points. The match points in the database are processed using an algorithm that translates that information into a numeric value. The database value is compared with the biometric input the enduser has entered into the scanner and authentication is either approved or denied. Biometric verification is any means by which a person can be uniquely identified by evaluating one or more distinguishing biological traits. Unique identifiers include fingerprint, iris pattern, voice, hand geometry, retina DNA and signature. The oldest form of biometric is fingerprinting. Historians have found the examples of thumbprints being used as a means of unique identification on clay seals in ancient China. Biometric verification has advanced considerably with the advent of computerised database and digitalization of analog data, allowing for almost instantaneous personal identification. Iris pattern and Retina pattern authentication methods are already employed in some bank automatic teller machines. Voice wave form recognition, a method of verification that has wiretaps, is now being used for access to proprietary database in research facilities. Facial recognition technology has been by law enforcement agencies to pick out individual in large crowds with considerable reliability. Hand geometry is been used in industry to provide physical access to buildings. Earlobe geometry has been used to disprove the identity of individuals who claim to be someone they are not (Identity theft). Signature comparison is not as reliable all by itself as the other biometric verification when used in conjunction with one or more other methods. No method what biometric methodology is used, the identification process remain the same. A record of a persons unique characteristics is captured and kept in a database , later on when identification verification is required, a new record is captured and

compared with the previous record in the database. If the data in the new record matches that in the database record, the persons identity is confirmed. There are different types of biometric identification schemes: 1. Fingerprint: the analysis of an individual unique fingerprint. 2. Voice: the analysis of tone, pitch, cadence and frequency of a persons voice. 3. Face: the analysis of facial characteristics. 4. Hand Geometry: the analysis of shape of the hand and length of the fingers. 5. Retina: the analysis of the capillary vessels located at the back of the eye. 6. Iris: the analysis of the coloured ring that surround the eyes pupil. 7. Signature: the analysis of the way a persons signs his name. 8. Vein: the analysis of pattern of the veins in the back of the hand the wrist. In information technology biometric authentication refers to technologies that measures and analyses human physical and behavioural characteristic for authentication purposes. Examples of physical or (physiological) biometric characteristics include fingerprints, eye retinas, irises and hand measurements. While example of behavioural characteristics include signature, gait and typing patterns. All behavioural biometric characteristics have a physiological component and to a lesser degree, physical biometric characteristics have a behavioural element. Some researchers have coined the term behaviometrics for behavioural biometrics such as typing rhythm or mouse gestures where the analysis can be done continuously without interrupting or interfering with user activities.



The fundamental tenet of information security is controlling access to the critical resources that require protection from unauthorized modification or disclosure. And the modern rapid advancements in networking communication and mobility increased the need of reliable ways to verify the identity of any person. The bottom line is that schools are facing one of the many challenges of accurately identifying students and schools receive federal and State money base on accurate and audible records. Schools need to provide a safe and secure environment for everyone on campus. Now more than ever, accurate student identification is key to the efficient operation of a school. Over the past few decades, schools have been implementing all kinds of new technologies to both enhance learning and improved operations. Smart boards, laptops and real-time internet resources are just a part of a students everyday experience. Nowadays identity verification is mainly performed in two ways:
1. POSSESSION-BASED: the whole security is based on a token the user has

(such a credit card or a document ID card) if it is lost, somebody else might use it to falsify his/her identity.
2. KNOWLEDGE BASED: using a password. Even if we use the best encryption

algorithm, the whole security is based on the key. If it is too short, it is simple to guess it or crack it making several attempts, but if it is too complicated it cant be remembered. And the common user will keep it written somewhere, so that it can be lost or stolen. These weaknesses of standard validation systems can be avoided if our own body becomes our key. Particular characteristics of the body or habits are much more complicated to forge than a string, even if it is evident and adds a complexity to identification systems that would be hard to reach with a standard password base approach. Schools worldwide have been implementing biometric finger scanning to streamline operations, increase teaching time and enhance security. Biometric systems can be used in conjunction with passwords or tokens thus improving the security of existing systems without replacing them.



The objective of this research is to develop a biometric system that will be able to enrol and match the scanned finger print with the existing template and also to build a database that would contain the information of students academic records and Personal records. Realising those objectives will ensure the provision of accurate and audible records for efficient operations of a school



According to recent studies that most of the shortfalls in the traditional identification and verification systems could be adequately corrected. Automated biometric technology (fingerprint) in schools will help prevent fraud in examination halls, enhance security and curtail identity theft.



Research found out that biometrics is not a new technology. The ancient Egyptians used body characteristics to identify workers to make sure they didnt claim more provisions than they were entitled. Chinese merchants in the fourteenth century used palm prints and foot prints to identify children. In data collection the secondary source mostly used depended largely on internet for most of the information on biometrics systems, while information on students data and records were acquire through primary sources, by interviewing schools who have already implemented it.



This project is limited to the application of biometric system using thumbprint recognition system that serves as an identification and verification tools before accessing data.



These are words or terms used in these particular type of field which may mean the same meaning or not.

1. PIN- Personal Identification Number 2. AIDC- Automated Identification and Data Capture 3. ENCRYPT-Conversion of information into code 4. AUTONOMY-ability to act and make decision without being controlled. 5. ANATOMY-study of the structure of human animal body 6. PHSIOLOGY-study of the normal function of living thing. 7. HACKING-the re-configuring or re-programming of a system to function in ways not facilitated by the owner. 8. ALGORITHM-It is a specific step of instruction for carrying out a procedure or solving a problem. 9. SENSOR-is a device that measures a physical quantity and converts it into a signal which can be read by an observer or by an instrument.

In the recent past when computers were first introduced in firms, organisation agencies, schools, hospitals etc to carry out function or jobs formerly done manually by human beings; it was discovered that they the computers were used by hackers and employees to commit fraudulent activities and also advance fee fraud was also increasing in an alarming rate. This led to data and information security that is of importance to the various firms, schools, industries, companies etc Firstly the type of security that was implemented is the use of ordinary password system. But it was discovered that this can be easily be by-passed. Secondly the introduction of PIN9personal identification number) was introduced in bigger firms. It was discovered that password is being guessed, stolen or forgotten and also multiple password are hard or difficult to remember. In addition survey show that half of computer frauds experienced in large organisation are user related that ranges from hacking, sabotage to corporate espionage etc. Furthermore, there has also been numerous media fraud where people s identities are being stolen from the computer database and then used to perform fraudulent acts ranging from credits cards, insurance claims drivers license and loans. Lastly the crying need for a more secure, yet easy to remember way of authenticating user is growing at an explosive rate. Compressive data security solutions are jeopardized. What point is there in controlling access to data? If one cant be sure that one is providing the data to authorized person? Nevertheless, considering the above stated challenges and problems another security was being conceived and this is called BIOMETRICS.



Francis Galton remains one of the founders of biometrics, the application of statistical method to biological phenomenon. His research into mental ability and dispositions which included studies of identical twins was pioneering demonstrations that many traits are inherited. Galton invented the first system of fingerprinting adopted by police department all over the world.

The term biometrics has two distinct meanings: bio meaning living creatures and metrics meaning the ability to measure an object quantitatively. (Miller B. 1994) The use of biometric has been traced back as far as the Egyptians who measure people to identify them. The first modern biometrics device was introduced on a commercial basis over 20 years ago when a machine that measure finger length was installed for a time keeping application at Shearson Hamil on wall street.(industry information: biometrics,1996). Todays biometric encryption process was derived as a natural offshoot from some common uses of biometrics in the past. Possibly the most well known biometric was the use of fingerprinting by law enforcement agencies for identification of criminals, children and for licensing of people employed in federal regulated careers such as security brokers. The process however, began as a highly manual function where individuals would spend weeks or months trying to match the hard copy fingerprints that were on file with those obtained elsewhere. In many cases matches were difficulty if not impossible to make, and is was not uncommon for misidentifications to occur, with the advancements made in computer technology, some agencies began to construct archives electronically that could allow that matching process to occur much faster and with a much lower error rate as the computer could distinguished better than the naked eye the subtle traits that occurred in fingerprints. The next step in evolution of biometric came from the desire not only to match an individuals data with the individual but also to restrict access to that peoples information to those who have such access. It was the point that biometrics technology began to ensure that only the peoples who have access, those with biometric key was able to unlock the information contained in the code.



How does biometric encryption woks? Encryption is a mathematical process that helps to disguise the information contained in messages that is either transmitted on stored in a database, and there are three main factors that determine the security of any cryto system; 1. The complexity of the mathematical process or algorithm 2. The length of the encryption key used to disguise the message 3. Safe storage of the key known as the key management.

The complexity of the algorithm is important because it directly correlates to how easy the process is to reverse engineer. One would think that this is the area of encryption that is the easiest to break, however most crypto systems are extremely well constructed and these are the least of the three factors that are vulnerable to attack. The length of the encryption key used to disguise the message is the next important piece of the encryption process. The shorter the encryption key length the more vulnerable the data is to a brute force attack. This term refers to an individual trying to improperly access data by trying all combination of possible passwords that would allow access to the account. In non-biometric encryption processes such bas password or PIN numbers, depending on the length of the key, the information may be vulnerable to access by unauthorised users. For example a key that is three characters long because the numbers of possible permutations that may must be run to find the right key are much higher in the key that contains ten characters with current computer power, it is estimated that it would take four hundred years to find the right access combination for a sixty four character key. Biometric encryption makes standard character encryption obsolete by replacing or supplementing the normal key characters with a personal identifier of the user that there can only be one perfect match for without this biometric key the information is inaccessible. Safe storage of the key is the most venerable area of the encryption process. What would seem to be the easiest to manage becomes the most difficult because passwords or PINs can be lost or stolen. Good encryption keys are much too long for normal individuals to remember easily so they are usually stored on paper, smart cards, or diskette which makes them accessible to non-authorized users. Biometric encryption systems allow the user to transport the access key around without the need to make it vulnerable to be lost or stolen. There are two broad categories of encryption systems; 1. Single key (symmetric)systems 2. Two key (public)systems SINGLE KEY (SYMMETRIC) SYSTEMS: symmetric systems utilize a single key for both the sender and receiver for the purpose of coding and decoding data. In 1972 IBM (international business system) developed DES (data encryption standard) which was adopted worldwide by 1977 as the most common single key system in the banking and financial sectors. The process of transmitting this type of key over such networks as the internet is one of the major failures due to the vulnerability of a single key system to interception. Electronic commerce requires that transactions be conducted over open

networks instead of dedicated networks and single key systems do not offer a high enough level of security for such transmissions. This issue of security is why public key system has been developed. TWO KEY (PUBLIC) SYSTEMS: two-key systems use a public key to encrypt the data and a private key decrypt the data. The public key systems allows better encryption than single key systems, however certification of the recipient of messages becomes an issue which causes a hierarchy of certification to be developed resulting in a much slower processing time. Biometric can aid in this process due to the inherent nature of using a physical trait of the desired recipient to decipher the message. It is this issue that has caused biometric encryption techniques to be valued for electronic commerce.



A biometric system is a real-time identification system which identifies a person measuring a particular physical or behavioural characteristic and later matches it to a library of characteristics belonging to many people. Fingerprint and other biometric devices consist of a reader or scanning device software that converts the scanned information into digital form and wherever the data is to be analyzed, a database that stores the biometric data for comparison with previous records when converting the biometric input, the software identifies specific points or data as match points. The match points are processed using an algorithm into a value that can be compared with biometric data which has been scanned, when a user tries to gain access. These biometric devices can be explained in a three procedure:
1. DATA COLLECTION: a sensor takes an observation and the type of sensor and

its observation depends on the type of biometrics device used. 2. A COMPUTER ALGORITHM: it normalizes biometric fingerprint so that it is in the same format (size, resolution, pixel, etc) as the fingerprint on the systems database. The normalization of the biometric fingerprint gives us a normalized fingerprint of the individual. 3. MATCHING: a match compares the normalized fingerprint with the set (or subset) of normalized fingerprints on the systems database and provides a similarity score that compares the individuals normalized fingerprints with each fingerprint in the database set. What is then done with the similarity scores depends on the biometric systems application which can either be a verification (authentication) system i.e. it involves

confirming or denying a persons claimed identity, or an identification system which establishes the person identity. 2.4


Enrollme nt Tes t Feature Extractor Template Generator

Stored Template Tes t

Preprocessin g


Application Sensor Device

The diagram on right shows a simple block diagram of a biometric system. The main operations a system can perform are enrolment and test. During the enrolment information of an individual are stored, during the test biometric information are detected and compared with the stored ones. The first block (sensor) is the interface between the real world and our system; it has to acquire all the necessary data. Most of the times it is an image acquisition system, but it can change according to the characteristics we want to consider. The second block performs all the necessary pre-processing; it has to remove artefacts from the sensor, to enhance the input (e.g. removing some noise), to use some kind of normalization, etc. In the third block we have to extract the features we need. This is really important: we have to choose which features to extracts and how. Moreover we have to do it with a certain efficiency (it cant take hours!). After that, we can have a vector of numbers or an image with particular properties; all those data are used to create a template. A template is a synthesis of all the characteristics we could extract from the source, it has to be as short as possible (to improve efficiency) but we cant discard too many details, thus loosing discrimination ability. Then the behaviour of the system changes according to what was requested.

Then, if it is performing enrolment, then the template is simply stored somewhere (it can be in on a card or within a database). If it is performing the matching phase, the obtained template is passed to a matcher that compares it with other existing templates, estimating the distance between them using any algorithm (e.g. Hamming distance). The decision that the matcher has taken is sent as output, so that it can be used for any purpose (e.g. it can allow a purchase or the entrance in a restricted area).




This is the most critical characteristics of biometrics identifying verification system. It must have the ability to identify a true user from an impostor. This is very important where the security of information is very high e.g. financial institution, schools or airport (especially in this era of terrorism). The following parameters are used in determining the accuracy of any biometrics system: FALSE ACCEPTANCE RATE (FAR OR FMR) the probability that the system incorrectly matches the input pattern to a non-matching template in the database. It measures the percent of invalid inputs which are incorrectly accepted. FALSE REJECTION RATE OR NON-MATCH RATE (FRR OR FNMR) the probability that the system fails to detects a match between the input pattern and a matching template in the database. It measures the percent of valid inputs which are incorrectly rejected. FAILURE TO ENROLL RATE (FTE OR FER) the rate at which attempts to create a template from an input is unsuccessful. This is most commonly caused by low quality FAILURE TO CAPTURE RATE (FTC) Within automatic systems, the probability that the system fails to detect a biometric input when presented correctly. TEMPLATE CAPACITY the maximum number of sets of data which can be stored in the system In particular, false acceptance rates are what you should be most concerned about - that means when you place your finger on the scanner, someone else is identified.

The following table shows the state of art of some biometric systems:


EER Not available 2% 1%

FAR 1% 2% 2%

FRR 10% 2% 0.1%






The speed at which the data (the physiological or behavioural part of the user taken and compared with the information in the database) is processed and the response given either access accepted or denied. This is also referred to as the throughput. This is the most important characteristic of a biometric system where there is likely to be a queue e.g. a busy airport, restaurant, school entrance etc.

A good identification system must be reliable thats it must be able to continuously provide accurate identification of users.

System acceptability to the people who must use it has been identified as an important factor in biometric identification operations. This is because there are some cultural nuances. For example there are some people who believe that putting hands or any part of their body in the same place where others have passed through could lead to one health problem or the despite the fact that there is scientific basis that support it.

The higher the ability of the system to identify an impostor, the better and the more acceptable the biometric systems would be to the general use of users.


Biometric characteristic is divided into two main classes:

PHYSIOLOGICAL Face Fingerprint Hand Iris DNA

BEHAVIOURAL Keystroke Signature Voice


PHYSIOLOGICAL: are related to the shape of the body. The oldest traits
that have been used for more than 100years are fingerprints; other examples are face recognition, hand geometric and iris recognition.


BEHAVIOURAL: are related to the behaviour of a person. The first

characteristic to be used that is still widely used today is the signature. More modern approaches are the study of keystrokes dynamics and of voice.

Strictly speaking voice is a physiological trait as well because every person has a different pitch, but voice recognition is mainly based on the study of the way a person speaks, that is why it is commonly classified as behavioural. There are many other biometric strategies being developed such as those based on gait (way of walking) retina, hand veins, ear recognition, facial thermo-gram, DNA, odour and palm-print. The human characteristics can be used for biometric in terms of the following parameters:

UNIVERSALITY: describe how commonly a biometric is found in each individual i.e. occur in as many people as possible.


UNIQUENESS: is how well the biometric separate one individual from another i.e. an identical trait wont appear in two people.


PERMANENCE: measures how well a biometrics resist aging i.e. doesnt change over time.


COOLECTIBILITY: explains how easy it is to acquire a biometric for measurement.


PERFORMANCE: indicate the accuracy, speed robustness of the system capturing the biometric.


ACCEPTABILITY: indicate the degree of approval of a technology by the public in everyday life.


USER FRIENDILESS: are easy and comfortable to measure. MEASURABILITY: are measurable with simple technical instruments. CIRCUMVENTION: is how hard it is to fool the authentication system is.

The table below shows a comparison of exiting biometric systems in terms of some parameters. A.K Jain ranks each biometric based on the categories as being, low, medium or high. A ranking indicates poor performance in the evaluation criterion whereas a high ranking indicates a very good performance.


The following are the three functions provided by a biometric system:
1. VERIFICATION: (am I who I claim I am? Or is he the person he claims to be?)

Somebody claims to be a person whose biometric information is already known (e.g. they were stored on a card or in a database). We want to extract new biometric info form of the person and check if those matching with the ones we have. This way we can verify the identity of a person. In other words its 1:1 match verification.
2. IDENTIFICATION: (who am I? or who is he?) we extract biometric info of a

person and we compare them with our database. It is a match more difficult task than verification because we have to compare those info with all the other entries of the database and the result must provide one clear answer. The info we use have to give us the ability to discriminate between so many other people. It is a 1: N match verification, where N is the usually large number of templates in the database.
3. SCREENING: (does he belongs to the watch list?) we want to check if the person

belongs to a group we have chosen. For example we could use it to allow access to a restricted area only to a limited number of people or to check if a wanted person passes though a certain area. It works like identification but the number of people in the database is much smaller. In other words it is a 1: n match verification, where n<N of the previous case. Some authors ignore this identification because screening can be seen as a particular case of identification Verification has been part of the security system for many years. We have been asked for physical items of identification like a licence or passport. We have been asked of things we know to verify our identity, like PIN number or a maiden name. Unfortunately security systems that use physical forms of identification and personal information can easily be fooled. It is the increasing need for more security that has enabled biometric

to evolve to its current state of development. Biometric determine who we are using our distinct physical features. All biometric identification or authentication technologies operate using the procedure of data collection, computer algorithm and matching. And physical biometric devices have three primary components:
1. An automated mechanism that scans and capture a digital or analog image of

living personal characteristics. 2. Another entity handles compression, processing, storage and comparison of the captured data with the stored data. 3. The third interface with application systems; on biometric systems there are various template storage options. The biometric template can reside in a. Biometric device: this is usually the case on small closed systems. b. Database on central computer
c. Plastic cards or token (barcode, stripe, optical, PCMCIA) 5.4


The potential benefits of an integrated biometrics based identification system include improvements in: The cost of administration The integrity of the information Access to information held by organisation. The speed of delivery of services and benefits The accuracy and quality of research and statistical and the level of technical security of communication. In many level countries, information technology is being successful applied to business and administrative function within particular organisations the majority of this access have in common a manageable sizes, a limited geographical spread, a single purpose and

modest and easily defined goals where biometric technology are applied to specific purpose. Some confidence may be felt in the system ability to deliver the intended benefits.


Biometric systems come in many shapes and sizes. This can range from distinct hardware, software to complete systems. All biometric systems have the principles of capture, extraction, comparison and matching in common. Different biometrics measures or traits of human body focus on very different features only thing common among them is that they are considered unique.

5.5.1 EYE
Biometric which analyses the eye are generally thought to offer the highest levels of accuracy. They can be divided in two specific technologies: examination of iris and retina patterns. As internal parts of human eye are very well protected the sight being the most important sensor, the biometric data is also safe and immune to degradation in normal life on the contrary to more external parts like fingerprints. In medical science examination of the eye is used as one indication that could reveal certain illness e.g. the user excessive usage of drugs and alcohol. This is information the user does not necessarily want to reveal to the operator of the scanning device. According to the equipment manufacturers they concentrate into extracting the unique pattern from the eye and not any other information, this ensuring the privacy of user still as the analysis of the eye information is done in software new features can and could be incorporated in the software without notice.



This is a protected internal organ of the eye behind the cornea and the aqueous humour. Visually examined iris is the coloured ring of textured tissue that surrounds the pupil of the eye. Each iris is a unique structure featuring a complex system which is stable and unchanging throughout life. When analysed, the information density of iris patterns is roughly 3.4 bits per square millimetres and complexity has about 266 degrees of freedom.

The iris is closely connected to the human brain and is said to be one of the first parts of the body to decay after death. This makes recreation or use of a dead eye for fraudulent purposes very difficult. Additional tests that can be used against eye replicas can include testing the natural papillary motion and unique refractions to different infrared light sources. Iris computer technology combines computer vision pattern recognition, statistical inference and optics. Its purpose is real-time high confidence recognition of a persons identity by mathematical analysis of the random patterns that are visible within the iris of the eye from some distance. Because the iris is a protected internal organ whose random texture is complex, unique and stable throughout life, it can stand as a kind of living passport or password that one needs not remember but can always present, because the randomness of iris patterns has very high dimensionality. Recognition decisions are made with confidence levels high enough to support rapid and reliable exhaustive searches through national sized database. The algorithms for iris recognition were at Cambridge University by John Daugman. The major application of this technology so far have been substituting for passports (automated international border crossing); aviation security and controlling access to restricted areas at airports; database access and computer login; premise access control; hospital settings including mother infant paring in maternity wards; watch list screening at border crossing and it is under consideration for biometrically enabled national identity cards. Several airports worldwide have installed this algorithm for passenger screening and immigration control in lieu of passport presentation including 5 U.K. airports; Amsterdam, Frankfurt, Athens and 8 Canada airports. One of the largest current deployments of these algorithms is the United Arab Emirates, where everyday about 10 Billion iris comparisons are performed in real-time database searches iris recognition is forecast to play a role in a wide range of other applications in which a persons identity must be established or confirmed. This include electronic commerce, information security, entitlements authorization, building entry automobile ignition, forensic and police application, network access and computer applications, or any other transaction in which personal identification currently relies just on special possessions or secrets (keys, cards, documents, passwords, PINs).

5.5.3 RETINA

The current hurdle for retinal identification is that of user acceptance. Retina identification has several disadvantages including susceptible to disease damage (i.e. cataracts) viewed as intrusive and not very user friendly, high amount of both user and operator skill required, not enough funding from Government and private sectors. However retina identification continues to be one of the best biometric performances on the market with low false reject rates, a nearly zero percent false accept rate. Small data template and quick identify confirmations.

5.5.4 FACE
Face recognition technologies analyse the unique shape, pattern and positioning of facial features. The face is natural biometric because it is a key component in the way, we human recognises and remember each other. Face technology is very complex and largely software based. Artificial intelligence is used to simulate interpretation of faces. The problem with human face is that people do change over time; wrinkles, beard, glasses and position of the head can affect the performance considerably. To increase the accuracy and adapt to these changes some kind of machine learning has to be implemented. There are essentially two methods of capture; using video or thermal imaging. Video is more common as standard video cameras can be used. The precise position and angle of the head and surrounding lighting conditions may affect the system performance. The complete facial Image is usually captured and a number of points on the face can then be mapped, position of the eye, mouth and nostrils as an example, more advance technology make three-dimensional map of the face which multiplies the possible measurements that can be made. Thermal imaging has better accuracy as it uses facial temperature variations caused by vein structures as the distinguishing traits. As the heat pattern is emitted from the face itself without source of external radiation these systems can capture images despite the lighting conditions, even in the dark. The drawback is cost thermal cameras are significantly expensive than standard video. One-toone verification is mainly used to this method. Certain new systems have announced the possibility of one-to- many identification even real-time from live video feed.

An example application of using face biometric could be strict file access control. The video stream from cameras attached to monitor is monitored by program which ensures that the legitimate users face is on the sight all the time when classified information is manipulated on the screen. If the user turns away or goes away from the screen the secret files are hidden from the screen. Unlike other biometric technologies, face recognition is a passive biometric and does not require a person corporation. It can recognise people from a distance without them realising that they are been analysed. It is completely oblivious to differences in appearance as a result of race or gender differences.



Fingerprint scanning is one of the most commercially successful biometric technologies today. It is widely accepted that no fingers have identical points even from the same person or identical twins. Systematic classification of fingerprints started in the 1800s and is developed further trough extensive use in forensic societies. The technology has got fairly positive user response in the enrolled pilot projects while drawbacks and disappointments have occurred trough the years. Taking ones fingerprints is often associated in the way criminals are treated; also the used systems have not always shown even nearly the ideal performance which has been reached in clean and sterile laboratory environment. Traditional finger scanning technique is analysis of small unique marks of the finger image known as minutiae. Minutiae points such as finger image ridges endings or bifurcations, branches made by ridges. The relative position of minutiae is used for comparison and according to empirical studies; two individuals will not have eight or more common minutiae. A typical live-scan fingerprint will contain 30-40 minutiae. Other systems analyse tiny sweet pores on the finger which in the same way as minutiae are uniquely positioned. Finger scanning is not immune to environmental disturbance; as the image is captured when the finger is touching the scanner device. It is possible that dirt condition of the skin, the pressure and alignment of the finger all affect the quality of fingerprint. This has appeared to be a problem with the introduction of the system; users have to wipe and clean their fingers each time before scanning their finger if they did not want to be falsely rejected. To minimized the degradation caused by erroneous user interaction usability and ergonomics have to be taken special care of when capturing the

fingerprint image directly from the fingertip, also known as live-scan .four main techniques are available. 1. Optical image capture typically involves a light source which is refracted through a prism. User place a finger on a glass and the formed image is captured.
2. Tactile or thermal techniques use sophisticated silicon chips sensitive to pressure

or heat to capture the finger image. Thermal image maps also heat pattern details that are below the surface adding the accuracy rejecting artificial finger mark ups.
3. Capacitance silicon sensors measure electrical charges and give an electrical

signal from the areas where the finger ridges are touching the sensor surface. No signal is generated by the valleys. 4. Ultrasound image capture. Fingerprint recognition is an extremely useful biometric technology since fingerprint have long recognised as a primary and accurate identification method. It is as a direct result of this recognition that large fingerprint databases can be found within law enforcement agencies the world ever. Fingerprint technology can be used for both verification (1:1) matching as well as for identification (1:n) matching. Electronic fingerprint matching can be achieved through one of two methodologies. The first uses the ridge endings and bifurcations on a person finger to plot points know as minutiae (minutiae based approach). These minutiae allow for the comparison of two fingerprints to be achieved electronically. The second methodology uses a pattern based approached. This comparison technique (pattern based) is perform in two fundamental blocks. Image enhancement and distortion removal in each instance that a finger is applied to a fingerprint device, the ridge pattern exhibits a different degree of distortion. The key to accurate comparison of the ridge pattern is the ability to ascertain and then remove the relative distortion between the fingerprint template and the candidate fingerprint image in a recent competition. One pattern based technology outperformed almost all other technologies to take top honours.

Voice biometrics examines particularly the sound of the voice. Therefore it has to be distinguished as a technology from the also very much research field of speech

recognition. On the following this few closely related but different terms are examined. SPEECH RECOGNITION: can be defined as a system that recognises words and phrases that are spoken voice identification has been derived from the basic principles of speech recognition. SPEAKER RECOGNITION: focuses on recognizing the speaker, and is accomplished either by speaker verification or speaker identification. SPEAKER VERIFICATION: is a means of accepting or rejecting the claimed identity of a speaker. SPEAKER IDENTIFICATION: is a process of determining which speaker is present based solely on the speakers utterance. The speaker application evaluates the input with models stored in a database to determine the speakers identity. The sound of a human voice is caused by resonance in the vocal tract, the length of the vocal tract. The shape of the mouth and nasal cavities are all important. Sound is measured as affected by these specific characteristics. The technique of measuring the voice may use either text dependent or text independent. On the former, speech templates are made from a number of words or phrases which are trained in the system on the latter, the voice is analysed as syllable, phoneme, and trip hone or more fine grained part at a time so on the recognition phase speaker doesnt have to use specific words. On the most sophisticated systems the factors analysed are dependent only on unique physical characteristics of the vocal tract so if you catch a cold or use different tones of speech does not affect the performance of the system. Evident threat to poor design speaker of recognition verification system is replay attack especially when text dependent methods are used. The only way to get completely around of it is to combine voice recognition to other biometric methods. The text independent method gives much more freedom in the voice analyzing interaction the scene is than more alike a challenge response pair. In application such as phone banking and other man machine interaction which is voice controlled the voice could be constantly monitored and verified to be authorised.


The first use of palm print was by the ancient Assyria Rome and Chinese when signing legal documents. The use of palm print for identification was proposed in the 19th century by British scientist Sir Frasers Galton. And thus he presented a detailed study of a new classification system using of all ten fingers (palm). Subsequently the use of palm print as a means of identification of criminals spread rapidly throughout the Europe, United States, and South Africa etc. Automated palm print identification system (APS) have helped to automate the process of palm print matching. They matched a single palm print against database and find the proper match or all possible individual candidates. Most automated system for palm print comparisons is based on minutiae matching. Minutiae are essential termination and bifurcation of the ridge that constitute the palm print pattern. Automated minutiae detection is an extremely critical process especially on how quality palm print where those and contrast deficiency can originate pixel configuration; similar to minutiae or hide real minutiae several approaches to automatic minutiae extraction have been proposed although rather different on another, most of these method transform palm print image to binary images through an abhor algorithms. The images obtained are submitted to a thinning process which allows the ridges thickness to be reduced to one pixel.

Signature is one of the most methods of asserting ones identity. As we normally use it, the signature is scrutinised as a static trace of pen on the paper. In digital form the static geometry of signature is not enough to ensure the uniqueness of it author. Signature biometric is often refer to as dynamic signature verification (DSV) and look at the way we sign our name. The dynamic nature differentiates it from the study of static signature on paper. Within DSV a number of characteristics can be extracted from the physical signing process. Example of these behavioural characteristics are how the angle of the pen is held, the time taken to sign the velocity and acceleration

of the tip of the pen, number of time the pen is lifted from the paper. Despite that the way we sign is mostly learnt during the years, it is very hard to forge and replicate. Signature data can be captured via a sensitive tablet or pen or both. On some simpler cases of equipment found rather cheap from normal computer stores can be used. A variation on this technique has been developed and is known as acoustic emission. This measures the sound that a pen makes against paper; because of the behavioural nature of Signature, more than one Signature enrol is needed so that the system can build a profile of the signing characteristics. Generally, timing, position and velocity of pen strokes are analysed and used to extract characteristics that are common to multiple signings. Depending on the algorithm used scanned image of signature on existing document can also be analysed. There is significant interest from financial institutions because it has the potential to automate signature verification but they have been slow to adapt because they demand very low false rejection rates.

This type of technology is not a mundane as it sounds. The concept is base of the current password or PIN system; but adds extra dimension of keystroke dynamics. Not only must intruder know the correct password using this technology but, they might also be able to replicate the rate of typing on interval between letters to gain access to the information. It is most likely that even if the authorised person is able to fuss the correct password, they will not be able to type if with the proper rhythms unless they have the ability to heart and memorize the correct users keystroke


Hand geometry recognition measures and analyses the physical attributes of a persons hand. Characteristics measure includes the overall size and shape of the hand, including the length of the fingers and joints and the characteristics of the skin such as creases and ridges. Hand geometry systems are commonly available in two main forms. Full hand geometric system takes an Image of the entire hand for comparison while two finger

readers only image two finger of the hand. Hand recognition technology is currently one of the most deployed biometric disciplines worldwide and is used in over 40% of the worlds Time and Attendance / Access control solutions. Hand geometry system is useful in outdoor environments. Hand recognition templates are also extremely small a characteristic that makes the template very portable. Typical templates sizes are as small as nine bytes.



The following are the current application of the various biometrics systems. IRIS/RETINA APPLICATION Iris identification has been predominately used in high security access control situations. Financial institutions have also explored the means of iris identification technology. In fact, the English bank Nationwide, just recently completed a test pilot of the worlds first automated teller machine equipped with iris identification capabilities. Major applications of this technology so far are: substituting for passports (automated international border crossing) aviation security and controlling access to restricted areas of airports database access and computer login premises access control; hospital settings including mother-infant pairing in maternity wards watch list screening at border crossing It is under consideration for biometrically enabled National identity cards.

This biometric technology has been used extensively throughout the world over the last three to five years in industries like Banking, Gaming, Healthcare, Law enforcement,

Customs and excise and Retail. The technology has proven itself extremely successful and it is the current fastest growing biometric in the world.

Hand geometry has been in used for many years in various applications predominately for access control. It was the largest running biometrics system ever at university of Georgia, where it has been used since 1942 to ensure that students enrolled in its unlimited meal plan dont pass along their cards to friends.

This is been used by the republic of Slovakia which has the highest database print in the world; outland California, police department to measures the ridges of the palm. This technology is suitable for the following under listed applications: PC Access PC Net Access (internet, intranet etc.) Access of rooms (key replacement) Safety of weapons (no access to children and unauthorised person) Mobile phones (network access, theft protection, mobile financial transaction Identity card: student ID, PIN, credit card. Automobile and automation of hotels (check in and room access)

This is used by key ware technologies Woburn and Massachusetts for Belgium department of justice to track those under the house arrest.



Biometric requires the physical presence of the person that is being verified i.e. it controls people. It cannot be misplaced like cards It cannot be forgotten like PIN or password The possibility of writing (password) or keeping (card) near your computer does not arise because it is part of you It cannot be forged or guess like a card or password.



pursuit of high quality identification involves significant technical,


organisational, social, legal and political issues. Many of these are concern about computerization in general and the sharing of data among organisations in particular. Biometric identification relies on technology that is far from proven and major organisational adjustments are needed to cope with it. There are many practical problems involved in complex and largely automated schemes and in coping with exceptions, system outages and claims of database error. The imposition of intrusive identification procedures changes the nature of relationships and transactions between clients and organisations. There is at least a perceived and probably a real increase in the power of organisations over individuals. Biometric, much more than other identification schemes may imperil the sense of individuality. Privacy protection involves resistance to the establishment or consolidation of monolithic information systems. Informational chaos and functional separation amongst agencies have ensured that the individual has not become a servant to the state. Variety, choice, and chaos have also had the effect of insuring the free movement rights and free choice of individuals against errors in the system. Abstract fears (public disquiet over identification schemes) that have been cited include that people will be de-humanized by being reduced to codes: that the system will enhance the power over individuals of particulars organisations and the State; that high- integrity identification embodies an inversion of the appropriate relationship between the citizen and the state that the system is a hostile symbol of authority that

the society is becoming driven by technology assisted bureaucracy rather than by elected government that exemptions and exceptions will exist for powerful individuals and organisations and that the system will entrench fraud and criminality and that such identification schemes are the mechanism foretold in religious prophecy (e.g. the mark of the Beast). There is some evidence that the public may be moving away from traditional notion of privacy and cautiously accepting fraud control and administrative mechanisms; and there may be many factors at work in the apparently greater public acceptance of privacy invasion? Whether public acceptance is real or only apparent a change of attitude may merely await a catalyst.


HISTORY OF FINGERPRINT The first know sample of fingerprint was performed by a European named Jiao de Barros. It was in the 14th century. Ink was used to take the fingerprint of the children in China by the Chinese merchants in the 1890, a Parisian named Alphone Bertillon, he studied the body mechanics and devised methods to capture criminals but his methods failed off. In the 20th century, Kerl Pearson studied about biometrics at the University of London. He made some important discoveries in the field of biometrics. He applied the discoveries to animal evolution. The signature authentication procedures were developed but the biometric field was stagnant at that stage. The military and security agencies researched further and developed beyond the fingerprint. Today fingerprint biometrics is widely used which measures the unique complex swirls on a persons fingertips using fingerprint scanners.



Every system receives input, processes the input parameters and produces an actual output. The main output of this system is to generate a report that list the personal information of a student and the course registered within a semester.


Every system needs input. The following are the attributes that are used as input parameters: Password: this is a set of characters that are supply to have access to the system resources.

Fingerprint: this is the supply of the thumb finger to the system as means to identify and authenticate the user. Personal Registration: this is a screen that allows the student to enter his/her personal data.



The processing stage involves the comparison to the supplied data to verify and authenticate the user and grant access to the database. The verification method used to write this recognition system is binarization. The binarization process was carried out through the RED, GREEN and BLUE (RGB) function in Visual Basic, which allows the pixel to be read in a binary form using colours (red, green and blue). These allow the computer to recognize the colour as each point of the thumbprint image. This was through polarization algorithm. The polarisation algorithm works as thus; some condition are setup, which converts the colour of pixel close to 255 (i.e. the colour are display in binary form of 0 to 255 in the RGB function) to white while the colour of pixels close to their pixel form on the computer. When these is done for all the thumbprint to be verified i.e. the matched and sampled, the comparison comes which compare the two thumbprint using their pixels points and later (after scanning is complete) flashes the result of the scan. The system now announces if the user is verified and granted access or not.







YES SCAN FINGERPRINT Compare fingerprint




If retry is >3




The output file of the program is design as a form with letter head of Lagos state Polytechnic containing the Personal information of student.



The input design is done in such a way that the input files are design taking into consideration. When the input is keyed in, the input form is the document used to record data or information. There are various form used for capturing data: Login Form
Fingerprint Authentication Form Student Registration Form



The database is the backend of the application; the database has the capabilities to store the input data in a tabular format. The following tables are contained in the database biometric table, course registration table, student personal information table. The figure below shows the fields of the tables.
Figure 3.7.1 Biometric Table Field Name Matric_NO FingerPrint bio_id Data Type varchar(50) image int

Figure 3.7.2 Student Personal Information Table Field Name MatricNo Surname Firstname Middlename DOB Sex Department School ClassLevel Picture Mobile Email Address KinName KinAddress KinPhone KinRelationship DateEntered DateUpdated Sno State LGA MStatus Data Type varchar(50) varchar(50) varchar(50) varchar(50) datetime varchar(50) varchar(50) varchar(50) varchar(50) image varchar(50) varchar(50) varchar(50) varchar(50) varchar(50) nvarchar(50) nvarchar(50) datetime datetime int nvarchar(50) nvarchar(50) nvarchar(50)

Figure 3.7.3 Course Registration Table Field Name Data Type

Sno MatricNo CourseTitle CourseCode CourseUnit [Level] Semester

int nvarchar(50) nvarchar(50) nvarchar(50) int nvarchar(50) nvarchar(50)



The process design specifies when and how things are to be done to support the users requirements. The form that is used for processing is the Scan Form. The program is design basically (on assumption) to serve as recognition system for a BIOMETRIC CENTRE. The system consists of centres where the identities of the user are being verified before given access into the student data. The identity verification centre of the system operation as thus, on entering the premises an individual user is requested to enter his/her user name and password, on supply, the user is prompted to supply his/her fingerprint and it samples are compared with the previously stored samples already in the database for verification.


When choosing a programming language, some factors need to be considered. Such factors are: Flexibility Easy to Manipulate The flow and structure of the programming Hardware requirements. However, having considered these sets of factors above Access Control: Biometric system using Microsoft Visual basic 2008 and Microsoft SQL Server were considered as an appropriate language for the development of the project.



System testing is an implementation stage which is aimed at ensuring that the system works accurately and efficiently before actual operation starts. There basically two types of testing:
Dry running of the program upon random data.

Live testing upon live data actually collected. The testing go a long way to improve the integrity of data by implementing routine for detection of errors before the data is submitted for processing.



This project was implemented on a personal computer (PC) of: System unit of Pentium iii Intel Genium MMX

RAM (Random Access Memory) of 128Mb A Hard Disk Drive of at least 10GB A 14 SVGA Monitor A CD-ROM (read Only Memory) drive



The software used for designing this project work is Windows XP, Visual Basic 6.0 Version programming language.


Recent studies has reviewed that there are shortfalls by the use of biometric system which goes a long way of reducing the challenges facing schools today in area of accurately identifying students which is the key to the efficient operation of a school.



The development of a biometric system is highly demanding programming task which requires enough time and access to the internet. A major problem uncounted in the course of this project work was time and finance. Other problems were the inadequacy of materials on biometric implementation and lack of substantial access to the internet.



In this project, the application of biometric is limited to two level verification methods that are; using password and fingerprint system; and due to the above problem encountered, I was unable to get a biometric device that could scan a fingerprint.



As we move into the 21st century, schools are faced with a myriad of problems never encountered in previous decades. Security has become a significant concern. It is now crucial that schools administrators know who is in their school and where the students are at all times. Accurate and audible attendance and reporting is vital in not only securing but also maintaining essential governmental funding. Accurate identification and tracking of students is now crucial in all aspects of the day-today management and administration of our schools.

Biometric finger scanning identification offers a cost effective, reliable easy and efficient way for school administrations to know for certain who is in their schools, where the students are each period of the day and that they receive the services they require and deserves. By utilizing the unique fingerprint of the student for identification, tracking and security, the problems and costs associated with the current expensive or inaccurate methods of identification are avoided. Finger scanning is the missing component that provides the irrefutable accuracy that has long run been needed in our schools.



The following recommendation should be observed for an efficient, secured and uncompromising security system: Security should be made an important issue in an organisation. User name and password should not be compromised. There should always be a backup of every file in the database. Unauthorised personnel should not be allowed to work with the database.
There should always be a routine check up of the system to avoid breakdown.

REFERENCE (2010). Voice recognition Systems, an introduction URL: Recognition. Date Accessed: May 10th 2010 Badger B. (2010) Virtual video Map URL: Date Accessed: May 10th 2010 Biometric Authentication, an introduction (LANG_NAVORIGIN)Authentication biometrics URL: Accessed: May 10th 2010 Beggs .J.(2001) Designing Web Audio, ORielly ISBN1565923537
Bell D. (2000) software Engineering. A programmers Approach. Addison-Wesley

ISBN0201648563 Davison D. (2010). 10 Reason for Trying e-Speaking Software URL: Date: Accessed: May 10th 2010. Eclipse- An open development Platform URL: Date Accessed: May: 10th 2010 England .E (2010) interactive Media-Whats that? Whos involved? URL: media.pdf Date Accessed: May 10th 2010

Fingerprint identification By Salil Prabhakar, Anil Jain

URL: http//biometric//fingerprinted.mht Access May 10th 2010

Gdata, FAQ (2010). Google Data FAQ

URL:http// Date Accessed: May 20th 2010 Information Management journal (2004). The History of Voice Recognition Technology URL:http// Date Accessed: May 15th 2010 IdentiMetric, inc URL: Access: June 20th 2010 Peerce J. (1994) Human Computer Interaction, Addison Wesley ISBN: 0201627698.

Wikipedia URL: http// chip/biometric Access: May 10th 2010