The pressures on today’s system administrators to have secure systems are ever increasing. One area where security can be improved is in authentication. Iris recognition, a biometric, provides one of the most secure methods of authentication and identification thanks to the unique characteristics of the iris. The iris recognition is now becoming a common authentication method in handheld consumer electronics devices, such as cellphones and tablets. The iris being a biometric parameter is a way better than password protection because of its uniqueness for each individual.
General Overview of Iris Recognition System
In today’s information technology world, security for systems is becoming more and more important. The number of systems that have been compromised is ever increasing and authentication plays a major role as a first line of defence against intruders. The three main types of authentication are something you know (such as a password), something you have (such as a card or token), and something you are (biometric).
- Passwords are notorious for being weak and easily crackable due to human nature and our tendency to make passwords easy to remember or writing them down somewhere easily accessible.
- Cards and tokens can be presented by anyone and although the token or card is recognizable, there is no way of knowing if the person presenting the card is the actual owner.
- Biometrics, on the other hand, provides a secure method of authentication and identification, as they are difficult to replicate and steal. If biometrics is used in conjunction with something you know, then this achieves what is known as two-factor authentication. Two-factor authentication is much stronger as it requires both components before a user is able to access anything.
Biometric identification utilizes physiological and behavioral characteristics to authenticate a person’s identity. Some common physical characteristics that may be used for identification include fingerprints, palm prints, hand geometry, retinal patterns and iris recognition.
What is Iris Recognition System?
Iris recognition is the best of breed authentication process available today. In a biometric system a person is identified automatically by processing the unique features that are posed by the individual. Iris Recognition is regarded as the most reliable and accurate biometric identification system available.
Figure 1: Human Eye Parts
Iris recognition is the process of recognizing a person by analyzing the random pattern of the iris. The automated method of iris recognition is relatively young, existing in patent only since 1994.The iris is a muscle within the eye that regulates the size of the pupil, controlling the amount of light that enters the eye. It is the colored portion of the eye with coloring based on the amount of melatonin pigment within the muscle. Iris recognition, like facial recognition, is most often used for security-related applications. Some countries have implemented iris-recognition systems in airports, points of entry or exit, and government buildings. The technology has also been used to prevent unauthorized access of personal computers and mobile devices. A small, portable iris-scanning device is available for consumer use, bypassing the need for cumbersome password entry. Iris recognition applications are also available for the iPhone and other smartphones.
How Iris Recognition Works?
The following sequence applies to both enrollment and recognition:
Capture iris image: The camera acquires an image from the iris, lighting is mostly done with Near Infrared (NIR) light because with NIR there is less noise in the image due to reflections when compared to visible light. Also NIR light does not cause harm or discomfort to the subject.
Finding iris in the image: One of the challenging parts of iris recognition is for the algorithm finding the concentric circular outside boundaries of pupil and iris. Often part of the iris is covered by eyelids or eyelashes, which even more complicates this step.
Convert image: The set of pixels which cover the iris on the image are then transformed into a bit pattern that preserves required information for template comparison but allows faster and statistical meaningful comparison.
When a subject tries to authenticate or identify himself, the generated IrisCode is compared with templates stored in the database. A test of statistical independence determines whether the IrisCode resulting from the scan and a stored IrisCode template are from the same iris.
The Advantage of Iris Recognition
Iris recognition is an attractive technology for identity authentication for several reasons:
- The smallest outlier population of all biometrics: Few people can’t use the technology, as most individuals have at least one eye. In a few instances even blind persons have used iris recognition successfully, as the technology is iris pattern-dependent, not sight dependent.
- Iris pattern and structure exhibit long-term stability.Structural formation in the human iris is fixed from about one year in age and remains constant (barring trauma, certain rare diseases, or possible change from special some ophthalmologic surgical procedures) over time. So, once a individual is enrolled, re-enrollment requirements are infrequent. With other biometric technologies, changes in voice timbre, weight, hairstyle, finger or hand size, cuts or even the effect of manual labor can trigger the need for re-enrollment.
- Versatile for the One to Many, One to One, Wiegand and Token Environments:While initially designed to work in one-to-many search mode, iris recognition works well in 1-1 matching, or verification mode, making the technology ideal for use in multifactor authentication environments where PINs, or tokens like prox or smartcards are used. In a token environment, many privacy issues related to biometric database management are moot, as the user retains control of biometric data – a small template of 512 bytes per iris.
- Safety and Security Measures in Place:Iris recognition involves nothing more than taking a digital picture of the iris pattern (from video), and recreating an encrypted digital template of that pattern. 512-byte iris templates are encrypted and cannot be re-engineered or reconstituted to produce any sort of visual image. Iris recognition therefore affords high level defense against identity theft, a rapidly growing crime. The imaging process involves no lasers or bright lights and authentication is essentially non-contact.
- Convenient, Intuitive User Interface:Using the technology is an almost intuitive experience, requiring relatively little cooperation from subjects. Proximity sensors activate the equipment, which incorporates mirror-assisted alignment functionality. Audio auto-positioning prompts, automated image capture, and visual and audio authentication decision-cueing completes the process.
 Neha Kak, Rishi Gupta and Sanchit Mahajan, “Iris Recognition System”, (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 1, o. 1, 2010
 Penny Khaw, “Iris Recognition Technology for Improved Authentication”, SANS Security Essentials (GSEC) Practical Assignment Version 1.3
 “Iris Recognition Technology”, Advanced Identity Authentication™, available online at: http://www.irisid.com/productssolutions/technology-2/irisrecognitiontechnology/
 “Iris Recognition”, available online at: http://www.biometric-solutions.com/iris-recognition.html