Depending on how a biometric application is deployed it can be classified as:
A biometric application is considered overt if the users are aware that their biometric data is being captured and used. As opposite, the covert systems capture and use the biometric data without consent or knowledge of the user. As example of a overt system can be considered the iris and fingerprint recognition system, where the user cooperation is very important. While using the facial and voice recognition donāt necessary need the user consent and therefore it is possible to develop a covert application using these technologies.
A biometric system that obligates (imposes) the users to provide their biometric data is considered Mandatory. In such applications, if a user refuses to give their biometric data may suffer some punishment. If a biometric system is optional, the user may decide whether to use or not their biometric data for their identification, in this case their identity can be verified in other ways, such as by presentation of a passport or driver's license.
This characteristic refers to for how long the captured biometric data will be used. This is more related to the privacy of the biometric data. When the biometric captured data are used for a long period, it has a more privacy risk that the short period of use.
This category describes the relationship of the user to the system management. Examples of users of public applications include customers. Users of private applications include employees of business or government. Depending on whether the application is public or private, the user attitudes toward biometric devices may vary, which will directly affect the performance of the biometric system.
This category refers to whether the biometrics collected within the system will be shared (open) or remain internal (closed). For example, a fingerprint recognition system used to control the access of the employees to a building and logon to their computer network, may be considered closed if the data aren't shared with other external systems. Other examples are state driver's licenses and entitlement programs. A state may want to communicate with other states or other programs within the same state to eliminate fraud. This would be an open system, in which standard formats of data and compression would be required to exchange and compare information.
This characteristic describes the frequency of users using the system. In habituated systems, the users tend to us the system periodically, whereas in the non-habituated environment users may enter and leave the system sporadically. This category influences the design of the user interface. In non-habituated environments the user interface must be intuitive and simple because the users do not necessary spend much time in the system and therefore may not have incentive to spend much time learning the interface. As examples, the use of fingerprints for computer or network access is a habituated use, while the use of fingerprints on a driver's license, which is updated once every several years, is a non-habituated use.
This categorization describes the setting of the system with respect to the temperature, humidity, and other physical conditions of the environment in which the system is installed. The standard environment system tend to operate in a indoor and more controlled environment whereas the non-standard tend to operate in outdoors or less controlled conditions.
In a user ownership system, the user maintains ownership over his or her biometric information, whereas in other case the public or private institution owns the user biometric data. This characteristic has to do much with privacy of the biometric data. User control over collection, usage, and disposal of biometric information is not possible in every deployment, especially in entitlements programs or other public sector uses.
The biometric data may be stored as a mathematical model (template) or as identifiable by human sample (images, audio, etc). Biometric templates are generally only of value when processed through a vendor algorithm, and cannot be linked with a specific biometric characteristic without dedicated processing. Biometric images are generally identifiable, and can be associated with a specific individual based on visual or aural inspection. As example, in a fingerprint system can be stored the fingerprint image or only the minutiae information.
This category refers to whether the use of the biometric device during operation will be observed and guided by system management. Non-cooperative applications will generally require supervised operation, while cooperative operation may or may not. Nearly all systems supervise the enrollment process.
The following example shows, how a real application can be described using the above characteristics. The Immigration and Naturalization Serviceās Passenger Accelerated Service System (INSPASS) is a biometric system used since 1990 at many airports of USA and Canada, with the aim to reduce the inspection processing time for authorized travelers. The INSPASS system uses the hand geometry biometric for the verification of the travelers. In order to used this system the traveler must obtain a INSPASS card in the enrolment centre before traveling, there the hand geometry template is captured and stored in the card. When the travelers next arrive to the airport, they go directly to the INSPASS terminal which is able to read the INSPASS card and allow the person to key in their flight details. The terminal is connected to a remote computer which checks the validity of the card and the traveler must then place their hand on the hand geometry reader to give a new sample for comparison with the template printed on their INSPASS card. This system can be classified as a overt, optional, fixed duration, public, closed, non-habituated, standard environment, institutional ownership of biometric data, template storage and non-supervised application.