About False Rejections
Biometrics identification is not a binary comparison like a PIN verification. It is a process to assess the probability that current claimant biometric data stems from the same individual and trait as previously collected reference biometric data. This process has inevitable error rates that are counterdependent. The False Acceptance Rate (FAR) indicates the probability that an impostor is granted access by mistake to the system while the False Rejection Rate (FRR) indicates the probability that a legitimate user is not recognized as such and rejected from access. Normally, the system can be configured more strictly or more relaxed depending on whether security or convenience is prioritized.
On an abstract level, false rejects are not limited to biometrics. When the PIN entered on a small touch screen is incorrect or a contactless card is not recognized by a physical access control terminal, the user intuitively does the right thing: enters the PIN again or places the card again. False rejects in other systems, however, are considered operation errors by the user. Placing the finger once again more: thoroughly, slow, flat and in the right orientation - often helps.
Even with a high quality sensor, false rejections cannot be completely avoided. The following guidelines should be considered when integrating fingerprint authentication into a product to enable a good user experience:
- high quality sensor and algorithm
- configuration balanced in line with the security policy of the application
- large area sensor with some buffer for unwanted environmental influences/positioning
- good ergonomic design
- stable enrollment process and instructions or training
- fall-back access system for temporary and permanent disabilities
- feed-back mechanism guiding user behavior