3

Let's say users log into a system using a voice-print. Software can read the input from the microphone, compare it to the stored sample, and tell the user "There is a 97.5% similarity to the voice-print stored on file", granting access depending on how sensitive it is. Due to the imperfections in microphones, air pressure chaos, and limited accuracy vocal-folds, no matter how hard the user tries, he will never be able to match his voice-print stored on file with complete accuracy.

On the other hand, if your security system uses a password string, you are able to require the password to be 100.0% correct, as it is possible for a user to perfectly replicate a password they have entered in the past.

What is the name of this type of "imperfect password", that the user cannot reasonably replicate with 100% accuracy? This would include finger/palm prints, retinal scans, voice-prints, and facial recognition.

mr.spuratic
  • 7,937
  • 25
  • 37
IQAndreas
  • 6,557
  • 8
  • 32
  • 51
  • This is a **terminology** question; ignore the fact that most of the systems listed are more accurate in science fiction and on crime shows than in real life. – IQAndreas Oct 14 '14 at 22:52
  • "biometric" or are you expanding the scope or conceptual layers? – schroeder Oct 14 '14 at 22:57
  • @schroeder Broader. The biometric systems I listed were the only authenticators I could think of that are measured with inaccuracy. I'm unclear of what you mean by the second part of the sentence. – IQAndreas Oct 14 '14 at 22:59
  • @schroeder I suppose measuring time between keystrokes would be an example of something that is measured "imperfectly", but still not considered to be biometric. – IQAndreas Oct 14 '14 at 23:00
  • 1
    "nondeterministic" is likely the place you need to go, but I have not heard of a conceptual term to cover what you're asking. – schroeder Oct 14 '14 at 23:02

2 Answers2

2

Probabilistic or statistical authentication are probably the best fit, the alternative to deterministic authentication. (Though technically, there's a degree of probability involved when password hashes are used, rather than plaintext passwords, let's just ignore that for now.)

Biometric implies a probabilistic system, but the converse is not true, e.g. knowledge-based challenge response, recognition/CAPTCHA or signature/gesture systems.

There a useful PDF paper (thesis) on the topic of biometric probabilistic models here: http://infoscience.epfl.ch/record/111855/files/EPFL_TH3954.pdf

Other related terms used in this context are: non-deterministic, stochastic, biometric hash, qualitative, intra-personal variability.

mr.spuratic
  • 7,937
  • 25
  • 37
1

Depending on metrics such as the false acceptance rate and the false rejection rate of your authentication system, you can set a similarity percentage for which your biometric authentication is acceptable.

Also, I don't think you can speak of passwords regarding voice authentication because it relies on an inherence factor as you can see on Wikipedia.

Lighty
  • 2,368
  • 1
  • 23
  • 36
Akhyl
  • 21
  • 3