Encryption is a mathematical process that helps to disguise the information contained
in messages that is either transmitted or stored in a database. There are three
main factors that determine the security of any crypto system; the complexity of
the mathematical process or algorithm, the length of the encryption key used to
disguise the message and safe storage of the key known as key management.
The length of the encryption key used to disguise the message is the next important
part of the encryption process. The shorter the encryption key length, more vulnerable
is the data to a "brute force" attack. Biometric encryption makes standard
character encryption obsolete by replacing or supplementing the normal key characters
with a personal identifier of the user for which there can only be one perfect match.
Without this biometric key the information is inaccessible.
Biometric encryption systems allow the user to transport the access key around without
making them vulnerable to loss or theft.
There are two broad categories of encryption systems; single key/double key (symmetric)
systems and two key (asymmetric) systems. Symmetric systems utilize similar keys
for both the sender and receiver for the purpose of coding and decoding data. In
1972, IBM developed DES (Data Encryption Standard) which was adopted worldwide by
1977 as the most common single key system in the banking and financial sectors.
The process of transmitting this type of key over such networks as the Internet
is one of the major failures of symmetric encryption. Electronic commerce requires
that transactions be conducted over open networks instead of dedicated networks
and symmetric key systems do not offer a high level of security for such transmissions.
This is why public key systems have been developed. These two key systems use a
public key to encrypt the data and a private key to decrypt the data. The asymmetric
key system allows better encryption than symmetric key systems, however certification
of the recipient of messages becomes an issue, which causes a hierarchy of certification
to be developed resulting in a much slower processing time. Biometrics can aid in
this process due to the inherent nature of using a physical trait of the desired
recipient to decipher the message. It is this issue that has caused biometric techniques
to be valued for electronic commerce.