Bioauthentication reaches new levels with retinal scans

Credit: Paola Mathus/ Credit: Paola Mathus/

What do the James Bond series, the Star Trek franchise, and even movies like Minority Report all have in common? They all show biometric authentication.

Biometric authentication is a method of security that is used to verify an authorized user’s identity using their physical features, such as thumb prints, retinal images, iris patterns and voice and speech patterns.

It is a commonly known fact that every human has unique fingerprints and handprints. However, people can also be uniquely identified based on the patterns of their retina, which is not be confused with iris-recognition.

Iris-recognition to uses pictures of the patterns in the colored regions of the eye called the iris, while retinal patterns are basically the patterns of the blood vessels in the retina.

Since these blood vessels absorb light much better than the surrounding cells, they can be identified by measuring the light reflected back after appropriately shining light on the retina.

The procedure consists of shining a low-energy infrared light into the person’s eye and interpreting the received light as a digitized pattern. Then, the digitized pattern is compared to a patterns stored in the database to identify the person.

However, measurement accuracy can be affected by astigmatism, cataracts and glaucoma.

Compared to fingerprint scanning, retinal patterns can change, even if they don’t change as often. In addition, retinal patterns cannot be altered intentionally, unlike fingerprints, which can be messed around with by burns, cuts, wounds, and sometimes even body lotion.

Retinal patterns differ in identical twins, much like fingerprints. Since neither of these characteristics are genetically determined, even identical twins who share their genetic make-up won’t break the retinal scanner.

Retinal scans are believed to be the second most secure biometric authentication method after DNA testing. As reported by the National Center for State Courts, they have a reported failure rate of one in 10 million.

Despite their high accuracy rates, retinal scanners aren’t used very widely and are relatively obscure. This is due to the fact that the retinal scanning equipment is often very sophisticated and expensive, costing anywhere from $200 to $4000.

Furthermore, retinal scans often feel ‘invasive’ to people. One reason for this could be because the preliminary scan to add someone to a database can take a long time due to the multiple images that need to be taken. Also, depending on the sophistication of the system, the retinal scan confirmation could take varying times.

A common trope, as shown in movies, to beat retinal scanners is to remove a person’s eyeball and then use that to gain unauthorized access.

However, physiologically speaking, an eyeball, when removed from its socket and from the human body, immediately changes shape.

If the shape of the eyeball changes, then the retinal patterns also change. Therefore, actually removing the eyeball from someone’s socket is not the best way to bypass a retinal scan based security system.

A better way would be to take a picture of their retina, and then replicate the retina in a suitable model to bypass the biometric security system.

Retinal scan authentication systems are currently used by several government agencies, such as the FBI, CIA, and NASA.

With enough funding and preparation, retinal scanners can become the norm for security systems, helping to make our homes and work places more secure.