The Basics of Biometrics: Key Insights From IDEMIA’s Teresa Wu

By Ozzie Kocak, Senior Manager of Marketing, Security Industry Association on December 4, 2025 | , |

Biometrics is no longer a futuristic concept—it’s a core part of how we authenticate identities, secure access and design user experiences. At a recent session at AcceleRISE led by Teresa Wu, vice president of smart Credentials and access at IDEMIA Public Security, attendees were given a sweeping look at where biometric technology came from, where it is now and where it’s headed.

This blog captures the major themes, lessons and thought-provoking ideas from her talk.

A Brief History: From Mugshots to Machine Learning

Biometrics may feel cutting-edge, but their roots stretch back to 1880, when Alphonse Bertillon of the Paris Police developed a system of standardized photos and body measurements to identify individuals. That early work set the foundation for modern identification, even if the system had limitations that later led to fingerprinting and other advances. 

Fast-forward to 1966, when Woodrow W. Bledsoe created the first facial recognition project for the U.S. government. His semi-automated system relied on humans marking facial landmarks by hand. Bledsoe predicted machines would achieve realistic facial recognition within a few years. Reality took more than four decades, but his insights were accurate: the challenge was computation and algorithms, not the core idea. 

Understanding Biometrics: What It Is and How It Works

In her presentation, Wu broke down biometrics into three main categories:

  • Biological (DNA, blood)
  • Morphological (face, fingerprints, iris, palms, veins, voice, etc.)
  • Behavioral (gait, handwriting, keyboard strokes, swipe patterns)

Any characteristic used for biometrics must meet four criteria:

  1. Universality—most people must have it
  2. Distinctiveness—it must differentiate individuals
  3. Permanence—it must be relatively stable over time
  4. Collectability—it must be possible to measure reliably

Critically, Wu emphasized that biometrics are about individualization, not uniqueness. The goal is to distinguish you from everyone else with high confidence.

The Three-Step Biometric Process

Every biometric system—from smartphone unlock to border control—follows the same workflow:

  1. Capture—collecting the image, pattern or signal
  2. Extraction—turning that data into features
  3. Matching—comparing features to a stored template

These steps form the backbone of all biometric solutions. How well they are designed determines accuracy, speed and security.

Biometrics and MFA: A Layer, Not a Silver Bullet

While biometrics is a powerful factor in multifactor authentication (MFA), something you are, Wu reminded the audience that no single technology is perfect. Systems rely on layered security:

  • What you know
  • What you have
  • What you are

Biometrics enhance MFA but do not replace good security hygiene. Systems remain only as strong as their weakest links. 

The Accuracy Equation: Why Context Matters

One of the most valuable takeaways from the session was Wu’s emphasis on understanding accuracy metrics correctly. Key metrics include:

  • FAR: False Accept Rate
  • FRR: False Reject Rate
  • FMR/FNMR: Matching errors
  • FTA: Failure to Acquire
  • EER: Equal Error Rate—where false-match and false-nonmatch curves intersect

But these numbers mean nothing without context. A false accept could be catastrophic in access control, whereas a false reject merely causes user frustration. In every deployment, the “right” accuracy depends on risk tolerance and use case.

Turning Points in the Evolution of Biometrics

Teresa highlighted two pivotal events that accelerated modern biometrics:

  • 9/11: The National Institute of Standards and Technology (NIST) began rigorously testing biometric technologies, and the United States invested heavily in identity verification systems. It took 20 years for “biometric exit” processes at borders to fully materialize, but 9/11 changed the industry’s trajectory. 
  • The 2013 Boston Marathon Bombing: Despite abundant cell phone footage following the Boston Marathon bombing in 2013, analysts had no automated way to process it. Human review and a witness identification were required before algorithms became useful. That moment revealed the limitations of existing tech and kickstarted a surge of innovation in facial recognition and biometric algorithms. 

The Algorithmic Bias Challenge

Public concern around algorithmic bias is high and warranted. Bias can:

  • Amplify existing systemic inequalities
  • Create burdens for individuals misidentified
  • Cause false matches or denial of service

Wu offered a six-pillar framework for addressing bias:

  1. Transparency—independent validation (e.g., NIST reports)
  2. Accuracy—demonstrable improvement over time
  3. Experience—understanding deployment environments
  4. Ethics—training data that is equitable and responsibly sourced
  5. Security—strong data protection
  6. Robustness – usability and accessibility for real-world, diverse populations

Her message was clear: perfect fairness may not be achievable, but striving for it is essential for both system performance and public trust.

AI Is Accelerating Biometrics and the Threat Landscape

AI and generative models have dramatically improved the accuracy and speed of facial recognition in just the last three years. But with that acceleration comes increased spoofing and emerging threats.

Security remains a “cat and mouse” game. Organizations must anticipate new methods of attack and continuously verify that algorithms remain resilient. 

Human Factors: UX vs. Accessibility

A subtle but powerful takeaway was Teresa’s distinction between:

  • UX (experience) —ease and flow of using the system
  • Accessibility—ensuring inclusion for all people

A biometric system can be beautifully designed yet still fail large populations if accessibility isn’t prioritized. Universality, which is a foundational biometric principle, demands both.

Final Thoughts

The world of biometrics is evolving at breakneck speed. AI is accelerating accuracy, threats are becoming more sophisticated and public expectations around fairness and transparency are rising. As Wu reminded the audience:

“You want to make sure it works for all people at all times.”

That challenge is massive but achievable with intentional design, ethical rigor and ongoing collaboration across industry stakeholders.