# Biometrics (FAR FRR CER) One-sentence definition: Physiological/behavioral factors with measurable error rates for authentication. ## Key Facts - Metrics: **FAR** (false accept), **FRR** (false reject), **CER/EER** (equal error rate). - Template storage (not raw images); protect at rest/in transit. - Liveness detection mitigates spoofing (masks, replays). - Privacy and revocation limits (can’t “change” biometrics easily). - Pair with possession factor for stronger MFA. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Choose lower CER for higher assurance; discuss privacy. **Mnemonic:** “**Error** rates **expose** risk.” ## Mini Scenario Q: High FRR causing lockouts—setting to adjust? A: Relax matching threshold; monitor FAR trade-off. ## Revision Checklist - Define FAR/FRR/CER. - Template vs raw. - Liveness purpose. ## Related [[Authentication Factors and MFA]] · [[Passwordless and FIDO2 WebAuthn]] · [[Identity Proofing and Enrollment]] · [[Risk-Based and Adaptive Authentication]] · [[Privileged Access Management (PAM) and JIT JEA]] · [[Domain 5 - Index]]