Clipping Levels
Clipping levels are typically used in the context of auditing and monitoring. When it comes to biometric systems, we use the term sensitivity or threshold.
Have you ever tried to log in to your workplace 300 times at 4 a.m.? Most people have not, and that’s where clipping levels come in. Clipping levels are a way to allow users to make an occasional mistake. A clipping level is a threshold for normal mistakes a user may commit before investigation or notification begins.
An understanding of the term clipping level is essential for mastery of the CISSP exam. A clipping level establishes a baseline violation count to ignore normal user errors.
The clipping level allows the user to make an occasional mistake, but if the established level is exceeded, violations are recorded or some type of response occurs. Look no further than your domain controller to see a good example of how clipping levels work.
FAR, FRR, and EER/CER
The equal error rate (EER) is equivalent to the crossover error rate (CER). We can only adjust the sensitivity or threshold of a biometric reader/system to change the false acceptance rate (FAR) and false rejection rate (FRR). The curve of FAR and FRR are not changeable or shiftable; so does the EER.
A lower CER or EER means a biometric system has better performance. Replacing a better model is the only way to change EER/CER; altering or even optimizing sensitivity or threshold doesn’t change EER/CER. The following figure shows the crossover error rate (CER) for two biometric systems.