bio metrics based authentication systems
TRANSCRIPT
-
8/4/2019 Bio Metrics Based Authentication Systems
1/36
INTRODUCTION
Reliable user authentication is becoming an increasingly important task in the
Web-enabled world. The consequences of an insecure authentication system in a
corporate or enterprise environment can be catastrophic, and may include loss of
confidential information, denial of service, and compromised data integrity. The value of
reliable user authentication is not limited to just computer or network access. Many other
applications in everyday life also require user authentication, such as banking, e-
commerce, and physical access control to computer resources, and could benefit from
enhanced security.
The prevailing techniques of user authentication, which involve the use of either
passwords and user IDs (identifiers), or identification cards and PINs (personal
identification numbers), suffer from several limitations. Passwords and PINs can be
illicitly acquired by direct covert observation. Once an intruder acquires the user ID and
the password, the intruder has total access to the users resources. In addition, there is no
way to positively link the usage of the system or service to the actual user, that is, there is
no protection against repudiation by the user ID owner. For example, when a user ID and
password is shared with a colleague there is no way for the system to know who the
actual user is. A similar situation arises when a transaction involving a credit cardnumber is conducted on the Web. Even though the data are sent over the Web using
secure encryption methods, current systems are not capable of assuring that the rightful
owner of the credit card initiated the transaction. In the modern distributed systems
environment, the traditional authentication policy based on a simple combination of user
ID and password has become inadequate. Fortunately, automated biometrics in general,
and fingerprint technology in particular, can provide a much more accurate and reliable
user authentication method. Biometrics is a rapidly advancing field that is concerned with
identifying a person based on his or her physiological or behavioral characteristics.
Examples of automated biometrics include fingerprint, face, iris, and speech recognition.
User authentication methods can be broadly classified into three categories as shown in
Table 1.1. Because a biometric property is an intrinsic property
1
-
8/4/2019 Bio Metrics Based Authentication Systems
2/36
Method Examples Properties
What you know? User ID
PasswordPIN
Shared
Many passwords easy to guessForgotten
What you have? Cards
Badges
Keys
Shared
Can be duplicated
Lost or stolen
What you know and what you
have?
ATM card + PIN Shared
PIN a weak link(Writing the PIN on the card)
Something unique about the user FingerprintFace
Iris
Voice print
Not possible to shareRepudiation unlikely
Forging difficult
Cannot be lost or stolen
Table 1.1 Existing User Authentication Techniques
of an individual, it is difficult to surreptitiously duplicate and nearly impossible to share.
Additionally, a biometric property of an individual can be lost only in case of serious
accident.
Biometric readings, which range from several hundred bytes to over a megabyte,
have the advantage that their information content is usually higher than that of a
password or a pass phrase. Simply extending the length of passwords to get equivalent bit
strength presents significant usability problems. It is nearly impossible to remember a 2K
phrase, and it would take an annoyingly long time to type such a phrase (especially
without errors). Fortunately, automated biometrics can provide the security advantages
of long passwords while retaining the speed and characteristic simplicity of short
passwords.
Even though automated biometrics can help alleviate the problems associated
with the existing methods of user authentication, hackers will still find there are weak
points in the system, vulnerable to attack. Password systems are prone to brute force
dictionary attacks. Biometric systems, on the other hand, require substantially more effort
for mounting such an attack. Yet there are several new types of attacks possible in the
biometrics domain. This may not apply if biometrics is used as a supervised
2
-
8/4/2019 Bio Metrics Based Authentication Systems
3/36
authentication tool. But in remote, unattended applications, such as Web-based e-
commerce applications, hackers may have the opportunity and enough time to make
several attempts, or even physically violate the integrity of a remote client, before
detection.
A problem with biometric authentication systems arises when the data associated
with a biometric feature has been compromised. For authentication systems based on
physical tokens such as keys and badges, a compromised token can be easily canceled
and the user can be assigned a new token. Similarly, user IDs and passwords can be
changed as often as required. Yet, the user only has a limited number of biometric
features (one face, ten fingers, two eyes). If the biometric data are compromised, the user
may quickly run out of biometric features to be used for authentication.
3
-
8/4/2019 Bio Metrics Based Authentication Systems
4/36
What is Biometrics?
Biometric technologies are defined as automated methods of identifying or
authenticating the identity of a living person based on unique physiological or behavioral
characteristics. Biometrics can provide very secure and convenient authentication for an
individual since they cannot be stolen or forgotten and are very difficult to forge.
A physiological characteristic is a relatively stable physical characteristic, such as
an individuals fingerprint, hand geometry, iris pattern, or blood vessel pattern on
the back of the eye. This type of biometric measurement is usually unchanging
and unalterable without significant duress to the individual.
A behavioral characteristic is more a reflection of an individuals psychological
makeup. A signature is the most common behavioral biometric used for
identification. Because most behavioral characteristics vary over time, an
identification system using these must allow updates to enrolled biometric
references.
4
-
8/4/2019 Bio Metrics Based Authentication Systems
5/36
Biometric System Components and Process
3.1 Components
Three major components are usually present in a biometric system:
A mechanism to scan and capture a digital or analog image of a living persons
biometric characteristic.
Software for storing, processing and comparing the image.
An interface with the applications system that will use the result to confirm an
individuals identity.
3.2 Process
Two different stages are involved in the biometric system process
Enrollment and Verification.
3.2.1 Enrollment.
As shown in Figure 3.1, the biometric image of the individual is captured during
the enrollment process (e.g., using a sensor for fingerprint, microphone for voice
verification, camera for face recognition, scanner for eye scan). The unique
characteristics are then extracted from the biometric image to create the users biometric
template. This biometric template is stored in a database or on a machine-readable ID
card for later use during an identity verification process.
Figure 3.1 Schematic of an Enrollment Process
5
-
8/4/2019 Bio Metrics Based Authentication Systems
6/36
3.2.2 Verification.
Figure 3.2 illustrates the identity verification process. The biometric image is
again captured. The unique characteristics are extracted from the biometric image to
create the users live biometric template. This new template is then compared with the
template previously stored and a numeric matching score is generated, based on the
percentage of duplication between the live and stored template. System designers
determine the threshold value for this identity verification score based upon the security
requirements of the system.
Figure 3.2 Schematic of a verification process
Secure identification systems use biometrics for two basic purposes: to
identify or authenticate individuals.
Identification (1-to-many comparison) verifies if the individual exists within a known
population. Identification confirms that the individual is not enrolled with another
6
-
8/4/2019 Bio Metrics Based Authentication Systems
7/36
identity and is not on a predetermined list of prohibited persons. Identification will
typically need a secured database containing a list of all applying individuals and their
biometrics. The biometric for the individual being considered for enrollment would be
compared against all stored biometrics. For many applications, an identification process
is used only at the time of enrollment to verify that the individual is not already enrolled.
Authentication (1-to-1 comparison) confirms that the credential belongs to the individual
presenting it. In this case, the device that performs the authentication must have access
only to the individuals enrolled biometric template, which may be stored locally or
centrally.
3.3 Biometric Accuracy
A key factor in the selection of the appropriate biometric technology is its
accuracy. Biometric accuracy is the systems ability of separating legitimate matches
from imposters. When the live biometric template is compared to the stored biometric
template, a matching score is used to confirm or deny the identity of the user. System
designers set this numeric score to accommodate the desired level of accuracy for the
system, as measured by the False Acceptance Rate (FAR) and False Rejection Rate
(FRR).
False Rejection Rate (FRR) refers to the statistical probability that the biometric
system is not able to verify the legitimate claimed identity of an enrolled person, or fails
to identify an enrolled person.
False Acceptance Rate (FAR) refers to the statistical probability of False Acceptance
or incorrect verification. In the most common context, both False Rejection and FalseAcceptance represent a security hazard.
7
-
8/4/2019 Bio Metrics Based Authentication Systems
8/36
Figure3.3 Error trade-off in a biometric system
If a mismatching pair of fingerprints is accepted as a match, it is called a false
accept. On the other hand, if a matching pair of fingerprints is rejected by the system, it is
called a false reject. The error rates are a function of the threshold as shown in Figure 3.3.
Often the interplay between the two errors is presented by plotting FAR against FRR with
the decision threshold as the free variable. This plot is called the ROC (Receiver
Operating Characteristic) curve. The two errors are complementary in the sense that if
one makes an effort to lower one of the errors by varying the threshold, the other error
rate automatically increases. In a biometric authentication system, the relative falseaccept and false reject rates can be set by choosing a particular operating point (i.e., a
detection threshold). Very low (close to zero) error rates for both errors (FAR and FRR)
at the same time are not possible. By setting a high threshold, the FAR error can be close
to zero, and similarly by setting a significantly low threshold, the FRR rate can be close
to zero. A meaningful operating point for the threshold is decided based on the
application requirements, and the FAR versus FRR error rates at that operating point may
be quite different. To provide high security, biometric systems operate at a low FAR
instead of the commonly recommended equal error rate (EER) operating point where
FAR=FRR.
8
-
8/4/2019 Bio Metrics Based Authentication Systems
9/36
Selecting A Biometric Technology
The selection of the appropriate biometric technology will depend on a number of
application-specific factors, including the environment in which the identity verification
process is carried out, the user profile, requirements for verification accuracy and
throughput, the overall system cost and capabilities, and cultural issues that could affect
user acceptance. Table 4.1 shows a comparison of different biometric technologies, with
their performance rated against several metrics.
Characteri
stics
Finger-
print
Hand
Geometry
Retina Iris Face Signature Voice
Ease of
Use
High High Low Mediu
m
Medium High High
Error
Incidence
Dryness,
dirt, age
Hand
Injury,age
Glasses Lightin
g
Lighting,
age,lasses,
hair
Changing
Signatures
Noise,
colds
Accuracy High High Very
High
Very
High
High High High
User
Acceptanc
e
Medium Medium Medium Mediu
m
Medium High High
Long
Term
Stability
High Medium High High Medium Medium Medium
Table 4.1 Comparisons of Biometric Technologies
9
-
8/4/2019 Bio Metrics Based Authentication Systems
10/36
Fingerprint Authentication
Fingerprints are a distinctive feature and remain invariant over the lifetime of a
subject, except for cuts and bruises. As the first step in the authentication process, a
fingerprint impression is acquired, typically using an inkless scanner. Several such
scanning technologies are available. Figure 5A shows a fingerprint obtained with a
scanner using an optical sensor. A typical scanner digitizes the fingerprint impression at
500 dots per inch (dpi) with 256 gray levels per pixel. The digital image of the fingerprint
includes several unique features in terms of ridge bifurcations and ridge endings,
collectively referred to as minutiae.
Figure 5.1 Fingerprint recognition; (A) Input Image, (B) Features
The next step is to locate these features in the fingerprint image, as shown in
Figure 5B, using an automatic feature extraction algorithm. Each feature is commonly
represented by its location (x,y) and the ridge direction at that location (). However, due
to sensor noise and other variability in the imaging process, the feature extraction stage
10
-
8/4/2019 Bio Metrics Based Authentication Systems
11/36
may miss some minutiae and may generate spurious minutiae. Further, due to the
elasticity of the human skin, the relationship between minutiae may be randomly
distorted from one impression to the next. In the final stage, the matcher subsystem
attempts to arrive at a degree of similarity between the two sets of features after
compensating for the rotation, translation, and scale. This similarity is often expressed as
a score. Based on this score, a final decision of match or no-match is made. A decision
threshold is first selected. If the score is below the threshold, the fingerprints are
determined not to match; if the score is above the threshold, a correct match is declared.
Often the score is simply a count of the number of the minutiae that are in
correspondence. In a number of countries, 12 to 16 correspondences (performed by a
human expert) are considered legally binding evidence of identity.
The operational issues in an automated fingerprint identification system (AFIS)
are somewhat different from those in a more traditional password-based system. First,
there is a system performance issue known as the fail to enroll rate to be considered.
Some people have very faint fingerprints, or no fingers at all, which makes the system
unusable for them. A related issue is a Reject option in the system based on input
image quality. A poor quality input is not accepted by the system during enrollment and
authentication. Note that non-cooperative users, improper usage, dirt on the finger can
cause poor quality inputs, or bad input scanners. This has no analog in a password
system. Then there is the fact that in a biometric system the matching decision is not
clear-cut. A password system always provides a correct responseif the passwords
match, it grants access but otherwise refuses access. However, in a biometric system, the
overall accuracy depends on the quality of input and enrollment data along with the basic
characteristics of the underlying feature extraction and matching algorithm.
11
-
8/4/2019 Bio Metrics Based Authentication Systems
12/36
5.1 FEATURES OF A FINGERPRINT
A fingerprint is composed of valley and ridge lines. They follow a pattern. The
general shape of this pattern may be classified according to 5 classes. The second set of
features of a fingerprint are cores and deltas. The core is located by a square while the
delta is located by a triangle as shown in figure 5.2.
Figure 5.2 shows core by squares and delta by a triangle
The AFIS allows a classification using more than one criteria versus a search
based only on a single fingerprint pattern, reducing the number of fingerprints inspected.
The pattern classification divides all fingerprint templates into five sets. Interestingly, the
distribution of fingerprints in these 5 classes is not homogeneous among all people:
Left loop class represents 34% of the total
number of fingerprints
Right loop class represents 31% of the total
number of fingerprints
Whorl class represents 27 % of the total number
of fingerprints
Arch class represents 4% of the total number
of fingerprints
12
-
8/4/2019 Bio Metrics Based Authentication Systems
13/36
Figure 5.3 Fingers can then be sorted in the pattern classifications after computing the
core and the delta:
Tented arch class represents 3% of the total
number of fingerprints
Less than 1% for unusable fingerprints (scar,
illness of the skin, etc)
5.2 HOW DOES FINGERPRINT IDENTIFICATION WORK?
The first step in fingerprint identification is collecting the fingerprint, named
enrollment. In this step, the applicant acquires the reference fingerprint for later
authentication. The reference fingerprint is called the template of the fingerprint.
Most often in order to ensure that a good template is obtained, the fingerprint needs to be
captured more than once. Twice is most common but at times an additional capture may
be requested. After the capture of the template, it can be stored in a database, on a token
with 2D barcode, or in a smart card.
At this point, the applicant is registered and the next stage is to compare the
fingerprint with the template to the fingerprint read by the sensor. After reading the
fingerprint, the authentication system extracts the minutiae in the same way as it did
during the enrollment process. Since the fingerprint is never captured in the same
13
-
8/4/2019 Bio Metrics Based Authentication Systems
14/36
position, the verification algorithm must perform rotation and translation of the captured
fingerprint in order to adjust the fingerprint minutiae with the template minutiae.
The matching process calculates a score of the probability of a successful
fingerprint read. Once every minutia is processed, a total score is computed and
compared to a threshold score, which leads to the decision of a fingerprint hit or no
hit.
5.3 Components Of a Fingerprint System
There are two ways a matching algorithm can be implemented, using either
identification matching or authentication matching. In identification matching, one
fingerprint is compared to many fingerprints using an Automated Fingerprint
Identification System (AFIS) that is comprised of several computers and a database
storage system. In authentication matching, where there is a one to one fingerprint
comparison, there needs to be only one fingerprint terminal and a token loaded that
contains the fingerprint template. The matching could be done on token, in the terminal
or in both the terminal and token.
5.3.1 The Sensors
Electronic fingerprint sensors are manufactured in different ways using
capacitive, optical, thermal, or pressure sensitive (resistive) technology. These different
types of sensors are able to produce an image of the fingerprint when the ridge is darkerthan the valley. The most common sensors currently on the market are capacitive and
optical sensors. Optical sensors provide the best image quality but are expensive and can
be fooled by some fake fingers. Sensors based on capacitive technology provide a
balance of image quality and cost although, some fake fingers can also fool this
14
-
8/4/2019 Bio Metrics Based Authentication Systems
15/36
technology. However, the most common fake fingers made of silicon cannot fool a
capacitive sensor because the fake finger does not possess electrical properties.
Figure 5.4 Components of a fingerprint system
15
-
8/4/2019 Bio Metrics Based Authentication Systems
16/36
Iris Authentication
Iris recognition leverages the unique features of the human iris to provide an
unmatched identification technology. So accurate are the algorithms used in iris
recognition that the entire planet could be enrolled in an iris database with only a small
chance of false acceptance or false rejection. The technology also addresses the FTE
(Failure To Enroll) problems, which lessen the effectiveness of other biometrics. The
tremendous accuracy of iris recognition allows it, in many ways, to stand apart from other
biometric technologies. All iris recognition technology is based on research and patents
held by Dr. John Daugman.
6.1 The Iris
Iris recognition is based on visible (via regular and/or infrared light) qualities of
the iris. A primary visible characteristic is the trabecular meshwork (permanently formed
by the 8th month of gestation), a tissue that gives the appearance of dividing the iris in a
radial fashion. Other visible characteristics include rings, furrows, freckles, and the
corona, to cite only the more familiar. Expressed simply, iris recognition technology
converts these visible characteristics into a 512 byte IrisCode(tm), a template stored for
future verification attempts. 512 bytes is a fairly compact size for a biometric template,
but the quantity of information derived from the iris is massive. From the iris' 11mm
diameter, Dr. Daugman's algorithms provide 3.4 bits of data per square mm. This density
of information is such that each iris can be said to have 266 unique "spots", as opposed to
13-60 for traditional biometric technologies. This '266' measurement is cited in all iris
recognition literature; after allowing for the algorithm's correlative functions and for
characteristics inherent to most human eyes, Dr. Daugman concludes that 173
"independent binary degrees-of-freedom" can be extracted from his algorithm an
exceptionally large number for a biometric.
16
-
8/4/2019 Bio Metrics Based Authentication Systems
17/36
6.2 The Algorithm
The first step is location of the iris by a dedicated camera no more than 3 feet
from the eye. After the camera situates the eye, the algorithm narrows in from the rightand left of the iris to locate its outer edge. This horizontal approach accounts for
obstruction caused by the eyelids. It simultaneously locates the inner edge of the iris (at
the pupil), excluding the lower 90 degrees because of inherent moisture and lighting
issues.
The monochrome camera uses both visible and infrared light, the latter of which
is located in the 700-900 nm range (this is in the lower range of IR; the American
Academy of Ophthalmology uses similar ranges in their studies of macular cysts). Upon
location of the iris, as seen above, an algorithm uses 2-D Gabor wavelets to filter and
map segments of the iris into hundreds of vectors (known here as phasors).
Understanding in detail the 2-D Gabor phasor encoders requires a degree in advanced
mathematics, but they can be summarized as follows. The wavelets of various sizes
assign values drawn from the orientation and spatial frequency of select areas, bluntly
referred to as the "what" of the sub-image, along with the position of these areas, bluntly
referred to as the "where." The "what" and "where" are used to form the IrisCode. Not the
entire iris is used: a portion of the top, as well as 45 degree of the bottom, is unused to
account for eyelids and camera-light reflections (see below). Essential to the
understanding of the technology is that it provides exceptional detail, well beyond what
any pictorial or point-based representation could provide (some filters actually span as
much as 70degree of the iris). Remember also that for future identification, the database
will not be comparing images of irises, but rather hexadecimal representations of data
returned by wavelet filtering and mapping.
17
-
8/4/2019 Bio Metrics Based Authentication Systems
18/36
6.3 Accuracy
The Iris Code constructed from these complex measurements provides such a
tremendous wealth of data that iris recognition offers levels of accuracy orders of
magnitude higher than other biometrics. Some statistical representations of the accuracy
follow:
The odds of two different irises returning a 75% match (i.e. having a Hamming
Distance of 0.25): 1 in 1016
Equal Error Rate (the point at which the likelihood of a false accept and false
reject are the same): 1 in 1.2 million
The odds of 2 different irises returning identical Iris Codes: 1 in 1052
Other numerical derivations demonstrate the unique robustness of these
algorithms. A person's right and left eyes have a statistically insignificant increase in
similarity: 0.00048 on a 0.5 mean. This serves to demonstrate the hypothesis that iris
shape and characteristics are phenotypic - not entirely determined by genetic structure.
The algorithm can also account for occlusion (blocking) of the iris: even if 2/3 of the iris
were completely obscured, accurate measure of the remaining third would result in an
equal error rate of 1 in 100,000.
Iris recognition can also account for those ongoing changes to the eye and iris,
which are defining aspects of living tissue. The pupil's expansion and contraction, a
constant process separate from its response to light, skews and stretches the iris. The
algorithm accounts for such alteration after having located the boundaries of the iris. Dr.
Daugman draws the analogy to a "homogenous rubber sheet" which, despite its
distortion, retains certain consistent qualities. Regardless of the size of the iris at any
given time, the algorithm draws on the same amount of data, and its resultant IrisCode isstored as a 512-byte template. A question asked of all biometrics is their ability to
determine fraudulent samples. Iris recognition can account for this in several ways: the
detection of papillary (pupil) changes; reflections from the cornea; detection of contact
lenses atop the cornea; and use of infrared illumination to determine the state of the
sample eye tissue.
18
-
8/4/2019 Bio Metrics Based Authentication Systems
19/36
6.4 An example-Verieye
Neurotechnologia, Ltd. offers VeriEye, the system for person identification using
the eye iris image taken by a video camera. VeriEye implements new eye iris recognition
technology and are based on our original method of feature set definition. VeriEye isavailable in the form of software development kit (SDK), and can be easily integrated
into a customer's access control or identification/verification system.
6.4.1 VeriEye SDK includes:
1. VeriEye dynamic link library for Windows (DLL file).
2. C source code of the example program using VeriEye DLL).
3. Software description.
4. Description of eye illumination and positioning equipment for iris scan
6.4.2 VeriEye technical specifications
False rejection rate < 3 %
False acceptance rate < 0.0001 %
Recognition time 0.7 s
Size of one record in the database About 2 Kb
Database size Unlimited
6.4.3 Requirements to the image quality
1. The size of iris in the scanned image must be between 200x200 and 640x480 pixels,
image resolution 200 dpi.
2. The image should be free of the bulb reflections in the iris area. However, it maycontain small reflections in the pupil area.
3. The scanned slip must contain at least 30 % of the iris area not damaged by reflections,
shadows or eyelashes.
4. During the eye scanning head tilt must be less than 14 degrees with respect to vertical
axis.
19
-
8/4/2019 Bio Metrics Based Authentication Systems
20/36
Voice Authentication
7.1 Introduction
The speaker-specific characteristics of speech are due to differences in
physiological and behavioral aspects of the speech production system in humans. The
main physiological aspect of the human speech production system is the vocal tract
shape. The vocal tract is generally considered as the speech production organ above the
vocal folds, which consists of the following: (i) laryngeal pharynx (beneath the
epiglottis), (ii) oral pharynx (behind the tongue, between the epiglottis and velum), (iii)
oral cavity (forward of the velum and bounded by the lips, tongue, and palate), (iv) nasal
pharynx (above the velum, rear end of nasal cavity), and (v) nasal cavity (above the
palate and extending from the pharynx to the nostrils).
7.2 Pattern Matching
The pattern matching process involves the comparison of a given set of input
feature vectors against the speaker model for the claimed identity and computing amatching score. For the Hidden Markov models discussed above, the matching score is
the probability that the model generated a given set of feature vectors.
20
-
8/4/2019 Bio Metrics Based Authentication Systems
21/36
Retina Authentication
Retina scan is an exceptionally accurate biometric technology having been
established as an effective solution for every demanding authentication scenarios.
Biometrics the automated measurement of a physiological or behavioral aspect of
the human body for authentification or identification is a rapidly growing industry.
Biometric solutions are used successfully in fields as varied as e-commerce, network
access. Biometrics ease of use, accuracy, reliability, and flexibility are quickly
establishing them as the premier authentification.
An established technology where the unique patterns of the retina are scanned by
a low intensity light source via an optical coupler. Retinal scanning has proved to be quite
accurate in use but does require user to look in to a receptacle and focus on a given point.
This is not particularly convenient if you are a spectacle wearer or have some intimate
contact with the reading device. For these reasons retinal scanning has a few user
acceptance problems although the technology itself can work well.
21
-
8/4/2019 Bio Metrics Based Authentication Systems
22/36
Face Authentication
Face recognition is one of the newest technologies. Specialized recognition
software coupled with video camera allows these systems to recognize peoples faces.
There are various methods by which facial scan technology recognize peoples. All share
some commonalities, such as emphasizing those sections of the face which are less
susceptible to alteration, including the upper outlines of the eye sockets, the areas
surrounding ones cheekbones, and the sides of the mouth. Most technologies are
resistant to moderate changes in hairstyle, as they do not utilize areas of the face located
near the hairline. All of the primary technologies are designed to be robust enough to
conduct enough to conduct 1- tomany searches, that is to locate a single face out of a
data base of thousands of faces.
Facial scan Process Flow-Sample capture, Feature extraction, template comparison, and
matching define the process flow of facial scan technology. The following applies to
one to one verification. The sample capture will generally consist of a 20-30 second
enrollment process whereby several pictures are taken of ones face. Ideally the series of
pictures incorporate slightly different angles and facial expressions, to allow for more
accurate searches. After enrollment distinctive features are extracted, resulting in the
creation of a template. The templates are much smaller than the image from which it is
drawn.
Authentification follows the same protocol. The user claims an identity such as a
login name or a PIN, stands or sits in front of the camera for a few seconds, and is either
verified or rejected. This comparison is based on the similarity of the newly created
live template against the template or templates on file. The degree of similarityrequired for verification also known as the threshold can be adjusted for different
personnel, PCs, time of day and other factors One variant of this process is the use of
facial scan technology in forensics. Biometric templates taken from static photographs of
known criminals are stored in large databases. These records are searched, 1-to-many, to
determine if the detainee is using an alias when being booked.
22
-
8/4/2019 Bio Metrics Based Authentication Systems
23/36
Combining Biometrics with Smart Cards
Smart cards are widely acknowledged as one of the most secure and reliable
forms of electronic identification. To provide the highest degree of confidence in identity
verification, biometric technology is considered to be essential in a secure identification
system design. This section summarizes the key benefits of a secure ID system that
combines smart cards and biometrics.
10.1 Enhanced Privacy
Using smart cards significantly enhances privacy in biometric ID systems. The
smart card provides the individual with a personal database, a personal firewall and a
personal terminal. It secures personal information on the card, allowing the individual to
control access to that information and removing the need for central database access
during identity verification.
10.2 A Personal Database.
How and where an ID system keeps personal information about its members is an
important privacy consideration, affecting a systems real and perceived privacy
behavior. Most ID systems store personal information for all system members in a central
database. This centralization leads many to be concerned that their personal information
is less protected, or at a minimum, more vulnerable to compromise. Smart cards store and
safeguard personal information on the individuals card.
The use of smart card IDs can promote confidence in an ID system by offering
each member a unique secure, portable and personal database, separating their
information from other members data. With a smart card ID the cardholder maintains
physical possession of private information. This enhances the trust relationship with thesystem, as the cardholder now shares in the decision of who is allowed to use their
personal information for identity verification and in the responsibility to protect it. The
smart card personal database is portable and can be used in a variety of devices and
networks. An ID system can take advantage of this portability by using closed local
networks or standalone devices to carry out different identification tasks, rather than
23
-
8/4/2019 Bio Metrics Based Authentication Systems
24/36
relying on a centralized system. By enabling local identity verification, smart card based
secure ID systems can help alleviate concerns that the system is centrally tracking ID
older activities.
Unlike other ID card technologies that act as simple data containers, smart cards
are unique in acting more like data servers, where data is not directly accessed but must
be requested from the server (in this case the smart cards microprocessor). When used in
combination with biometrics, a smart card ID becomes even more personal and private. A
biometric provides a strong and unique binding between the cardholder and the personal
database on the card, identifying the cardholder as the rightful owner of this card. The
biometric cannot be borrowed, lost, or stolen like a PIN or password, and so strengthens
the authentication of an individuals identity.
10.3 A Personal Firewall.
In smart card based ID systems, the card is not just a data repository but also an
intelligent guardian a personal firewall for the cardholders information. When
information is requested from the ID card, a smart card can verify that the requestor is
authorized to perform such an inquiry. A smart card ID also has the ability to behave
differently based who is checking the ID. For example, most individuals will cooperate
with a uniformed officer who requests to see an ID. But is this officer a valid officer?
And what portion of the personal information is he or she authorized to see? With a smart
card ID, the card would authenticate the officer through a portable card reader and release
only the information that is relevant to the officers responsibilities. The same ID card
could be used to prove legal age when purchasing from a bar. In this case, the smart card
ID would just confirm age, but not divulge any other personal information. Once personal
information is released, it is very hard to control what happens to the information,
including how it might be used. It is an important privacy consideration for individuals to
clearly understand when and to whom personal information is released by an ID system.
The release of personal information is hard to control when carried out by a centralized
database somewhere on a network, without the information owners knowledge or
consent. A smart card based ID system gives the cardholder control over who can access
24
-
8/4/2019 Bio Metrics Based Authentication Systems
25/36
personal information stored on the card. A biometric further enhances this control,
ensuring that only the rightful cardholder can authorize access to personal information.
10.4 Enhanced Security
Biometric technologies are used with smart cards for ID system applications
specifically due to their ability to identify people with minimal ambiguity. A biometric
based ID allows for the verification of who you claim to be(information about the
cardholder printed or stored in the card) based on who you are (the biometric
information stored in the smart card), instead of, or possibly in addition to, checking
what you know (such as a PIN). As shown in Figure 10.1, this increases the security of
the overall ID system and improves the accuracy, speed, and control of cardholder
authentication.
Figure 10.1 Impact of Smart Cards and Biometrics on Security
As the importance of accurate identification grows, new technologies are being
added to ID systems to improve their security.
25
-
8/4/2019 Bio Metrics Based Authentication Systems
26/36
Cancelable Biometrics
Deploying biometrics in a mass market, like credit card authorization or bank
ATM access, raises additional concerns beyond the security of the transactions. One such
concern is the publics perception of a possible invasion of privacy. In addition to
personal information such as name and date of birth, the user is asked to surrender images
of body parts, such as fingers, face, and iris. These images, or other such biometric
signals, are stored in digital form in various databases. This raises the concern of possible
sharing of data among law enforcement agencies, or commercial enterprises.
Figure 11.1 Authentication process based on cancelable biometrics
26
-
8/4/2019 Bio Metrics Based Authentication Systems
27/36
The public is concerned about the ever-growing body of information that is being
collected about individuals in our society. The data collected encompass many
applications and include medical records and biometric data. A related concern is the
coordination and sharing of data from various databases. In relation to biometric data, the
public is, rightfully or not, worried about data collected by private companies being
matched against databases used by law enforcement agencies. Fingerprint images, for
example, can be matched against the FBI or INS (Immigration and Naturalization
Service) databases with ominous consequences.
These concerns are aggravated by the fact that a persons biometric data are given
and cannot be changed. One of the properties that make biometrics so attractive for
authentication purposestheir invariance over timeis also one of its liabilities. When a
credit card number is compromised, the issuing bank can just assign the customer a new
credit card number. When the biometric data are compromised, replacement is not
possible. In order to alleviate this problem, we introduce the concept of cancelable
biometrics. It consists of an intentional, repeatable distortion of a biometric signal based
on a chosen transform. The biometric signal is distorted in the same fashion at each
presentation, for enrollment and for every authentication. With this approach, every
instance of enrollment can use a different transform thus rendering cross matching
impossible. Furthermore, if one variant of the transformed biometric data is
compromised, then the transform function can simply be changed to create a new variant
(transformed representation) for reenrollment as, essentially, a new person. In general,
the distortion transforms are selected to be noninvertible. So even if the transform
function is known and the resulting transformed biometric data are known, the original
(undistorted) biometrics cannot be recovered.
The techniques presented here for transforming biometric signals differ from
simple compression using signal or image processing techniques. While compression of
the signal causes it to lose some of its spatial domain characteristics, it strives to preserve
the overall geometry. That is, two points in a biometric signal before compression are
27
-
8/4/2019 Bio Metrics Based Authentication Systems
28/36
likely to remain at comparable distance when decompressed. This is usually not the case
with our distortion transforms. Our technique also differs from encryption. The purpose
of encryption is to allow a legitimate party to regenerate the original signal. In contrast,
distortion transforms permanently obscure the signal in a noninvertible manner.
When employing cancelable biometrics, there are several places where the
transform, its parameters, and identification templates could be stored. This leads to a
possible distributed process model as shown in Figure 11.1. The merchant is where the
primary interaction starts in our model. Based on the customer ID, the relevant transform
is first pulled from one of the transform databases and applied to the biometrics. The
resulting distorted biometrics is then sent for authentication to the authorization server.
Once the users identity has been confirmed, the transaction is finally passed on to the
relevant commercial institution for processing. Note that an individual user may be
subscribed to multiple services, such as e-commerce merchants or banks. The
authentication for each transaction might be performed either by the service provider
itself, or by an independent third party. Similarly, the distortion transform might be
managed either by the authenticator or by still another independent agency. Alternatively,
for the best privacy the transform might remain solely in the possession of the user,
stored, say, on a smart card. If the card is lost or stolen, the stolen transform applied to
another persons biometrics will have very little impact. However, if the transform is
applied to a stored original biometrics signal of the genuine user, it will match against the
stored template of the person. Hence liveness detection techniques should be added to
prevent such misuse.
28
-
8/4/2019 Bio Metrics Based Authentication Systems
29/36
Vulnerable Points of a Biometric System
A generic biometric system can be cast in the framework of a pattern recognition
system. The stages of such a generic system are shown in Figure 12.1.
Figure 12.1 Possible attack points in a generic biometrics-based system
The first stage involves biometric signal acquisition from the user (e.g., the
inkless fingerprint scan). The acquired signal typically varies significantly from
presentation to presentation; hence, pure pixel-based matching techniques do not work
reliably. For this reason, the second signal processing stage attempts to construct a more
invariant representation of this basic input signal (e.g., in terms of fingerprint minutiae).
The invariant representation is often a spatial domain characteristic or a transform
(frequency) domain characteristic, depending on the particular biometric.
During enrollment of a subject in a biometric authentication system, an invariant
template is stored in a database that represents the particular individual. To authenticate
the user against a given ID, the corresponding template is retrieved from the database and
matched against the template derived from a newly acquired input signal. The matcher
29
-
8/4/2019 Bio Metrics Based Authentication Systems
30/36
arrives at a decision based on the closeness of these two templates while taking into
account geometry, lighting, and other signal acquisition variables. Note that password-
based authentication systems can also be set in this framework. The keyboard becomes
the input device. The password encrypted can be viewed as the feature extractor and the
comparator as the matcher. The template database is equivalent to the encrypted
password database.
There are eight places in the generic biometric system of Figure 12.1 where
attacks may occur. The numbers in Figure 12.1 correspond to the items in the following
list.
1. Presenting fake biometrics at the sensor: In this mode of attack, a possible
reproduction of the biometric feature is presented as input to the system. Examples
include a fake finger, a copy of a signature, or a facemask.
2. Resubmitting previously stored digitized biometrics signals: In this mode of attack,
a recorded signal is replayed to the system, bypassing the sensor. Examples include the
presentation of an old copy of a fingerprint image or the presentation of a previously
recorded audio signal.
3. Overriding the feature extraction process: The feature extractor is attacked using a
Trojan horse, so that it produces feature sets preselected by the intruder.
4. Tampering with the biometric feature representation: The features extracted from
the input signal are replaced with a different, fraudulent feature set (assuming the
representation method is known). Often the two stages of feature extraction and matcher
are inseparable and this mode of attack is extremely difficult. However, if minutiae are
transmitted to a remote matcher (say, over the Internet) this threat is very real. One could
snoop on the TCP/IP (Transmission Control Protocol/Internet Protocol) stack and alter
certain packets.
5. Corrupting the matcher: The matcher is attacked and corrupted so that it produces
preselected match scores.
6. Tampering with stored templates: The database of stored templates could be either
local or remote. The data might be distributed over several servers. Here the attacker
could try to modify one or more templates in the database, which could result either in
authorizing a fraudulent individual or denying service to the persons associated with the
30
-
8/4/2019 Bio Metrics Based Authentication Systems
31/36
corrupted template. A smart card-based authentication system, where the template is
stored in the smart card and presented to the authentication system, is particularly
vulnerable to this type of attack.
7. Attacking the channel between the stored templates and the matcher: The stored
templates are sent to the matcher through a communication channel. The data traveling
through this channel could be intercepted and modified.
8. Overriding the final decision: If the final match decision can be overridden by the
hacker, then the authentication system has been disabled. Even if the actual pattern
recognition framework has excellent performance characteristics, it has been rendered
useless by the simple exercise of overriding the match result.
There exist several security techniques to thwart attacks at these various points.
For instance, finger conductivity or fingerprint pulse at the sensor can stop simple attacks
at point 1. Encrypted communication channels can eliminate at least remote attacks at
point 4. However, even if the hacker cannot penetrate the feature extraction module, the
system is still vulnerable. The simplest way to stop attacks at points 5, 6, and 7 is to have
the matcher and the database reside at a secure location. Of course, even this cannot
prevent attacks in which there is collusion. Use of cryptography prevents attacks at point
8. It is observed that the threats outlined in Figure 12.1 are quite similar to the threats to
password-based authentication systems. For instance, all the channel attacks are similar.
One difference is that there is no fake password equivalent to the fake biometric attack
at point 1 (although, perhaps if the password was in some standard dictionary it could be
deemed fake). Furthermore, in a password- or token-based authentication system, no
attempt is made to thwart replay attacks (since there is no expected variation of the
signal from one presentation to another). However, in an automated biometric-based
authentication system, one can check the liveness of the entity originating the input
signal.
31
-
8/4/2019 Bio Metrics Based Authentication Systems
32/36
Applications
There are many concerning potential biometric applications, some popular
examples being;
13.1 ATM MACHINE USE.
Most of the leading banks have been experimenting with biometrics of ATM
machines use and as general means of combining card fraud. Surprisingly, these
experiments have rarely consisted of carefully integrated devices into a common process,
as could be achieved with certain biometric devices. Previous comments in this paper
concerning user psychology come to mind here one wonder why we have not seen a more
professional and carefully considered implementation from this sector. The banks will of
course have a view concerning the level of fraud and cost of combating it via technology
solutions such as biometrics. They will also express concern about potentially alienating
customers with such as approach. However, it still surprises many in the biometric
industry that the banks and financial institutions have so far failed to embrace this
technology with any enthusiasm.
13.2 WORKSTATION AND NETWORK ACCESS
For a long time this was an area often discussed but rarely implemented until
recent developments saw the unit price of biometric devices fall dramatically as well as
several designs aimed squarely at this application. In addition, with household names
such as Sony, Compaq, KeyTronics, Samsung and others entering the market, these
devices appear almost as a standard computer peripheral. Many are viewing this as the
application, which will provide critical mass for biometric industry and create the
transition between sci-fi device to regular systems component, thus raising publicawareness and lowering resistance to the use of biometrics in general.
32
-
8/4/2019 Bio Metrics Based Authentication Systems
33/36
13.3 TRAVELS AND TOURISM
There are many in this industry who have the vision of a multi application card
for travelers which, incorporating a biometric, would enable them to participate in
various frequent flyer and border controls systems as well as paying for their air ticket,
hotel rooms, hire care etc, all with one convenient token.
Technically this is eminently possible, but from a political and commercial point
of view there are many issues to resolve, not the least being who would own the card, be
responsible for administration and so on. These may not be insurmountable problems and
perhaps we may see something along these lines emerge. A notable challenge in this
respect would be packaging such an initiative in a way that would be truly attractive for
users.
13.4 INTERNET TRANSACTIONS
Many immediately of think of on line transactions as being an obvious area for
biometrics, although there are some significant issues to consider in this context.
Assuming device cost could be brought down to level whereby a biometric (and perhaps
chip card) reader could be easily incorporated into a standard build PC, we still have the
problem of authenticated enrollment and template management, although there are
several approaches one could take to that. Of course, if your credit already incorporated a
biometric this would simplify things considerably. It is interesting to note that certain
device manufactures have collaborated with key encryption providers to provide an
enhancement to their existing services. Perhaps we shall see some interesting
developments in this area in the near future.
13.5 Telephone Transactions.
No doubt many telesales and call center managers have pondered the use of
biometrics. It is an attractive possibility to consider, especially for automated processes.
However, voice verification is a difficult area of biometrics, especially if one does not
have direct control over the transducers, as indeed you wouldnt when dealing with the
general public. The variability of telephone handsets coupled to the variability of line
quality and the variability of user environments presents a significant challenge to voice
33
-
8/4/2019 Bio Metrics Based Authentication Systems
34/36
verification technology, and that is before you even consider the variability in
understanding among users.
The technology can work well in controlled closed loop conditions but is
extraordinarily difficult to implement on anything approaching a large scale. Designing in
the necessary error correction and fallback procedures to automated systems in a user-
friendly manner is also not a job for the faint hearted. Perhaps we shall see further
developments, which will largely overcome these problems. Certainly there is a
commercial incentive to do so and I have no doubt that much research is under way in
this respect.
13.6 Public Identity Cards.
A biometric incorporated into a multi purpose public ID cards would be useful in
a number of scenarios if one could win public support for such a scheme. Unfortunately,
in this country as in others there are huge numbers of individuals who definitely do not
want to be identified. This ensures that any such proposal would quickly become a
political hot potato and a nightmare for the minister concerned. You may consider this a
shame or a good thing, depending on your point of view. From a dispassionate
technology perspective it represents something of a lost opportunity, but this is of course
nothing new. Its interesting that certain local authorities in the UK have issued citizen
cards with which named cardholders can receive various benefits including discounts at
local stores and on certain services. These do not seem to have seriously challenged, even
though they are in effect an ID card.
34
-
8/4/2019 Bio Metrics Based Authentication Systems
35/36
Conclusion
The ultimate form of electronic verification of a persons identity is
biometrics; using a physical attribute of the person to make a positive
identification. People have always used the brains innate ability to recognize a
familiar face and it has long been known that a persons fingerprints can be used
for identification. The challenge has been to turn these into electronic processes
that are inexpensive and easy to use.
Banks and others who have tested biometric-based security on their
clientele, however, say consumers overwhelmingly have a pragmatic response to
the technology. Anything that saves the information-overloaded citizen from
having to remember another password or personal identification number comes as
a welcome respite.
Biometrics can address most of the security needs, but at what cost?
Surprisingly, the benefits quickly outweigh the costs. Like so many technological
developments, innovative people have found new ways to implement biometric
systems, so prices have come down dramatically in the last year or two. As prices
have come down, the interest level and the knowledge about how to effectively
utilize these systems have increased. So the investment is decreasing and the
recognizable benefits are increasing. Biometrics, when properly implemented, not
only increase security but also often are easier to use and less costly to administer
than the less secure alternatives. Biometrics cant be forgotten or left at home and
they dont have to be changed periodically like passwords.
35
-
8/4/2019 Bio Metrics Based Authentication Systems
36/36
References
1. R. Germain, A. Califano, and S. Colville, Fingerprint Matching Using
Transformation Parameter Clustering, IEEE Computational Science and
Engineering4, No. 4, 4249 (2004).
2. L. OGorman, Practical Systems for Personal Fingerprint Authentication,IEEE
Computer33, No. 2, 5860 (2004).
3. N. K. Ratha and R. M. Bolle, Smart Card Based Authentication, inBiometrics:Personal Identification in Networked Society, A. K. Jain, R. M. Bolle, and S.Pankanti, Editors, Kluwer Academic Press, Boston, MA (2003), pp. 369384.
4. T. Rowley, Silicon Fingerprint Readers: A Solid State Approach to Biometrics,Proceedings of the CardTech/SecureTech Conference, CardTech/SecureTech,
Bethesda, MD(2003), pp. 152159.
5. The Biometric Consortium (ND).Introduction to Biometrics December 11, 2003from URL http://www.biometrics.org/html/introduction.html.
6. B. Miller, Vital Signs of Identity,IEEE Spectrum 31, No.2, 2230 (2003).
7. B. Schneier, The Uses and Abuses of Biometrics, Communications of the ACM42, No. 8, 136 (2002).
8. W. Bender, D. Gruhl, N. Morimoto, and A. Lu, Techniques for Data Hiding,
IBM Systems Journal35, Nos. 3&4, 313336 (2003).
9. Biometric Digest -http://biometrics.cse.msu.edu
10.Biometric Consortium - http://www.biometricgroup.com