Transparent authentication: Utilising heart rate for user authentication

There has been exponential growth in the use of wearable technologies in the last decade with smart watches having a large share of the market. Smart watches were primarily used for health and fitness purposes but recent years have seen a rise in their deployment in other areas. Recent smart watches are fitted with sensors with enhanced functionality and capabilities. For example, some function as standalone device with the ability to create activity logs and transmit data to a secondary device. The capability has contributed to their increased usage in recent years with researchers focusing on their potential. This paper explores the ability to extract physiological data from smart watch technology to achieve user authentication. The approach is suitable not only because of the capacity for data capture but also easy connectivity with other devices - principally the Smartphone. For the purpose of this study, heart rate data is captured and extracted from 30 subjects continually over an hour. While security is the ultimate goal, usability should also be key consideration. Most bioelectrical signals like heart rate are non-stationary time-dependent signals therefore Discrete Wavelet Transform (DWT) is employed. DWT decomposes the bioelectrical signal into n level sub-bands of detail coefficients and approximation coefficients. Biorthogonal Wavelet (bior 4.4) is applied to extract features from the four levels of detail coefficents. Ten statistical features are extracted from each level of the coffecient sub-band. Classification of each sub-band levels are done using a Feedforward neural Network (FF-NN). The 1 st , 2 nd , 3 rd and 4 th levels had an Equal Error Rate (EER) of 17.20%, 18.17%, 20.93% and 21.83% respectively. To improve the EER, fusion of the four level sub-band is applied at the feature level. The proposed fusion showed an improved result over the initial result with an EER of 11.25% As a one-off authentication decision, an 11% EER is not ideal, its use on a continuous basis makes this more than feasible in practice

Genetic Programming for Multibiometrics

Biometric systems suffer from some drawbacks: a biometric system can provide in general good performances except with some individuals as its performance depends highly on the quality of the capture. One solution to solve some of these problems is to use multibiometrics where different biometric systems are combined together (multiple captures of the same biometric modality, multiple feature extraction algorithms, multiple biometric modalities...). In this paper, we are interested in score level fusion functions application (i.e., we use a multibiometric authentication scheme which accept or deny the claimant for using an application). In the state of the art, the weighted sum of scores (which is a linear classifier) and the use of an SVM (which is a non linear classifier) provided by different biometric systems provide one of the best performances. We present a new method based on the use of genetic programming giving similar or better performances (depending on the complexity of the database). We derive a score fusion function by assembling some classical primitives functions (+, *, -, ...). We have validated the proposed method on three significant biometric benchmark datasets from the state of the art

The Feasibility of Using Behavioural Profiling Technique for Mitigating Insider Threats: Review

Insider threat has become a serious issue to the many organizations. Various companies are increasingly deploying many information technologies to prevent unauthorized access to getting inside their system. Biometrics approaches have some techniques that contribute towards controlling the point of entry. However, these methods mainly are not able to continuously validate the users reliability. In contrast behavioral profiling is one of the biometrics technologies but it focusing on the activities of the users during using the system and comparing that with a previous history. This paper presents a comprehensive analysis, literature review and limitations on behavioral profiling approach and to what extent that can be used for mitigating insider misuse

Critical success factors for preventing E-banking fraud

E-Banking fraud is an issue being experienced globally and is continuing to prove costly to both banks and customers. Frauds in e-banking services occur as a result of various compromises in security ranging from weak authentication systems to insufficient internal controls. Lack of research in this area is problematic for practitioners so there is need to conduct research to help improve security and prevent stakeholders from losing confidence in the system. The purpose of this paper is to understand factors that could be critical in strengthening fraud prevention systems in electronic banking. The paper reviews relevant literatures to help identify potential critical success factors of frauds prevention in e-banking. Our findings show that beyond technology, there are other factors that need to be considered such as internal controls, customer education and staff education etc. These findings will help assist banks and regulators with information on specific areas that should be addressed to build on their existing fraud prevention systems

“Integrating Iris and Fingerprint Traits for Personal Authentication using Artificial Neural Network”

In recent years, biometric based security systems chieved more attention due to continuous terrorism threats around the world. However, a security system comprised of a single form of biometric information cannot fulfil user’s expectations and may suffer from noisy sensor data, intra and inter class variations and continuous spoof attacks. To overcome some of these problems, multimodal biometric aims at increasing the reliability of biometric systems through utilizing more than one biometric in decision-making process. In order to take full advantage of the multimodal approaches, an effective fusion scheme is necessary for combining information from various sources. I present a new methodology based on fusion at the feature level, which is a relatively new approach compared to others, to combine multimodal biometric information from two biometric identifiers (Iris and Fingerprint).The proposed system is for multimodal database comprising of 21 samples. The performance of the system is tested on a database prepared to find accuracy, false acceptance rate and false rejection rate

Keystroke dynamics in the pre-touchscreen era

Biometric authentication seeks to measure an individual’s unique physiological attributes for the purpose of identity verification. Conventionally, this task has been realized via analyses of fingerprints or signature iris patterns. However, whilst such methods effectively offer a superior security protocol compared with password-based approaches for example, their substantial infrastructure costs, and intrusive nature, make them undesirable and indeed impractical for many scenarios. An alternative approach seeks to develop similarly robust screening protocols through analysis of typing patterns, formally known as keystroke dynamics. Here, keystroke analysis methodologies can utilize multiple variables, and a range of mathematical techniques, in order to extract individuals’ typing signatures. Such variables may include measurement of the period between key presses, and/or releases, or even key-strike pressures. Statistical methods, neural networks, and fuzzy logic have often formed the basis for quantitative analysis on the data gathered, typically from conventional computer keyboards. Extension to more recent technologies such as numerical keypads and touch-screen devices is in its infancy, but obviously important as such devices grow in popularity. Here, we review the state of knowledge pertaining to authentication via conventional keyboards with a view toward indicating how this platform of knowledge can be exploited and extended into the newly emergent type-based technological contexts

Multi-Modal Biometrics: Applications, Strategies and Operations

The need for adequate attention to security of lives and properties cannot be over-emphasised. Existing approaches to security management by various agencies and sectors have focused on the use of possession (card, token) and knowledge (password, username)-based strategies which are susceptible to forgetfulness, damage, loss, theft, forgery and other activities of fraudsters. The surest and most appropriate strategy for handling these challenges is the use of naturally endowed biometrics, which are the human physiological and behavioural characteristics. This paper presents an overview of the use of biometrics for human verification and identification. The applications, methodologies, operations, integration, fusion and strategies for multi-modal biometric systems that give more secured and reliable human identity management is also presented

Vein Pattern Extraction Using Near Infrared Imaging for Biometric Purposes

Biomedical verification has been broadly examined for many years and pulled in much consideration because of its huge potential security application. Vein is less prone to damage and almost improbable to copy than any other physiological as well as behavioural biometric features such as fingerprint, iris, face and voice recognition. This paper proposes an efficient vein extraction method on low quality vein images taken by a camera absorbing near infrared light (NIR camera). At first, the image is contrast enhanced using contrast limited adaptive histogram equalization (CLAHE); secondly, local threshold method is applied on small blocks of the image followed by several morphological operations such as fill, erosion, dilation, clean and bridge, performed sequentially, for better accuracy. Experimental results obtained for extraction show that the proposed method can reap better results with reduced complexity. After extraction, matching of the test image with the template images stored in the database are matched using minutiae (point-to-point pattern). An orientation detector which filters out missing or unnecessary or unnatural spurious minutiae pairings while simultaneously using path or ridge orientations to increase performance and similarity score calculation. Thus the obtained processed images can be used in biometric purposes which in turn enhances the security of the syste

Shallow Neural Network for Biometrics from the ECG-WATCH

Applications such as surveillance, banking and healthcare deal with sensitive data whose confidentiality and integrity depends on accurate human recognition. In this sense, the crucial mechanism for performing an effective access control is authentication, which unequivocally yields user identity. In 2018, just in North America, around 445K identity thefts have been denounced. The most adopted strategy for automatic identity recognition uses a secret for encrypting and decrypting the authentication information. This approach works very well until the secret is kept safe. Electrocardiograms (ECGs) can be exploited for biometric purposes because both the physiological and geometrical differences in each human heart correspond to uniqueness in the ECG morphology. Compared with classical biometric techniques, e.g. fingerprints, ECG-based methods can definitely be considered a more reliable and safer way for user authentication due to ECG inherent robustness to circumvention, obfuscation and replay attacks. In this paper, the ECG WATCH, a non-expensive wristwatch for recording ECGs anytime, anywhere, in just 10 s, is proposed for user authentication. The ECG WATCH acquisitions have been used to train a shallow neural network, which has reached a 99% classification accuracy and 100% intruder recognition rate