Security and accuracy of fingerprint-based biometrics: A review

Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two most critical attacks to biometric systems, namely, attacks to the user interface and template databases. How to design proper countermeasures to thwart these attacks, thereby providing strong security and yet at the same time maintaining high recognition accuracy, is a hot research topic currently, as well as in the foreseeable future. Moreover, recognition accuracy under non-ideal conditions is more likely to be unsatisfactory and thus needs particular attention in biometric system design. Related challenges and current research trends are also outlined in this paper

Security and accuracy of fingerprint-based biometrics: A review

Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two most critical attacks to biometric systems, namely, attacks to the user interface and template databases. How to design proper countermeasures to thwart these attacks, thereby providing strong security and yet at the same time maintaining high recognition accuracy, is a hot research topic currently, as well as in the foreseeable future. Moreover, recognition accuracy under non-ideal conditions is more likely to be unsatisfactory and thus needs particular attention in biometric system design. Related challenges and current research trends are also outlined in this paper

A Novel Fingerprint Encryption Based on Image and Feature Mosaic

Mobile smart devices in the digital era are enhancing personal information security by adopting fingerprint encryption technology, but due to the small size of mobile smart devices, the area of fingerprint image that can be detected is reduced, resulting in the lack of extractable fingerprint feature information, and traditional fingerprint encryption technology is difficult to apply to small area fingerprint images. To solve the application difficulties of small area fingerprint image encryption, a novel small area fingerprint encryption algorithm based on feature and image mosaic was proposed, and the encryption efficiency of the algorithm was verified using FVC2002 and XDFinger database. Results show that the small area fingerprint recognition algorithm based on feature and image mosaic is significantly improved in encryption efficiency, failure capture rate decreases from 36% to 7%, true acceptance rate increases from 44% to 68%, and the feasibility and reliability of the method is verified. Conclusions can promote the application of small area fingerprint encryption technology in mobile smart devices

Fingerprint template protection schemes: A literature review

The fingerprint is the most widely used technology for identification or authentication systems, which can be known as fingerprint authentication systems (FAS).In addition to providing security, the fingerprint is also easy to use, very reliable and has a high accuracy for identity recognition. FAS is still exposed to security attacks because fingerprint information is unencrypted.Therefore, fingerprint information requires protection known as fingerprint template protection (FTP).This paper aims to provide an organized literature on FTP.Three research questions were formulated to guide the literature analysis.First, this analysis focuses on the types of FTP schemes; second, the metrics used for evaluating the FTP schemes; and finally, the common datasets used for evaluating the FTP schemes. The latest information and references are analysed and classified based on FTP methods and publication year to obtain information related to the development and application of FTP.This study mainly surveyed 62 documents reported on FTP schemes between the year 2000 and 2017.The results of this survey can be a source of reference for other researchers in finding literature relevant to the FTP

Secure and private fingerprint-based authentication

This thesis studies the requirements and processes involved in building an authentication system using the fingerprint biometric, where the fingerprint template is protected during storage and during comparison. The principles developed in this thesis can be easily extended to authentication systems using other biometric modalities. Most existing biometric authentication systems store their template securely using an encryption function. However, in order to perform matching, the enrolled template must be decrypted. It is at this point that the authentication system is most vulnerable as the entire enrolled template is exposed. A biometric is irreplaceable if compromised and can also reveal sensitive information about an individual. If biometric systems are taken up widely, the template could also be used as an individual's digital identifier. Compromise in that case, violates an individual's right to privacy as their transactions in all systems where they used that compromised biometric can be tracked. Therefore securing a biometric template during comparison as well as storage in an authentication system is imperative. Eight different fingerprint template representation techniques, where templates were treated as a set of elements derived from the locations and orientations of fingerprint minutiae, were studied. Four main steps to build any biometric based authentication system were identified and each of the eight fingerprint template representations was inducted through the four steps. Two distinct Error Tolerant Cryptographic Constructs based on the set difference metric, were studied for their ability to securely store and compare each of the template types in an authentication system. The first construct was found to be unsuitable for a fundamental reason that would apply to all the template types considered in the research. The second construct did not have the limitation of the first and three algorithms to build authentication systems using the second construct were proposed. It was determined that minutiae-based templates had significant intra sample variation as a result of which a very relaxed matching threshold had to be set in the authentication system. The relaxed threshold caused the authentication systems built using the first two algorithms to reveal enough information about the stored templates to render them insecure. It was found that in cases of such large intra-sample variation, a commonality based match decision was more appropriate. One solution to building a secure authentication system using minutiae-based templates was demonstrated by the third algorithm which used a two stage matching process involving the second cryptographic construct and a commonality based similarity measure in the two stages respectively. This implementation was successful in securing the fingerprint template during comparison as well as storage, with minimal reduction in accuracy when compared to the matching performance without the cryptographic construct. Another solution is to use an efficient commonality based error tolerant cryptographic construct. This thesis lists the desirable characteristics of such a construct as existence of any is unknown to date. This thesis concludes by presenting good guidelines to evaluate the suitability of different cryptographic constructs to protect biometric templates of other modalities in an authentication system

Global and local feature-based transformations for fingerprint data protection

Due to its non-shareable characteristic, biometrics has been widely implemented for authenticating users. This characteristic asserts that biometrics meets the non-repudiation requirement which is one of the key factors in the authentication system. Among biometric modalities, fingerprints have the best capability for satisfying both technical and social aspects of an authentication system. Nevertheless, similar to other modalities, once the stored fingerprint template has been compromised, the effect will be forever since the fingerprint pattern is permanent. So, a mechanism which can protect this fingerprint pattern is desired. Common cryptographic approaches, however, do not work due to uncertainty in the captured fingerprint image caused by disturbing factors either in the scanner or in the finger itself. While authenticating fingerprints in a plain format is not secure, in a cipher format it is impractical because slightly different inputs result in completely different outputs. Therefore, a specific transformation mechanism is needed: one which is able to accept similar fingerprints and reject dissimilar fingerprints, while at the same time generating a relatively non-invertible fingerprint template. Most of the existing protection approaches, however, have high error rates which make them inappropriate to implement. The approaches proposed in this thesis are for addressing this problem, in particular. The proposed approaches comprise three modules: feature transformation, feature representation and feature comparison. The evaluation is to measure the accuracy, the capability for revoking the template and generating another template, and the capability for scrambling the fingerprint pattern. The first approach, which is a global feature-based transformation, is developed by exploring both the fingerprint singular point and minutiae points. The experimental results show that this approach is able to improve the existing performance, despite possible limitations (e.g., relying on the core point). In order to eliminate possible drawbacks of that global feature-based transformation, a local-based transformation is implemented by extracting only minutiae points. This has been able to eliminate the core-point dependency and at the same time produce only a slightly higher error rate than the previous proposed approach. To make further improvements, the third approach is designed in both Cartesian and polar coordinate spaces. This approach has been able to take advantages of being core point independent and at the same time generates higher performance than most of the existing approaches