Fingerprint template protection schemes: A literature review

The fingerprint is the most widely used technology for identification or authentication systems, which can be known as fingerprint authentication systems (FAS).In addition to providing security, the fingerprint is also easy to use, very reliable and has a high accuracy for identity recognition. FAS is still exposed to security attacks because fingerprint information is unencrypted.Therefore, fingerprint information requires protection known as fingerprint template protection (FTP).This paper aims to provide an organized literature on FTP.Three research questions were formulated to guide the literature analysis.First, this analysis focuses on the types of FTP schemes; second, the metrics used for evaluating the FTP schemes; and finally, the common datasets used for evaluating the FTP schemes. The latest information and references are analysed and classified based on FTP methods and publication year to obtain information related to the development and application of FTP.This study mainly surveyed 62 documents reported on FTP schemes between the year 2000 and 2017.The results of this survey can be a source of reference for other researchers in finding literature relevant to the FTP

Evaluating biometrics fingerprint template protection for an emergency situation

Biometric template protection approaches have been developed to secure the biometric templates against image reconstruction on the stored templates. Two cancellable fingerprint template protection approaches namely minutiae-based bit-string cancellable fingerprint template and modified minutiae-based bit-string cancellable fingerprint template, are selected to be evaluated. Both approaches include the geometric information of the fingerprint into the extracted minutiae. Six modified fingerprint data sets are derived from the original fingerprint images in FVC2002DB1_B and FVC2002DB2_B by conducting the rotation and changing the quality of original fingerprint images according to the environment conditions during an emergency situation such as wet or dry fingers and disoriented angle of fingerprint images. The experimental results show that the modified minutiae-based bit-string cancellable fingerprint template performs well on all conditions during an emergency situation by achieving the matching accuracy between 83% and 100% on FVC2002DB1_B data set and between 99% and 100% on FVC2002DB2_B data set

PENGEMBANGAN METODE SELEKSI TITIK MINUTIAE PADA SIDIK JARI DENGAN RADIUS KETETANGGAAN

Sidik jari sebagai sarana otentikasi sudah banyak digunakan dalam berbagai sistem, baik untuk memberi akses ke da-lam sebuah sistem maupun hanya sebagai pencatat kehadiran. Seiring semakin banyaknya penerapan tersebut, keamanan data sidik jari menjadi tantangan tersendiri. Sejumlah metode telah dipelajari untuk mengamankan data sidik jari, mulai dari teknik enkripsi konvensional hingga teknik transformasi. Metode transformasi data sidik jari merupakan sebuah teknik yang menerapkan suatu fungsi transformasi pada data sidik jari secara searah sehingga kemungkinan untuk dikembalikan ke dalam bentuk aslinya nyaris mustahil, namun tetap dapat dilakukan pencocokan dengan tingkat akurasi yang cukup tinggi. Tujuan dari penelitian ini adalah untuk menghasilkan template sidik jari yang memiliki akurasi yang tinggi pada saat proses pencocokan. Salah satu proses dalam pembuatan template sidik jari yang dapat mempengaruhi tingkat akurasi adalah proses seleksi titik minutiae yang merupakan proses paling awal. Maka dalam penulisan ini di-usulkan sebuah mekanisme seleksi titik yang baru dengan memanfaatkan proses seleksi dari metode pair-polar sebagai seleksi titik referensi kemudian menambahkan proses seleksi titik ketetanggaan yang dibatasi dengan radius tertentu dari titik referensi. Hasil uji coba menunjukkan bahwa metode seleksi yang diusulkan mampu menekan kesalahan identifikasi sehingga dapat disimpulkan sebagai penmeningkatkan akurasi secara keseluruhan

Reflexive Memory Authenticator: A Proposal for Effortless Renewable Biometrics

International audienceToday’s biometric authentication systems are still struggling with replay attacks and irrevocable stolen credentials. This paper introduces a biometric protocol that addresses such vulnerabilities. The approach prevents identity theft by being based on memory creation biometrics. It takes inspiration from two different authentication methods, eye biometrics and challenge systems, as well as a novel biometric feature: the pupil memory effect. The approach can be adjusted for arbitrary levels of security, and credentials can be revoked at any point with no loss to the user. The paper includes an analysis of its security and performance, and shows how it could be deployed and improved

Biometrics based privacy-preserving authentication and mobile template protection

Smart mobile devices are playing a more and more important role in our daily life. Cancelable biometrics is a promising mechanism to provide authentication to mobile devices and protect biometric templates by applying a noninvertible transformation to raw biometric data. However, the negative effect of nonlinear distortion will usually degrade the matching performance significantly, which is a nontrivial factor when designing a cancelable template. Moreover, the attacks via record multiplicity (ARM) present a threat to the existing cancelable biometrics, which is still a challenging open issue. To address these problems, in this paper, we propose a new cancelable fingerprint template which can not only mitigate the negative effect of nonlinear distortion by combining multiple feature sets, but also defeat the ARM attack through a proposed feature decorrelation algorithm. Our work is a new contribution to the design of cancelable biometrics with a concrete method against the ARM attack. Experimental results on public databases and security analysis show the validity of the proposed cancelable template

An enhanced fingerprint template protection scheme

Fingerprint template protection (FTP) is required to secure authentication due to fingerprint has been widely used for user authentication systems. Fingerprint authentication consists of a microcontroller, fingerprint sensor, secure access control, and human interface. However, as many users frequently assess the systems, fingerprints could be replicated and modified by attackers. Currently, most existing FTP schemes fail to meet the properties of fingerprint authentication systems, namely diversity, revocability, security, and match/recognition performance, due to intra-user variability in fingerprint identifiers and matching issues in unencrypted domains. Therefore, this study aims to enhance the existing schemes by using chaos-based encryption and hash functions to meet the specified properties by securing users’ fingerprint templates (FT) within the embedded systems. Furthermore, an improved chaos-based encryption algorithm was proposed for encrypting FT. The MATLAB simulation with Fingerprint Verification Competition (FVC) 2002 database was used to measure the encryption results, secret key spaces, key sensitivity, histogram, correlation, differential, entropy information, matching/recognition analysis, and revocability. The proposed FTP scheme was also evaluated using Burrows–Abadi– Needham (BAN) logic analysis for protocol robustness with resistance to replay attacks, stolen-verifier attacks, and perfect forward secrecy. The results demonstrate that the enhanced chaos-based encryption algorithm for FTP improves its encryption time, which is 0.24 seconds faster than the selected benchmark study. The enhanced FTP scheme also achieved security, revocability, diversity, and matching/recognition performance properties. The matching/recognition performance evaluation produced higher verification rates and a low false rejection rate. The rates were 99.10 % and 0.90%, respectively. The equal error rate decreased from 2.10% to 1.05%. As a conclusion, the enhanced FTP scheme could be an alternative to the existing FTP for embedded system authentication to withstand various possible attacks and provides the desired security features. The scheme also can be a reference to comprehensive security analysis

Global and local feature-based transformations for fingerprint data protection

Due to its non-shareable characteristic, biometrics has been widely implemented for authenticating users. This characteristic asserts that biometrics meets the non-repudiation requirement which is one of the key factors in the authentication system. Among biometric modalities, fingerprints have the best capability for satisfying both technical and social aspects of an authentication system. Nevertheless, similar to other modalities, once the stored fingerprint template has been compromised, the effect will be forever since the fingerprint pattern is permanent. So, a mechanism which can protect this fingerprint pattern is desired. Common cryptographic approaches, however, do not work due to uncertainty in the captured fingerprint image caused by disturbing factors either in the scanner or in the finger itself. While authenticating fingerprints in a plain format is not secure, in a cipher format it is impractical because slightly different inputs result in completely different outputs. Therefore, a specific transformation mechanism is needed: one which is able to accept similar fingerprints and reject dissimilar fingerprints, while at the same time generating a relatively non-invertible fingerprint template. Most of the existing protection approaches, however, have high error rates which make them inappropriate to implement. The approaches proposed in this thesis are for addressing this problem, in particular. The proposed approaches comprise three modules: feature transformation, feature representation and feature comparison. The evaluation is to measure the accuracy, the capability for revoking the template and generating another template, and the capability for scrambling the fingerprint pattern. The first approach, which is a global feature-based transformation, is developed by exploring both the fingerprint singular point and minutiae points. The experimental results show that this approach is able to improve the existing performance, despite possible limitations (e.g., relying on the core point). In order to eliminate possible drawbacks of that global feature-based transformation, a local-based transformation is implemented by extracting only minutiae points. This has been able to eliminate the core-point dependency and at the same time produce only a slightly higher error rate than the previous proposed approach. To make further improvements, the third approach is designed in both Cartesian and polar coordinate spaces. This approach has been able to take advantages of being core point independent and at the same time generates higher performance than most of the existing approaches