Spectral minutiae representations for fingerprint recognition

The term biometrics refers to the technologies that measure and analyze human intrinsic physical or behavioral characteristics for authenticating individuals. Nowadays, biometric technology is increasingly deployed in civil and commercial applications. The growing use of biometrics is raising security and privacy concerns. Storing biometric data, known as biometric templates, in a database leads to several privacy risks such as identity fraud and cross matching. A solution is to apply biometric template protection techniques, which aim to make it impossible to recover the biometric data from the templates.\ud The goal of our research is to combine biometric systems with template protection. Aimed at fingerprint recognition, this thesis introduces the Spectral Minutiae Representation method, which enables the combination of a minutiae-based fingerprint recognition system with template protection schemes based on fuzzy commitment or helper data schemes.\ud In this thesis, three spectral minutiae representation methods have been proposed: the location-based spectral minutiae representation (SML), the orientation-based spectral minutiae representation (SMO) and the complex spectral minutiae representation (SMC). From the experiments shown in this thesis, SMC achieved the best results.\ud Based on the spectral minutiae features, this thesis further presented contributions in three research directions. First, this thesis recommends several ways to enhance the recognition performance of SMC. Second, with regard to feature reduction, this thesis introduced two feature reduction methods, Column-PCA (CPCA) and Line-DFT (LDFT). Third, with regard to quantization, this thesis introduced the Spectral Bits and Phase Bits representations. \ud The spectral minutiae representation scheme proposed in this thesis enables the combination of fingerprint recognition systems with template protection based on the helper data scheme. Furthermore, this scheme allows for a fast minutiae comparison, which renders this scheme suitable as a pre-selector for a large-scale fingerprint identification system, thus significantly reducing the time to perform matching. The binary spectral minutiae representation achieved an equal error rate of less than 1% on the FVC2000-DB2 database when applying multi-sample enrolment. The fast comparison speed together with the promising recognition performance makes this spectral minutiae scheme very applicable for real time applications

Pseudo Identities Based on Fingerprint Characteristics

This paper presents the integrated project TURBINE which is funded under the EU 7th research framework programme. This research is a multi-disciplinary effort on privacy enhancing technology, combining innovative developments in cryptography and fingerprint recognition. The objective of this project is to provide a breakthrough in electronic authentication for various applications in the physical world and on the Internet. On the one hand it will provide secure identity verification thanks to fingerprint recognition. On the other hand it will reliably protect the biometric data through advanced cryptography technology. In concrete terms, it will provide the assurance that (i) the data used for the authentication, generated from the fingerprint, cannot be used to restore the original fingerprint sample, (ii) the individual will be able to create different "pseudo-identities" for different applications with the same fingerprint, whilst ensuring that these different identities (and hence the related personal data) cannot be linked to each other, and (iii) the individual is enabled to revoke an biometric identifier (pseudo-identity) for a given application in case it should not be used anymore

Case study: disclosure of indirect device fingerprinting in privacy policies

Recent developments in online tracking make it harder for individuals to detect and block trackers. This is especially true for de- vice fingerprinting techniques that websites use to identify and track individual devices. Direct trackers { those that directly ask the device for identifying information { can often be blocked with browser configu- rations or other simple techniques. However, some sites have shifted to indirect tracking methods, which attempt to uniquely identify a device by asking the browser to perform a seemingly-unrelated task. One type of indirect tracking known as Canvas fingerprinting causes the browser to render a graphic recording rendering statistics as a unique identifier. Even experts find it challenging to discern some indirect fingerprinting methods. In this work, we aim to observe how indirect device fingerprint- ing methods are disclosed in privacy policies, and consider whether the disclosures are sufficient to enable website visitors to block the track- ing methods. We compare these disclosures to the disclosure of direct fingerprinting methods on the same websites. Our case study analyzes one indirect ngerprinting technique, Canvas fingerprinting. We use an existing automated detector of this fingerprint- ing technique to conservatively detect its use on Alexa Top 500 websites that cater to United States consumers, and we examine the privacy poli- cies of the resulting 28 websites. Disclosures of indirect fingerprinting vary in specificity. None described the specific methods with enough granularity to know the website used Canvas fingerprinting. Conversely, many sites did provide enough detail about usage of direct fingerprint- ing methods to allow a website visitor to reliably detect and block those techniques. We conclude that indirect fingerprinting methods are often technically difficult to detect, and are not identified with specificity in legal privacy notices. This makes indirect fingerprinting more difficult to block, and therefore risks disturbing the tentative armistice between individuals and websites currently in place for direct fingerprinting. This paper illustrates differences in fingerprinting approaches, and explains why technologists, technology lawyers, and policymakers need to appreciate the challenges of indirect fingerprinting.Accepted manuscrip

Data Leak Detection As a Service: Challenges and Solutions

We describe a network-based data-leak detection (DLD) technique, the main feature of which is that the detection does not require the data owner to reveal the content of the sensitive data. Instead, only a small amount of specialized digests are needed. Our technique – referred to as the fuzzy fingerprint – can be used to detect accidental data leaks due to human errors or application flaws. The privacy-preserving feature of our algorithms minimizes the exposure of sensitive data and enables the data owner to safely delegate the detection to others.We describe how cloud providers can offer their customers data-leak detection as an add-on service with strong privacy guarantees. We perform extensive experimental evaluation on the privacy, efficiency, accuracy and noise tolerance of our techniques. Our evaluation results under various data-leak scenarios and setups show that our method can support accurate detection with very small number of false alarms, even when the presentation of the data has been transformed. It also indicates that the detection accuracy does not degrade when partial digests are used. We further provide a quantifiable method to measure the privacy guarantee offered by our fuzzy fingerprint framework

Conceivable security risks and authentication techniques for smart devices

With the rapidly escalating use of smart devices and fraudulent transaction of users’ data from their devices, efficient and reliable techniques for authentication of the smart devices have become an obligatory issue. This paper reviews the security risks for mobile devices and studies several authentication techniques available for smart devices. The results from field studies enable a comparative evaluation of user-preferred authentication mechanisms and their opinions about reliability, biometric authentication and visual authentication techniques

Image Watermaking With Biometric Data For Copyright Protection

In this paper, we deal with the proof of ownership or legitimate usage of a digital content, such as an image, in order to tackle the illegitimate copy. The proposed scheme based on the combination of the watermark-ing and cancelable biometrics does not require a trusted third party, all the exchanges are between the provider and the customer. The use of cancelable biometrics permits to provide a privacy compliant proof of identity. We illustrate the robustness of this method against intentional and unintentional attacks of the watermarked content

A New Biometric Template Protection using Random Orthonormal Projection and Fuzzy Commitment

Biometric template protection is one of most essential parts in putting a biometric-based authentication system into practice. There have been many researches proposing different solutions to secure biometric templates of users. They can be categorized into two approaches: feature transformation and biometric cryptosystem. However, no one single template protection approach can satisfy all the requirements of a secure biometric-based authentication system. In this work, we will propose a novel hybrid biometric template protection which takes benefits of both approaches while preventing their limitations. The experiments demonstrate that the performance of the system can be maintained with the support of a new random orthonormal project technique, which reduces the computational complexity while preserving the accuracy. Meanwhile, the security of biometric templates is guaranteed by employing fuzzy commitment protocol.Comment: 11 pages, 6 figures, accepted for IMCOM 201

Combining multiple biometrics to protect privacy

As biometrics are gaining popularity, there is increased concern over the loss of privacy and potential misuse of biometric data held in central repositories. The association of fingerprints with criminals raises further concerns. On the other hand, the alternative suggestion of keeping biometric data in smart cards does not solve the problem, since forgers can always claim that their card is broken to avoid biometric verification altogether. We propose a biometric authentication framework which uses two separate biometric features combined to obtain a non-unique identifier of the individual, in order to address privacy concerns. As a particular example, we demonstrate a fingerprint verification system that uses two separate fingerprints of the same individual. A combined biometric ID composed of two fingerprints is stored in the central database and imprints from both fingers are required in the verification process, lowering the risk of misuse and privacy loss. We show that the system is successful in verifying a person’s identity given both fingerprints, while searching the combined fingerprint database using a single fingerprint, is impractical