CardioCam: Leveraging Camera on Mobile Devices to Verify Users While Their Heart is Pumping

With the increasing prevalence of mobile and IoT devices (e.g., smartphones, tablets, smart-home appliances), massive private and sensitive information are stored on these devices. To prevent unauthorized access on these devices, existing user verification solutions either rely on the complexity of user-defined secrets (e.g., password) or resort to specialized biometric sensors (e.g., fingerprint reader), but the users may still suffer from various attacks, such as password theft, shoulder surfing, smudge, and forged biometrics attacks. In this paper, we propose, CardioCam, a low-cost, general, hard-to-forge user verification system leveraging the unique cardiac biometrics extracted from the readily available built-in cameras in mobile and IoT devices. We demonstrate that the unique cardiac features can be extracted from the cardiac motion patterns in fingertips, by pressing on the built-in camera. To mitigate the impacts of various ambient lighting conditions and human movements under practical scenarios, CardioCam develops a gradient-based technique to optimize the camera configuration, and dynamically selects the most sensitive pixels in a camera frame to extract reliable cardiac motion patterns. Furthermore, the morphological characteristic analysis is deployed to derive user-specific cardiac features, and a feature transformation scheme grounded on Principle Component Analysis (PCA) is developed to enhance the robustness of cardiac biometrics for effective user verification. With the prototyped system, extensive experiments involving 25 subjects are conducted to demonstrate that CardioCam can achieve effective and reliable user verification with over 99% average true positive rate (TPR) while maintaining the false positive rate (FPR) as low as 4%

A Survey Study of the Current Challenges and Opportunities of Deploying the ECG Biometric Authentication Method in IoT and 5G Environments

The environment prototype of the Internet of Things (IoT) has opened the horizon for researchers to utilize such environments in deploying useful new techniques and methods in different fields and areas. The deployment process takes place when numerous IoT devices are utilized in the implementation phase for new techniques and methods. With the wide use of IoT devices in our daily lives in many fields, personal identification is becoming increasingly important for our society. This survey aims to demonstrate various aspects related to the implementation of biometric authentication in healthcare monitoring systems based on acquiring vital ECG signals via designated wearable devices that are compatible with 5G technology. The nature of ECG signals and current ongoing research related to ECG authentication are investigated in this survey along with the factors that may affect the signal acquisition process. In addition, the survey addresses the psycho-physiological factors that pose a challenge to the usage of ECG signals as a biometric trait in biometric authentication systems along with other challenges that must be addressed and resolved in any future related research.

Improving Presentation Attack Detection for ID Cards on Remote Verification Systems

In this paper, an updated two-stage, end-to-end Presentation Attack Detection method for remote biometric verification systems of ID cards, based on MobileNetV2, is presented. Several presentation attack species such as printed, display, composite (based on cropped and spliced areas), plastic (PVC), and synthetic ID card images using different capture sources are used. This proposal was developed using a database consisting of 190.000 real case Chilean ID card images with the support of a third-party company. Also, a new framework called PyPAD, used to estimate multi-class metrics compliant with the ISO/IEC 30107-3 standard was developed, and will be made available for research purposes. Our method is trained on two convolutional neural networks separately, reaching BPCER\textsubscript{100} scores on ID cards attacks of 1.69\% and 2.36\% respectively. The two-stage method using both models together can reach a BPCER\textsubscript{100} score of 0.92\%

Iris Recognition Approach for Preserving Privacy in Cloud Computing

Biometric identification systems involve securing biometric traits by encrypting them using an encryption algorithm and storing them in the cloud. In recent decades, iris recognition schemes have been considered one of the most effective biometric models for identifying humans based on iris texture, due to their relevance and distinctiveness. The proposed system focuses on encrypting biometric traits. The user’s iris feature vector is encrypted and stored in the cloud. During the matching process, the user’s iris feature vector is compared with the one stored in the cloud. If it meets the threshold conditions, the user is authenticated. Iris identification in cloud computing involves several steps. First, the iris image is pre-processed to remove noise using the Hough transform. Then, the pixel values are normalized, Gabor filters are applied to extract iris features. The features are then encrypted using the AES 128-bit algorithm. Finally, the features of the test image are matched with the stored features on the cloud to verify authenticity. The process ensures the privacy and security of the iris data in cloud storage by utilizing encryption and efficient image processing techniques. The matching is performed by setting an appropriate threshold for comparison. Overall, the approach offers a significant level of safety, effectiveness, and accuracy