BioTouchPass: Handwritten Passwords for Touchscreen Biometrics

This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibleThis work enhances traditional authentication systems based on Personal Identification Numbers (PIN) and One- Time Passwords (OTP) through the incorporation of biometric information as a second level of user authentication. In our proposed approach, users draw each digit of the password on the touchscreen of the device instead of typing them as usual. A complete analysis of our proposed biometric system is carried out regarding the discriminative power of each handwritten digit and the robustness when increasing the length of the password and the number of enrolment samples. The new e-BioDigit database, which comprises on-line handwritten digits from 0 to 9, has been acquired using the finger as input on a mobile device. This database is used in the experiments reported in this work and it is available together with benchmark results in GitHub1. Finally, we discuss specific details for the deployment of our proposed approach on current PIN and OTP systems, achieving results with Equal Error Rates (EERs) ca. 4.0% when the attacker knows the password. These results encourage the deployment of our proposed approach in comparison to traditional PIN and OTP systems where the attack would have 100% success rate under the same impostor scenarioThis work has been supported by projects: BIBECA (MINECO), Bio-Guard (Ayudas Fundación BBVA a Equipos de Investigación Científica 2017) and by UAM-CecaBank. Ruben Tolosana is supported by a FPU Fellowship from Spanish MEC

Adquisición y análisis de información manuscrita en entornos móviles

El Trabajo de Fin de Grado realizado se enmarca en el campo del reconocimiento biométrico de escritura manuscrita dinámica a través del uso de dispositivos móviles. Hoy en día los métodos de seguridad utilizados en los dispositivos móviles presentan muchas debilidades. Con el objetivo de hacer estos sistemas más robustos, se propone dibujar las contraseñas en vez de teclearlas. De esta forma se puede analizar la información biométrica de la escritura del usuario y tener dos etapas de autenticación. Este trabajo surge a partir de los buenos resultados obtenidos con la base de datos e-BioDigit realizado por el grupo BiDA Lab, donde se demostró el potencial de este nuevo método. Sin embargo, su trabajo se ve muy limitado dado que en el estudio solo se utilizaron números, un único dispositivo de captura, 2 sesiones de captura y un entorno supervisado. En este Trabajo Fin de Grado se ha diseñado y capturado una nueva base de datos denominada MobileTouchDB, compuesta de más de 200 usuarios en 94 dispositivos móviles diferentes. Esta base de datos posee información biométrica de escritura en entornos móviles. Los usuarios tuvieron que dibujar más de 70 caracteres y símbolos distintos a lo largo de 6 sesiones espaciadas temporalmente. Una vez adquirida la base de datos, se ha realizado un preprocesado de la misma con el objetivo de eliminar errores. Además, se han analizado los datos con el algoritmo DTW para entender cómo de efectivo y robusto es el trabajo propuesto en comparación con el estado del arte. Finalmente, se presentan las conclusiones alcanzadas a lo largo de este trabajo, así como las posibilidades que se ofrecen para nuevos enfoques de trabajo futuro

Evaluating Security in Cryptocurrency Wallets

The number of users who are interested in trading Cryptocurrency is tremendously increasing, however, some users of cryptocurrency wallets do not know how to protect themselves or how to use a wallet with high protection. The objective of this paper is to propose a framework to enable users to evaluate the security and privacy of cryptocurrencies wallets. This framework will provide users with a list of attributes that define the degree of user protection in cryptocurrency wallets. This work aims to improve security and privacy in cryptocurrency wallets and enable users of these platforms to interact safely

Vein biometric recognition on a smartphone

Topic: Intelligent Biometric Systems for Secure Societies.Human recognition on smartphone devices for unlocking, online payment, and bank account verification is one of the significant uses of biometrics. The exponential development and integration of this technology have been established since the introduction in 2013 of the fingerprint mounted sensor in the Apple iPhone 5s by Apple Inc.© (Motorola© Atrix was previously launched in 2011). Nowadays, in the commercial world, the main biometric variants integrated into mobile devices are fingerprint, facial, iris, and voice. In 2019, LG© Electronics announced the first mobile exhibiting vascular biometric recognition, integrated using the palm vein modality: LG© G8 ThinQ (hand ID). In this work, in an attempt to become the become the first research-embedded approach to smartphone vein identification, a novel wrist vascular biometric recognition is designed, implemented, and tested on the Xiaomi© Pocophone F1 and the Xiaomi© Mi 8 devices. The near-infrared camera mounted for facial recognition on these devices accounts for the hardware employed. Two software algorithms, TGS-CVBR® and PIS-CVBR®, are designed and applied to a database generation and the identification task, respectively. The database, named UC3M-Contactless Version 2 (UC3M-CV2), consists of 2400 contactless infrared images from both wrists of 50 different subjects (25 females and 25 males, 100 individual wrists in total), collected in two separate sessions with different environmental light environmental light conditions. The vein biometric recognition, using PIS-CVBR®, is based on the SIFT®, SURF®, and ORB algorithms. The results, discussed according to the ISO/IEC 19795-1:2019 standard, are promising and pave the way for contactless real-time-processing wrist recognition on smartphone devices

Usability in biometric recognition systems

Mención Internacional en el título de doctorBiometric recognition, which is a technology already mature, grows nowadays in several contexts, including forensics, access controls, home automation systems, internet, etc. Now that technology is moving to mobile scenarios, biometric recognition is being also integrated in smartphones, tablets and other mobile devices as a convenient solution for guaranteeing security, complementing other methods such as PIN or passwords. Nevertheless, the use of biometric recognition is not as spread as desired and it is still unknown for a wide percentage of the population. It has been demonstrated [1] that some of the possible reasons for the slow penetration of biometrics could be related to usability concerns. This could lead to various drawbacks like worst error rates due to systems misuses and it could end with users rejecting the technology and preferring other approaches. This Thesis is intended to cover this topic including a study of the current state of the art, several experiments analysing the most relevant usability factors and modifications to a usability evaluation methodology. The chosen methodology is the H-B interaction, carried out by Fernandez-Saavedra [2], based on the ISO/IEC 19795 [3], the HBSI [4], the ISO 9241-210 [5] and on Common Criteria [6]. Furthermore, this work is focused on dealing with accessibility concerns in biometric recognition systems. This topic, usually included into the usability field, has been addressed here separately, though the study of the accessibility has followed the same steps as the usability study: reviewing the state of the art, pointing and analysing the main influential factors and making improvements to the state of the art. The recently published standard EN 301 549 – “Accessibility requirements suitable for public procurement of ICT products and services in Europe” [7] has been also analysed. These two topics have been overcome through the well-known user-centric-design approach. In this way, first the influential factors have been detected. Then, they have been isolated (when possible) and measured. The results obtained have been then interpreted to suggest new updates to the H-B interaction. This 3-steps approach has been applied cyclically and the factors and methodology updated after each iteration. Due to technology and usability trends, during this work, all the systems/applications developed in the experiments have been thought to be mobile directly or indirectly. The biometric modalities used during the experiments performed in this Thesis are those pointed as suitable for biometric recognition in mobile devices: handwritten recognition signature, face and fingerprint recognition. Also, the scenarios and the applications used are in line with the main uses of biometrics in mobile environments, such as sign documents, locking/unlocking devices, or make payments. The outcomes of this Thesis are intended to guide future developers in the way of designing and testing proper usable and accessible biometrics. Finally, the results of this Thesis are being suggested as a new International Standard within ISO/IEC/JTC1/SC37 – Biometric Recognition, as standardization is the proper way of guaranteeing usability and accessibility in future biometric systems. The contributions of this Thesis include: • Improvements to the H-B interaction methodology, including several usability evaluations. • Improvements on the accessibility of the ICT (Information and Communications Technology) products by means of the integration of biometric recognition systems • Adaptation and application of the EN 301 549 to biometric recognition systems.El reconocimiento biométrico, que es una tecnología ya madura, crece hoy en día en varios contextos, incluyendo la medicina forense, controles de acceso, sistemas de automatización del hogar, internet, etc. Ahora que la tecnología se está moviendo a los escenarios móviles, el reconocimiento biométrico está siendo también integrado en los teléfonos inteligentes, tabletas y otros dispositivos móviles como una solución conveniente para garantizar la seguridad, como complemento de otros métodos de seguridad como el PIN o las contraseñas. Sin embargo, el uso del reconocimiento biométrico es todavía desconocido para un amplio porcentaje de la población. Se ha demostrado [1] que algunas de las posibles razones de la lenta penetración de la biometría podrían estar relacionadas con problemas de usabilidad. Esto podría dar lugar a diversos inconvenientes, ofreciendo un rendimiento por debajo de lo esperado debido al mal uso de los sistemas y podría terminar con los usuarios rechazando la tecnología y prefiriendo otros enfoques. Esta tesis doctoral trata este tema incluyendo un estudio del estado actual de la técnica, varios experimentos que analizan los factores de usabilidad más relevantes y modificaciones a una metodología de evaluación de la usabilidad, la "H-B interaction" [2] basada en la ISO / IEC 19795 [3], el HBSI [4], la ISO 9241 [5] y Common Criteria [6]. Además, este trabajo se centra también en los problemas de accesibilidad de los sistemas de reconocimiento biométrico. Este tema, que por lo general se incluye en el campo de la usabilidad, se ha tratado aquí por separado, aunque el estudio de la accesibilidad ha seguido los mismos pasos que el estudio de usabilidad: revisión del estado del arte, análisis de los principales factores influyentes y propuesta de cambios en la metodología H-B interaction. Han sido también analizados los requisitos de accesibilidad para las Tecnologías de la Información y la Comunicación (TIC) en Europa, bajo la norma EN 301 549 [7]. Estos dos temas han sido estudiados a través de un enfoque centrado en el usuario (User Centric Design - UCD). De esta manera, se han detectado los factores influyentes. A continuación, dichos factores han sido aislados (cuando ha sido posible) y medidos. Los resultados obtenidos han sido interpretados para sugerir nuevos cambios a la metodología H-B interaction. Este enfoque de 3 pasos se ha aplicado de forma cíclica a los factores y a la metodología después de cada iteración. Debido a las tendencias tecnológicas y de usabilidad, durante este trabajo, todos los sistemas / aplicaciones desarrolladas en los experimentos se han pensado para ser móviles, directa o indirectamente. Las modalidades utilizadas durante los experimentos realizados en esta tesis doctoral son las que se señalaron como adecuados para el reconocimiento biométrico en dispositivos móviles: la firma manuscrita, la cara y el reconocimiento de huellas dactilares. Además, los escenarios y las aplicaciones utilizadas están en línea con los principales usos de la biometría en entornos móviles, como la firma de documentos, el bloqueo / desbloqueo de dispositivos, o hacer pagos. Los resultados de esta tesis tienen como objetivo orientar a los futuros desarrolladores en el diseño y evaluación de la usabilidad y la accesibilidad en los sistemas de reconocimiento biométrico. Por último, los resultados de esta tesis doctoral se sugerirán como un nuevo estándar de ISO / IEC / JTC1 / SC37 - Biometric Recognition, ya que la normalización es la manera adecuada de garantizar la usabilidad y la accesibilidad en los futuros sistemas biométricos. Las contribuciones de esta tesis incluyen: • Mejora de la metodología de evaluación H-B interaction, incluyendo varias evaluaciones de usabilidad. • Mejora de la accesibilidad de los sistemas de información / electrónicos mediante la integración de sistemas biométricos y varias evaluaciones. • Adaptación y aplicación de la norma de accesibilidad EN 301 549 al campo de los sistemas biométricos.Programa Oficial de Doctorado en Ingeniería Eléctrica, Electrónica y AutomáticaPresidente: Patrizio Campisi.- Secretario: Enrique Cabellos Pardo.- Vocal: Marcos Faundez Zanu

Strong Electronic Identification: Survey & Scenario Planning

The deployment of more high-risk services such as online banking and government services on the Internet has meant that the need and demand for strong electronic identity is bigger today more than ever. Different stakeholders have different reasons for moving their services to the Internet, including cost savings, being closer to the customer or citizen, increasing volume and value of services among others. This means that traditional online identification schemes based on self-asserted identities are no longer sufficient to cope with the required level of assurance demanded by these services. Therefore, strong electronic identification methods that utilize identifiers rooted in real world identities must be provided to be used by customers and citizens alike on the Internet. This thesis focuses on studying state-of-the-art methods for providing reliable and mass market strong electronic identity in the world today. It looks at concrete real-world examples that enable real world identities to be transferred and used in the virtual world of the Internet. The thesis identifies crucial factors that determine what constitutes a strong electronic identity solution and through these factors evaluates and compares the example solutions surveyed in the thesis. As the Internet become more pervasive in our lives; mobile devices are becoming the primary devices for communication and accessing Internet services. This has thus, raised the question of what sort of strong electronic identity solutions could be implemented and how such solutions could adapt to the future. To help to understand the possible alternate futures, a scenario planning and analysis method was used to develop a series of scenarios from underlying key economic, political, technological and social trends and uncertainties. The resulting three future scenarios indicate how the future of strong electronic identity will shape up with the aim of helping stakeholders contemplate the future and develop policies and strategies to better position themselves for the future

Strong Electronic Identification: Survey & Scenario Planning

The deployment of more high-risk services such as online banking and government services on the Internet has meant that the need and demand for strong electronic identity is bigger today more than ever. Different stakeholders have different reasons for moving their services to the Internet, including cost savings, being closer to the customer or citizen, increasing volume and value of services among others. This means that traditional online identification schemes based on self-asserted identities are no longer sufficient to cope with the required level of assurance demanded by these services. Therefore, strong electronic identification methods that utilize identifiers rooted in real world identities must be provided to be used by customers and citizens alike on the Internet. This thesis focuses on studying state-of-the-art methods for providing reliable and mass market strong electronic identity in the world today. It looks at concrete real-world examples that enable real world identities to be transferred and used in the virtual world of the Internet. The thesis identifies crucial factors that determine what constitutes a strong electronic identity solution and through these factors evaluates and compares the example solutions surveyed in the thesis. As the Internet become more pervasive in our lives; mobile devices are becoming the primary devices for communication and accessing Internet services. This has thus, raised the question of what sort of strong electronic identity solutions could be implemented and how such solutions could adapt to the future. To help to understand the possible alternate futures, a scenario planning and analysis method was used to develop a series of scenarios from underlying key economic, political, technological and social trends and uncertainties. The resulting three future scenarios indicate how the future of strong electronic identity will shape up with the aim of helping stakeholders contemplate the future and develop policies and strategies to better position themselves for the future

Survey on encode biometric data for transmission in wireless communication networks

The aim of this research survey is to review an enhanced model supported by artificial intelligence to encode biometric data for transmission in wireless communication networks can be tricky as performance decreases with increasing size due to interference, especially if channels and network topology are not selected carefully beforehand. Additionally, network dissociations may occur easily if crucial links fail as redundancy is neglected for signal transmission. Therefore, we present several algorithms and its implementation which addresses this problem by finding a network topology and channel assignment that minimizes interference and thus allows a deployment to increase its throughput performance by utilizing more bandwidth in the local spectrum by reducing coverage as well as connectivity issues in multiple AI-based techniques. Our evaluation survey shows an increase in throughput performance of up to multiple times or more compared to a baseline scenario where an optimization has not taken place and only one channel for the whole network is used with AI-based techniques. Furthermore, our solution also provides a robust signal transmission which tackles the issue of network partition for coverage and for single link failures by using airborne wireless network. The highest end-to-end connectivity stands at 10 Mbps data rate with a maximum propagation distance of several kilometers. The transmission in wireless network coverage depicted with several signal transmission data rate with 10 Mbps as it has lowest coverage issue with moderate range of propagation distance using enhanced model to encode biometric data for transmission in wireless communication