2. 2
• The term Biometrics is composed of two words − Bio (Greek word for Life)
and Metrics (Measurements).
• Biometrics is a branch of information technology that aims towards establishing one’s
identity based on personal traits.
• Biometrics is presently a buzzword in the domain of information security as it provides
high degree of accuracy in identifying an individual.
3. 3
• Biometrics is a technology used to identify, analyze, and measure an individual’s physical
and behavioral characteristics.
• Each human being is unique in terms of characteristics, which make him or her different
from all others. The physical attributes such as finger prints, color of iris, color of hair,
hand geometry, and behavioral characteristics such as tone and accent of speech,
signature, or the way of typing keys of computer keyboard etc., make a person stand
separate from the rest.
4. 4
This uniqueness of a person is then used by the biometric systems to −
❑ Identify and verify a person.
❑ Authenticate a person to give appropriate rights of system operations.
❑ Keep the system safe from unethical handling.
What is a Biometric System?
A biometric system is a technology which takes an individual’s physiological,
behavioral, or both traits as input, analyzes it, and identifies the individual as a
genuine or malicious user.
5. 5
The idea of biometrics was present since few years from now. In 14th century, China practiced taking finger
prints of merchants and their children to separate them from all others. Fingerprinting is still used today.
❑ In the 19th century, an Anthropologist named Alphonse Bertillion developed a method
(named Bertillionage) of taking body measurements of persons to identify them. He had realized that even if
some features of human body are changed, such as length of hair, weight, etc., some physical traits of body
remain unchanged, such as length of fingers. This method diminished quickly as it was found that the
persons with same body measurements alone can be falsely taken as one. Subsequently, Richard Edward
Henry from Scotland Yard developed a method for fingerprinting.
❑ The idea of retinal identification was conceived by Dr. Carleton Simon and Dr. Isadore Goldstein in 1935. In
1976, a research and development effort was put in at EyeDentify Inc. The first commercial retina scanning
system was made available in 1981.
❑ Iris recognition was invented by John Daugman in 1993 at Cambridge University.
❑ In 2001, Biometrics Automated Toolset (BAT) was introduced in Kosovo, which provided a concrete
identification means.
Today, biometric has come up as an independent field of study with precise technologies of establishing
personal identities.
6. 6
With increasing use of Information Technology in the field of banking, science, medication, etc.,
there is an immense need to protect the systems and data from unauthorized users.
Biometrics is used for authenticating and authorizing a person. Though these terms are often
coupled; they mean different.
➢Authentication (Identification)
This process tries to find out answer of question, “Are you the same who you are claiming to be?”,
or, “Do I know you?” This is one-to-many matching and comparison of a person’s biometrics with
the whole database.
➢Verification
This is the one-to-one process of matching where live sample entered by the candidate is
compared with a previously stored template in the database. If both are matching with more than
70% agreeable similarity, then the verification is successful.
7. 7
➢ Authorization
It is the process of assigning access rights to the authenticated or verified users. It tries
to find out the answer for the question, “Are you eligible to have certain rights to access
this resource?”
Shortcomings of Conventional Security Aids
25. 7
Fingerprint is one of oldest and most popular recognition technique. Fingerprint
matching techniques are of three types −
Minutiae Based Techniques − In these minutiae points are found and then mapped to their relative
position on finger. There are some difficulties such as if image is of low quality, then it is difficult to find
minutiae points correctly. Another difficulty is, it considers local position of ridges and furrows; not
global.
Correlation Based Method − It uses richer gray scale information. It overcomes problems of minutiae-
based method, by being able to work with bad quality data. But it has some of its own problems like
localization of points.
Pattern Based (Image Based) Matching − Pattern based algorithms compare the basic fingerprint
patterns (arch, whorl, and loop) between a stored template and a candidate fingerprint.
77. • There are 3 traditional way of verifying the identity of a person:
• Possessions (keys, passports, smartcards , …)
• Knowledge
• Secret (passwords, pass phrases, …)
• Non-secret (user Id, mothers maiden name, favorite color)
• Biometrics
• Physiological (fingerprints, face, iris, …)
• Behavioral (walking, keystroke pattern, talking, …)
78. • The 3 modes of authentication are sometimes combined
• User id + password
• ATM card + password
• Passport + face picture and signiture
79. There are two different authentication methods in biometrics
• Verification: Is he/she the person who claims he/she is? Works
with id + biometrics. Thus it is based on a combination of
modes.
• Identification: Who is this person? Uses only the biometrics
and searches the entire database.
80. There are five important properties of biometric identifiers:
1. Universality
2. Uniqueness
3. Permanence
4. Collectability
5. Acceptability
85. Biometric verification differs from biometric identification in that the
presented biometric is only compared with a single enrolled
biometric entity which matches the input id
86. There are two possible database configurations for the verification systems
Centralized Database: As the name suggests the enrollment information is
in a central database. When the token (id/card) is provided, the
corresponding biometrics is retrieved and the comparison is made with the
newly presented biometric sample. E.g. laptop
Distributed Database: In this case the enrollment template is usually stored
in a device that the user carries. The user provides the device and his/her
biometrics. Then the comparison is performed between the two. E.g. smart
cards
87. Process of registering subjects in biometric database
Positive Enrollment:
• To create a database of eligible subjects
• Biometric samples and other credentials are stored in the database. An id (or a smart card)
is issued to the subject.
Negative Enrollment:
• To create a database of ineligible subjects
• Often without subject cooperation or even knowledge
88. • Possible Security Concerns:
• Biometric information is presented when the owner is not present.
• Hacking the scanner, feature extractor, matcher, database, and any other
possible module in the system.
89. • Authorization: Permission to access a resource
• Access Control: A mechanism for limiting the use of some resource to
authorized users
• Access Control List: A data structure associated with a resource that
specifies the authorized users and the conditions for their access
• Authenticate: To determine that something is genuine; to determine
reliably the identity of the communicating party
• Authentication: Permission to access a resource
90. Characteristics of an authentication protocol:
• Established in advance
• Mutually agreed
• Unambiguous
• Complete (Able to handle exceptions)
An authentication protocol itself does “not” guarantee security
91. Some basic security services that should be offered by any access
control system are:
• Authentication
• Non-repudiation
• Confidentiality
93. Authentication protocol is the tasks the user and the access point
has to perform to be able to determine whether the user has
enough credentials or not.
Part of Authentication Protocols:
• Enrollment
• Tokens. E.g. T={x1…xn|xi Є (P,K,B)}
• Comparison rules. E.g. Matching threshold
• Other rules. E.g. “Three strikes and you are out”, or the order of the
presentation of the tokens: “First id number, then the fingerprint, and
than the key”
94. Remark:
• P and K are checked by exact comparison;
• B is compared via pattern recognition techniques because of sampling variations, noise and
distortions
Three crucial design aspects of biometric system:
• The biometric sampling or signal acquisition (B=f(ß))
• The similarity function s=s(B1, B2) between two templates
• The decision threshold T that decides on a match or mismatch
95. • Identification
Only the biometrics is needed (no id is claimed).
• Authorization is granted if d=di
• Multiple di might satisfy the similarity criteria. A secondary matcher (possible
a human expert) tries to narrow it down.
96. • Screening
• Negative identification.
• Searching whether a subject is in an “interesting” people database or not.
(Most wanted criminals)
• Using biometrics only may result in too many false positives (or false
negatives depending on T). Bad ROC.
• Therefore several tokens P1, B1, K1, P2, K2, B2 etc. should be matched
with the ones in the file.
97. • Verification
• Id + B is provided. (Sometimes K too)
• The template corresponding the Id is retrieved from the database
• If s(B,Bi)>T pass, else fail.
98. • Continuity of Identity
• Are the authenticated and authorized persons the same?
• Re-establishing the authentication credentials
• Surveillance cameras
99. • By looking at the biometrics (face, signatures…)
• Face verification error rate 1:1000
• Signature verification is not very secure
101. • More than one identifier is used {P, K, B}
• Two Remarks
• B with {P, K}. Reduces identification to verification (from 1:many to 1:1)
• B1 with B2. Results in better ROCs than using only B1 or only B2
• Combination of matching scores is an application specific problem
103. 2
❑Biometric identification systems which use a single biometric trait of the individual for identification
and verification are called unimodal systems.
❑Biometric identification systems which use or are capable of using a combination of two or more
biometric modalities to identify an individual are called multimodal biometric systems. The most
important reason behind using multimodal biometric systems is to improve the recognition rate.
❑When adopting biometric technology for identification, the most important pre-deployment question
is whether to choose a unimodal or multimodal biometric system. We will discuss both these
systems, the limitations of Unimodal biometric systems and how these limitations are overcome by
the use of multimodal biometric systems.
104. 3
Despite having many inherent advantages, the large scale deployment of biometric identification
systems have been hampered due to various reasons. Biometrics is used in many applications such
as border control and voter id issuance. Theoretically, Unimodal biometric identification might seem
very proficient but in reality there are numerous challenges when enrolling large populations using
just a single (Unimodal) biometric. The major issue with Unimodal biometric system is that no one
technology can be suitable for all applications and hence using a multimodal biometric system will
compensate the limitations of Unimodal biometric system.
105. 4
❑Susceptibility of the biometric sensor to noisy or bad data: The captured biometric trait might be
distorted due to imperfect acquisition conditions. This limitation can be seen in applications which
use facial recognition. The quality of the captured facial images might get affected by illumination
conditions and facial expressions. Another example could be in fingerprint recognition where a
scanner is unable to read dirty fingerprints clearly and leads to false database matches. An enrolled
user might be incorrectly rejected whereas an impostor might be falsely accepted.
106. 5
❑ It might not be compatible with certain groups of population. Fingerprint images might not be
properly captured for the elderly and young children because of faded fingerprints or
underdeveloped fingerprint ridges. Though the biometric traits are expected to exist among
every individual in a given population, there could be some exceptions where an individual is
unable to provide a particular biometric. For example, iris images might not be acquired if the
subject has a pathological eye condition.
❑ Within a large population, unimodal biometrics is prone to inter-class similarities. Facial
recognition may not work correctly for identical twins as the camera might not be able to
distinguish between the two subjects leading to inaccurate matching.
❑ Unimodal biometric systems are quite vulnerab le to spoof attacks where the data can be
imitated or forged.
For example, fingerprint recognition systems can be easily spoofed using rubber fingerprints.
107. 6
• Multimodal biometric systems merge two or more biometric technologies such as facial recognition,
fingerprint, iris scanning, hand geometry, voice recognition etc. These systems take input from
single or multiple sensors for measuring two or more different biometric characteristics. A system
combining face and iris characteristics for biometric identification is considered a multimodal system
irrespective of whether the face and iris images were captured by the same or different imaging
devices. Also, the measures need not be mathematically combined in anyway. An example of this
would be a biometric system which combines fingerprint and face recognition. This system allows
users to be verified using either modality.
• In addition to improving the recognition rate, combining two or more biometric modalities might be
more appropriate for different applications. Another reason might be simply customer preference.
108. 7
• The unimodal systems have to deal with various challenges such as lack of secrecy, non-
universality of samples, extent of user’s comfort and freedom while dealing with the
system, spoofing attacks on stored data, etc.
• Some of these challenges can be addressed by employing a multimodal biometric
system.
109. 8
❑ Sensor Modules
❑ Feature Extraction Modules
❑ Matching Module
❑ Decision-Making Module
In multimodal biometric systems fusion is achieved by running two or more biometric traits against
two or more different algorithms which is then used to arrive at a decision. This kind of a technique
proves to be extremely useful in situations such as a large scale civil ID scenario, where the identity
of thousands of people need to be authenticated at one time. Also, having an additional method of
verification overcomes the possibility of inconvenience which can be caused by the malfunctioning of the
primary biometric input.
110. 9
The various types of multimodal biometric systems are discussed below:
❑ Multi-algorithmic biometric systems
These systems take a single biometric sample from a single sensor and then process it using two or more
different algorithms.
❑ Multi-instance biometric systems
These systems use one or more sensors to capture samples of two or more different samples of the same
biometric trait. An example of this could be a system capturing images of multiple fingers.
❑ Multi-sensorial biometric systems
These systems use two or more distinctly different sensors to capture the same instance of a biometric trait.
These captured samples are then processed using a single algorithm or a combination of algorithms. Example
of multi-sensorial biometric systems is where the same facial image is captured using a visible light camera and
an infrared camera fixed with a particular frequency.
116. 15
• The accuracy of a multimodal biometric system is measured by the errors in image acquisition and
matching of the biometric traits. Image acquisition errors include failure-to-acquire (FTA) rate and
failure-to-enroll (FTE) rate. Matching errors consist of false non-match rates (FNMR) in which a
legitimate subject is rejected and a false match rate (FMR) where an intruder is granted access.
Multimodal systems have almost zero FTA, FTE, FNMR and FMR rates.
• In a scenario where millions of people need to be enrolled in a system and some people might be
facing problems with a particular biometric trait, multimodal systems can overcome this limitation by
using a different biometric for that segment of the population. This will ensure almost zero failure-to-
enroll (FTE) rate.
• Multimodal biometrics can reduce data distortion. In cases where the quality of a biometric sample
is unacceptable, the other biometric trait can be used. For example, if a fingerprint scanner rejects
the fingerprint image due to poor quality using another biometric modality such as facial rejection
will lower the false rejection rates.
• Multimodal biometric systems are very difficult to spoof as compared to unimodal systems. Even if
one biometric modality could be spoofed, the individual can still be authenticated using the other
biometric identifier.
144. 4
There are various reasons for processing signals. The biometric systems, require voice processing
for various reasons −
To extract meaningful information from the candidate’s sample.
To remove noise from the sample.
To make the sample transmittable.
To remove distortion of sample.
145. 5
The analog signal processing module converts real world information such as sound
wave in the form of 0s and 1s to make it understandable and usable by the
contemporary digital systems such as biometric systems. The keystrokes, hand
geometry, signature, and speech fall into the domains of signal processing and
pattern recognition.
149. 2
• A biometric system is a technology that extracts information out of biological or behavioral patterns of a person
to recognize a particular person. To propose new approaches or to increase the performance and the accuracy
of the existing system, one has to understand the primary biometric system, the parameters used in its making,
types of errors, biometric scenario, biometric characters used for an application, limitations of the system and
modern approaches. Any biometric machine is not optimal. There will always be a need for enhancing and
improving the accuracy and the performance of the biometric system.
150. 3
• Biometric system is subjected to many malicious attacks which can be performed by various forms of threats.
Malicious attacks on a biometric machine are a security concern and degrade the system's performances.
Biometric system has various limitations like spoof attacks, noisy sensor data, interclass variations, and
interclass similarity, etc.
• The high attacks are relevant to any biometric system which is to be analyzed, and countermeasures are to be
taken while designing the biometric system.
151. 4
• Fake Biometric: With the advent of modern technologies, various hackers nowadays give a fake
biometric sample to a sensor to get access to the biometric system. Fake face masks, false
fingerprint made from silicon, the lens on an iris, etc. are few such malicious attacks on the sensor.
• Replay Attack: In this attack, the data stream which is contained in the biometric system is injected
between the sensor and the processing system. A replay attack can be of two to three stage
process. It first intercepts or copies the sensor transmission, then it modifies or alters the
information, thus finally replaying the data.
152. 5
Spoofing the Feature set: The replacing of the feature set with fake or altered
features are called spoofing of data. These types of spoofing attacks are typically
used to attack various networks, spread malware and to gain confidential information.
Template Tampering Attack: A template represents a set of salient features that
summarizes the biometric data (signal) of an individual. The templates can be
modified to obtain a high verification score, no matter which image is presented to the
system. The templates which are stored in the database can be replaced, stolen or
even can be altered. Thus, bringing the system down by making the score low for
legitimate users. The template-generating algorithms have been viewed as one-way
algorithms.
153. 6
Overriding Yes/No response: An inherent error prevailing in your biometric systems is
that the result of the system is always a binary response, Yes/No (i.e., either match/no
match). In other words, there is still a fundamental disconnecting between the biometric
and applications, which make the system, open to potential attacks.
Trojan horse attack: In Trojan horse attack the feature extractor is itself replaced to
produce the desired features and to add on those features in the existing database. The
spoof detection technology has become a crucial part of a biometric system as with an
increasing concern for security, the biometric attacks are to be identified, controlled and
minimized. Researchers are developing various new approaches for a secure biometric
system.
154. 7
• Masquerade attack: It was demonstrated that a digital "artifact" image could be created from a
fingerprint template so that this artifact is submitted to the system, will produce a match. The object
may not even resemble the real image. This attack poses a significant threat to the remote
authentication machines. Since a hacker does not even have to bother to obtain a valid biometric
sample, all he needs is to get access to the templates stored on a remote server.
155. 8
• Complex systems are exposed to multiple possible vulnerabilities, and the ability to exploit a given
vulnerability is dependent on a chain of requirements. Weaknesses vary in severity and may be
protected against by various countermeasures, such as supervision of enrollment or verification,
liveness detection, template anonymization, cryptographic storage and transport, and traditional
network security measures. The security requirements of biometrics are non-repudiation,
confidentiality, authenticity, integrity, and availability.
156. 9
Confidentiality:
• Confidentiality is the property that protects your information against unauthorized access or
disclosure. In biometric systems, a biometric reference stored in a biometric database during the
enrollment process is transmitted to a comparison subsystem for the verification and identification
process.
• During this process, the biometric reference may be accessed by unauthorized entities and can be
read or the binding to its identity information may be revealed. Unauthorized disclosure of data may
cause critical privacy threats since biometrics are sensitive. The confidentiality of stored and
transmitted biometric data can be obtained from access control mechanisms and various forms of
encryption techniques.
157. 10
• Integrity is the property of safeguarding the accuracy and completeness of assets. The integrity of a
biometric reference is critical to the assurance of overall biometric system security. The integrity of the
authentication process is dependent on the integrity of the biometric reference. If either the biometric
reference or the captured and extracted biometric feature is untrustworthy, the resulting authentication
will also be untrustworthy. Unreliable biometric references or samples could occur for one or more of the
following reasons:
• The accidental corruption due to a malfunction in hardware or software.
• The accidental or intentional modification of a bonafide biometric reference by an authorized entity (i.e.,
either an approved enrollee or a system owner), without the intervention of an attacker.
• Any change (including substitution) of a biometric reference of an authorized enrollee by an attacker.
158. 11
Data Center (DC) replication is implemented in the Aadhar system, and the resident data is
available at two of the data centers. The application servers are hosted on both these data centers
for handling transaction requests (authentication/e-KYC). Thus, the availability of UIDAI hosted
services is ensured through redundancy in equipment and component level. Restricted access is
enabled only through the authorized entities via leased lines or MPLS connectivity to the data, and
there is no direct link given to any third party entities.
159. 12
Non-repudiation: It is the identification of dedicated resources such as entities and
components. It is also seen as a liability. For example, it forbids a recipient or a sender of
biometric data from denying having sent or received biometric information.
Authenticity: It refers to the state or the quality of being pure, genuine, or original, rather
than being duplicated. The data is only considered authentic when it was in the same state
and condition when it was produced, stored, or transmitted. In a biometric system, there are
two types of authenticities ? data origin authenticity and entity authenticity. Data origin
authenticity ensures the genuineness and originality of the information. For example, the
biometric data is captured with sensor devices. The obtained evidence that came from a
suitable sensor is not spoofed from a previous recording. The entity authenticity confirms that
all entities involved in the overall processing are the ones that they claim to be.
161. 2
The Biometric Encryption is a process that binds a PIN or a cryptographic key securely to a
biometric so that neither the biometric nor the key can be fetched from the stored template. The key
is re-created only if a correct live biometric sample is presented on verification.
162. 3
• The working of Biometric Encryption is an effective, secure, and privacy-friendly tool especially for biometric password
management because the password and the biometric are bound on a fundamental level. The steps of BE working is
briefly explained below:
1. Digital Enrolment
The digital key unlike a password, PIN, etc. is randomly generated on enrolment, so that nobody, including the user,
knows it. The key itself is entirely independent of biometrics and, therefore, can always be altered or updated. After a
biometric sample is attained, the BE algorithm consistently and securely binds the key to the biometric to generate a
protected BE template, which is also known as a "private template". The key is always encrypted with the biometric. The
BE template provides excellent privacy protection and can be stored in a database or locally on a smart card, token,
laptop, cell phone, or other devices. At the termination of the enrolment process, both the biometric and the key are
discarded.
163. 4
2. Biometric Verification
For the verification process, the user offers a new biometric sample, which is when applied
to the legitimate Biometric Encryption template, will let the BE algorithm retrieve the same
key or password. So the biometric serves as a decryption key. At the end of the
verification, the given sample is discarded once again.
3. Password Management
When the digital key, password, PIN, etc., is retrieved, then it is used as the basis for any
physical or logical application. The most apparent way lies in the conventional
cryptosystem, such as a PKI, where the password will automatically generate a pair of
public and private keys.
164. 5
4. Encryption/Decryption Scheme
The Biometric Encryption algorithm is designed to account for suitable variations
in the input biometric. Nevertheless, an attacker whose biometric sample is
different enough will not be able to retrieve the password. This encryption or
decryption scheme is uncertain, as the biometric sample is different each time.
With the invention of so many modern hacking methods, it is a big challenge to
make the system work correctly.
165. 6
• Biometric Encryption technologies have massive potential to lift privacy and security. The crucial
benefits and advantages of this technology are given below:
1. No holding of biometric image or template
• In any biometric system, privacy and security concerns include fears of security breaching, potential
data matching, surveillance, profiling, interception, and identity theft by hackers. Mismanagement
and misuse of biometric data by others can invoke negative externalities and costs that fall primarily
upon individuals.
• Biometric Encryption directly manages these risks and threats. The users retain the complete (local)
control and use of their biometrics. Local authority enhances confidence and trust in the system,
which ultimately promotes greater enrolment and use.
166. 7
• In Biometric Encryption, the Account identifiers are bound with the biometric and are recomputed
directly from the user's verification. These results in much powerful account identifiers (passwords)
that are more extended and more complex and are not needed to be memorized. And these are
also less susceptible to security attacks. Here there are no substitution attack, No tampering of
data, no Trojan horse attacks, etc., as an attacker cannot create his template since neither he nor
anybody else, know the digital key.
• Also, the possibilities of high-level masquerade attack are minimal as the system does not store any
template so that the intruder cannot create a digital artifact.
167. 8
• The users can take advantage of the convenience and ease of BE technologies to encrypt their
private or sensitive data. Since the key is one's own biometric which is used locally thus, enabling
the BE technology to securely place a powerful tool directly in the hands of individuals. Hence,
Biometric Encryption could be viewed as encryption for the masses.
168. 9
• Public faith and trust are mainly necessary for the success of any biometric system deployment.
One major data breach involving a massive centralized database of biometric templates could set
back the entire industry for years. The biometric data are kept firmly under the exclusive control of
the user, in a way that benefits the users and minimizes the risk of surveillance and identity theft. It
will go a long way towards satisfying the requirements of privacy and data protection laws and will
promote the broader acceptance and use of biometrics.
169. 10
• The application of BE is a privacy-protected one-to-many database for preventing "double dipping."
The database is multimodal: it contains standard but anonymous templates for one biometric (e.g.,
fingerprints) and own templates (e.g., for iris) that control the link with the user's encrypted records.
A user's history would only be decrypted and displayed if there was a decisive match on both
standard and private templates. BE technologies make possible database applications, minimizing
the risks of traditional biometric systems. With Biometric Encryption, the consumers would be
empowered with the ability to securely prove their identity to anyone, for any purpose, using their
biometrics, without even disclosing the biometric data itself.
