The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
08448380779 Call Girls In Friends Colony Women Seeking Men
Vulnerabilities of fingerprint authentication and security techniques
1. Vulnerabilities of Fingerprint Authentication Systems
and Their Securities
Tanjarul Islam Mishu
MS Research Student, Dept. of Computer Science & Engineering
Jatiya Kabi Kazi Nazrul Islam University
Mymensingh, Bangladesh
Email: tanjarul26@gmail.com
Dr. Md. Mijanur Rahman
Associate Professor, Dept. of Computer Science & Engineering
Jatiya Kabi Kazi Nazrul Islam University
Mymensingh, Bangladesh
Email: mijanjkkniu@gmail.com
Abstract—The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
Keywords: Attacks; Vulnerabilities; Cryptosystems;
Fingerprint Templates; Template Security.
I. INTRODUCTION
Fingerprint authentication system is very popular all
over the world because of its uniqueness, usability,
reliability etc. It has wide application areas such as border
control, airports, business, healthcare, logical access
systems, criminal detection, security management, smart
phones etc. So, the security of this area is a matter of great
concern. Because, the system is vulnerable to several
attacks. Ratha[1] presented a model for possible attacks on a
biometric system. The model introduced varieties of
vulnerable points of the system. This work will focus on the
points mentioned in the model. The motive of the present
study is to detect different kinds of attacks on each point of
this sophisticated model and also to identify the existing
security techniques to protect against such kind of the
attacks. Although several studies have been done over the
attacks and the security approaches, most of them focused
on attacks and solutions separately. Very few of them are on
both but they are not sufficient. They didn’t expose some
existing rare solutions. This study will depict the whole
scenario of attacks on entire system and securities against
the attacks existing now.
This paper is organized as follows. There are eight
subsections in Section 2. Each subsection firstly introduces
the attacks followed by the solutions against the attacks. As
template database attacks contain rich data, Section 2.6 is
divided into two parts. Finally, the conclusion is drawn in
Section 3.
II. TYPES OF ATTACKS ON FINGERPRINT SYSTEM
Ratha et al. [1] and Anil et al. [2] showed eight points of
attack in a biometric system (see Figure-1). Each point and
its attacks and regarding solutions has been explained in the
following subsections.
A. Fake Biometric
A fake or artificial fingerprint, called spoof, is given to
the scanner to get access to the system. The scanner remains
unable to distinguish between fake and genuine traits. So,
the intruder easily gets access to the system. [2] Putte and
Keuning [3] created dummy fingerprint with and without the
co-operation of the owner and tested on several sensors.
They showed a result that almost every sensor accepted the
dummy fingerprint as real at first attempt. Matsumoto et al.
[4] experimented gummy (fake) fingers on 11 types of
different fingerprint system. In their experiment, about 68-
100% gummy fingers were accepted by the system in their
verification procedure. They also showed following ways
how an attacker may deceive the system at scanner.
Sensor
Feature
Extraction
Matcher
Application
Devices
Stored
Templates
1 2
3
4
8
5
7
6
Override Feature
Extractor
Override
Matcher
Database-Matcher Channel
Accept
or
Reject
Fake
Biometric
Replay Synthesized
Feature Set
Override Final
Decision
Template Database Attack
Figure 1. Points of attack in a biometric System
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
99 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
2. .
(i) Fingerprints Known to System
The actual registered finger is presented at the scanner
by evil way such as external force by the criminals, using
the fingerprints when user sleeping etc.
(ii) Fingerprints Unknown to System
If the imposter can know about the category of actual
fingerprint (whorls, arches, loops etc), he may use the
similar fingerprints unknown to system. Though it is almost
impossible, it may harm the systems which are developed on
the basis of insufficient features of fingerprint. It may
effects on False Acceptance Rate (FAR) of the system. So,
the authentication should be based on sufficient features.
(iii) Severed Known Fingerprints
It is similar to the known fingerprint mentioned earlier.
But, it is a horrible attack done by a criminal to severe the
fingerprint from the real user’s hand. To be protected, we
should detect is the finger alive or not.
(iv) Genetic Clone of Known Fingerprints
Identical twins do not have same fingerprints. Because,
the patterns of fingerprint are determined by the genetic
mechanism and the nerve growth. So, they are not same but
still very close. So, a genetic clone may be tried to deceive
the system. To be protected from this kind of threats, we
should keep tracking a genetic engineering on possibility of
creating clones.
(v) Artificial Clone of Known Fingerprints
The attacker can make a 3D printed fingerprint or can
make a mold of the known finger by which an artificial
finger can be produced.
(vi) Printed Image of Known Fingerprints
This is very similar to the previous one. By the help of
spraying some materials on the surface of the scanner to feel
like actual finger, imposter can use printed image of
fingerprint.
Liveliness detection can be solution to fake biometric
traits. There are two separate methods, such as, passive
(non-stimulating) and active (stimulating) automated
liveliness detection methods [5]. Generally, passive
detection techniques make use of biometric probes recorded
through a biometric sensor such as pulse measurement,
temperature measurement, active sweat pores detection, skin
resistance detection, electrical conductivity etc.[16] Active
detection techniques normally require additional interactions
that should requested using challenge response procedures.
The different challenge response approaches can be used
such as request of different fingers in random order.
B. Replay Attack
After acquisition of raw biometric data, it sends the raw
data (e.g. fingerprint raw image) to the feature extraction
module. The imposter steals the biometric trait raw data by
seizing the channel and stores the trait. The imposter can
reply the previously stored biometric trait to the feature
extraction module to bypass the sensor. Fingerprint images
are sent over channel usually compressed using WSQ.
Because of the open compression standard, transmitting a
WSQ compressed image over the Internet is not particularly
secure. If the image can be seized, it can be decompressed
easily which can cause Replay Old Data [1].
Data hiding techniques such as steganography can be
applied when the raw image is sent to feature extractor.
C. Override Feature Extractor
The hackers, by Trojan Horse, take control over the
feature extractor to produces feature sets as they wishes [1].
When installing or updating programs in a device it
should be verified and should be aware of using third party
programs.
D. Synthesized Feature Set
If the imposter can intercept the channel between the
feature extraction module and matcher, he can replace the
original set with a different synthesized feature set
(assuming the representation is known to imposter) [1].
Insecure communication channel may face the ‘Hill
Climbing Attack’ [2].
Hill Climbing Attack
Uludag & Anil have developed an attacked for minutiae
base fingerprint authentication system [6]. The location (c,
r) and orientation Ɵ of minutiae points has been used by the
attack. The system will works as the attackers knows the
format of templates but not the information of templates. It
uses the match score returned by the matcher and tries to
generate minutiae set that results in successfully high
matching score to be positive in identification. Figure-2
describes the Hill Climbing attack.
refers to the database template corresponding to user i
, i =1, 2,3,....N , where N is the total number of user. is
Synthetic Template
Generator
Attack Module
Fingerprint
Matcher
Application
Devices
To Other
Modules
T S( , T )
Attacking System Target System
Figure 2. Block Diagram of Hill Climbing Attack
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
100 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
3. .
the total number of minutiae in . T is the synthetic
template generated by the attacking system for user i .
S( , T ) is the matching score between and T .
refers to the decision threshold used by the
matcher. Note that the attacking system does not know this
value.
At the beginning of the attack, it generates several
synthetic templates. Then begins attack with these templates
and accumulate the matching scores returned by the
matcher. It chooses the template having highest matching
score. Then tries modification (perturbing, adding, replacing
or deleting of minutiae) to get larger match score and
chooses the larger one as the best template T . This
modification continues until the matcher accept the current
best score where ( ) > .
To be safe from hill climbing attack, we can add some
extra features in the matcher of authentication system. These
may include-
i) tracking the number of failures within specific
time.
ii) limiting the number of tries within specific time.
E. Override Matcher
The hackers replace the matcher by a Trojan horse
program that generates very high or low matching scores as
the hackers want, regardless of original scores [1].
The Matcher is also a program like feature extractor.
Attacks to this point can be solved in the similar way as
feature extractor described in section 2.3.
F. Template Database Attack
(i) Type of Attacks
The template databases can lead to three kinds of threats
[3] as describe below.
a. Template Replaced by The Imposter’s Template
The imposter can replace the original template with new
one to gain the unauthorized access to the system whenever
he wants like an authorized user.
b. Masquerade/Physical Spoof Created from
Templates
Minutiae information is unique to each individual. The
view of non-reconstruction was dominant in the biometrics
communities, until some recent researches. Over last few
years, some works were done that showed that a fingerprint
image can be reconstructed from a minutiae template. The
fingerprint image reconstructed from the minutiae template,
known as a “masquerade” image since it is not an exact
copy of the original image, will likely fool the system when
it is submitted [7]. In 2007, Cappelli at al [8] did some
amazing experiments. The authors analyzed the ISO/IEC
19794-2 minutiae standard template. They took different
ways of test. In one experiment, they used basic minutiae
information only (i.e. positions x, positions y, and
directions). In another test, they also used optional
information: minutiae types, Core and Delta data, and
proprietary data (the ridge orientation field in this case. In
their experiments, nine different systems were tested and the
average percentage of successful attacks was 81% at a high
security level and 90% at a medium security level. Image
Reconstruction with points of attack in fingerprint is shown
in figure-3. Masquerade can be very threatening fact to the
owner. Because, hackers may track the owner where he/she
is using the fingerprint. They may hack bank accounts and
other secured accesses. They may use the masquerade to
databases at other organizations to get unauthorized access,
though they use different templates and algorithms, called
Cross-Matching.
c. Stolen Templates
Imposter can steal the template and replay that on
matcher. The stolen template can be used as synthesized
feature set.
(ii) Template Protection Techniques
All the template protection techniques can be
categorized in two major categories, such as, (a) feature
transformation and (b) biometric cryptosystem. Figure-4
shows a graphical representation of biometric template
protection techniques. Other types of template protection
techniques are water marking [14], steganography [15],
system on card/match on card [2] etc.
a. Feature Transformation
For the protection, the features generated from the input
image are transformed to a new form. It is not kept in real
Masquerade :
Image Reconstruction from Template
Stealing
Templates
Image used by
imposter
Cross-Matching
Sensor
Feature
Extraction
Matcher
Application
Devices
Stored
Templates
1 2
3
4
8
5
7
6
Override Feature
Extractor
Override
Matcher
Database-Matcher
Accept
or
Reject
Fake
Biometric
Replay Synthesized
Feature Set
Override Final
Decision
Template
DB Attack
Figure 3. Image Reconstruction (Masquerade)
from stored templates
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
101 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
4. .
form rather stored in transformed form. The generated
transformed form can be invertible or non-invertible.
1. Invertible Transformation (Bio Hashing)
In invertible feature transformation, the template is
transformed with some parameter of user. At the site of
authentication, the template is inverted again with the secret
parameters. The scheme can’t provide high security without
the secret transformation. Because if the secret
key(transformation parameters) is compromised with
imposters, they can revert the template. So, the key should
be secured enough.[17]
2. Non-invertible Transformation (Cancellable
Biometrics)
Cancellable biometrics scheme is an intentional and
systematic repeatable distortion of biometric template data
with the purpose of protecting it under transformational-
based biometric template security. In the verification site,
the query image is transformed in same the manner, then
compared. In the concept of cancellable transformation, a
transformed template can be cancelled and re-issued by
changing transformation parameters if problem issued [9].
b. Biometric Cryptosystems
Cryptosystem technique on biometric data is called
biometric cryptosystem where a key (or keys) is used to
encrypt the biometric data. The key can be generated from
biometric data itself or from an external data. At the
matcher, the key is used to decrypt the biometric data.
Observing the literature, we divide Biometric
Cryptosystems into two major parts: Key Generation or Key
Binding.
1. Key Generation
At the time of enrolment, a unique key is chosen from
the features extracted from the fingerprint. This key is not
stored in the database [10].
A Secure Sketch reliably reproduces the biometric secret
without leaking any information. It works in two phases:
Generation & Reconstruction. It takes biometric data as
input and creates a sketch of that data. Later, at
reconstruction, the generated sketch and the data sufficiently
similar (query image) to original the input data are given.
Then, it reproduces the original input data. Thus, it can be
used to reliably reproduce error-prone biometric inputs
without incurring the security risk inherent in storing them
[11].
Fuzzy Extractor reliably extracts almost uniform
randomness R from its input. It is error-tolerant because if
we change deliver different template from same finger, R
will not change. The resultant R is almost similar to the
original R. This R is used as a key in cryptographic
application [9].
2. Key Binding
In key binding, cryptographic key is tightly bound with
the biometric template so that it cannot be released without a
successful biometric authentication and without accessing
template directly [12]. The key Binding can be categorized
as Fuzzy Vault and Fuzzy Commitment.
Fuzzy Vault is first introduced by Juels and Sudan [13]
as a cryptographic construct. There are used two set of
points : fuzzy unsorted points and chaff points. The unsorted
Live-ness
Detection
Data
Transmission
Security
Techniques
Secure
Installation &
Updating of
Programs
Template
Protection
Techniques
Attack Resistance
Techniques
Point 1 Point 2,4,7,8 Point 3,5 Point 6
Feature
Transformation
Invertible
Bio-
hashing
Non-
invertible
Cancellable
Biometrics
Key
Generation
Secure
Sketches &
Fuzzy
Key Binding
Fuzzy Vault
& Fuzzy
Commitment
Others
Watermarking Steganography
Match on Card
(For small
applications)
Figure 4. Attacks and Solutions on Fingerprint Authentication
System.
Biometric
Cryptosystems
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
102 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
5. .
data set is taken from biometric data. Meenakshi[11]
explained the fuzzy vault with biometric system. In fuzzy
vault framework, the secret key S is locked by G, where G is
an unordered set from the biometric sample. A polynomial P
is constructed by encoding the secret S. This polynomial is
evaluated by all the elements of the unordered set G. A vault
V is constructed by the union of unordered set G and chaff
point set C which is not in G. The vault, V = G U C. The
union of the chaff point set hides the genuine point set from
the attacker. Hiding the genuine point set secures the secret
data S and user biometric template T. The vault is unlocked
with the query template T’. T’ is represented by another
unordered set U’. The user has to separate sufficient number
of points from the vault V by comparing U’ with V. By
using error correction method, the polynomial P can be
successfully reconstructed if U’ overlaps with U and secret
S gets decoded. If there is not substantial overlapping
between U and U’ secret key S is not decoded. This
construct is called fuzzy because the vault will get decoded
even for very close values of U and U’ and the secret key S
can be retrieved. Therefore fuzzy vault construct becomes
more appropriate for biometric data which possesses
inherent fuzziness.
A Fuzzy Commitment scheme is one where a uniformly
random key of length 1 bits (Binary vector) is generated and
used to exclusively index an nbit codeword of suitable error
correcting code where the sketch extracted from the
biometric template is stored in a database [9].
G. Database-Matcher Channel Attack
On this type of attack, the stored templates coming from
database is being modified before reaching to matcher. So,
the matcher gets modified templates.
Maintaining secure data transmission can solve the
problem. Different error detection techniques such as parity
check, checksum, cyclic redundancy checks can be used to
identify the transmitted template is modified or not.[18]
H. Override Final Decision
Final result coming from the matcher is modified by the
imposters. It changes the original decision (accept/reject) by
changing the match scores.
Sending the result through a trusted channel and using a
secure delivery can be used to get the correct result.
III. CONCLUSION
This study conveys a prominent analysis on the
vulnerabilities of Fingerprint Authentication System of each
point of the model and shows the effective security system
existing now. This work brings vulnerabilities and
securities, compacted together, of fingerprint authentication
system. Different types of attack such as fake biometric,
replay data, synthesized feature set and template database
have been explained about how they occur. The paper also
contains the prevention techniques against the
corresponding attacks. As the template database is very
sensitive part of the system, its protection techniques are
have been analyzed with high significance. This paper even
shows very small attempts taken such as match on card for
the security of fingerprint template. In the analysis, it has
been learnt that attack on template is very severe. If the
templates are compromised, the security of their owner will
be violated. So, template security requires more attention of
research authority. Though several types of work have been
done on the template security, they are not able to satisfy all
the requirements such as recoverability, security, privacy,
high matching accuracy etc. So, our next work is to generate
an efficient template security scheme.
REFERENCES
[1] Ratha, Nalini K., Jonathan H. Connell, and Ruud M. Bolle. “An
analysis of minutiae matching strength.” International Conference on
Audio-and Video-Based Biometric Person Authentication. Springer
Berlin Heidelberg, 2001.
[2] Jain, Anil K., Karthik Nandakumar, and Abhishek Nagar. “Biometric
template security.” EURASIP Journal on Advances in Signal
Processing 2008 (2008): 113.
[3] T. Putte and J. Keuning, “Biometrical fingerprint recognition: don’t
get your fingers burned”, Proc. IFIP TC8/WG8.8, Fourth Working
Conf. Smart Card Research and Adv. App., pp. 289-303, 2000.
[4] Tsutomu Matsumoto, Hiroyuki Matsumoto, Koji Yamada, Satoshi
Hoshino. “Impact of artificial ‘gummy’ fingers on fingerprint
systems.” Proc. SPIE 4677, Optical Security and Counterfeit
Deterrence Techniques IV, April 2002.
[5] Rogmann, Nils, and Maximilian Krieg. “Liveness Detection in
Biometrics.” Biometrics Special Interest Group (BIOSIG),
International Conference of the. IEEE, 2015.
[6] Uludag, Umut, and Anil K. Jain. “Attacks on biometric systems: a
case study in fingerprints.” Proceedings of SPIE. Vol. 5306. 2004.
[7] “Fingerprint Biometrics: Address Privacy Before Deployment.”
https://www.ipc.on.ca/wp-content/uploads/2008/11/fingerprint-
biosys-priv.pdf, 2008.
[8] Cappelli, Raffaele, Dario Maio, Alessandra Lumini, and Davide
Maltoni. “Fingerprint image reconstruction from standard templates.”
IEEE transactions on pattern analysis and machine intelligence 29,
No.9. 2007.
[9] Mwema, Joseph, S. Kimani, and M. Kimwele. “A Simple Review of
Biometric Template Protection Schemes Used in Preventing
Adversary Attacks on Biometric Fingerprint Templates.”
International Journal of Computer Trends and Technology 20.1
(2015): 12-18.
[10] Khandelwal, Sarika, P. C. Gupta, and Khushboo Mantri. “Survey of
Threats to the Biometric Authentication Systems and Solutions.”
International Journal of Computer Applications 61.17. 2013.
[11] Meenakshi VS, “Secure And Revocable Biometric Template Using
Fuzzy Vault For Fingerprint, Iris And Retina.” A Thesis Submitted
To Avinashilingam Deemed University For Women Coimbatore –
641043, 2010.
[12] Huixian, Li, et al. “Key binding based on biometric shielding
functions.” Information Assurance and Security. IAS'09. Fifth
International Conference on. Vol.1. IEEE, 2009.
[13] Juels, Ari, and Madhu Sudan. “A fuzzy vault scheme.” Designs,
Codes and Cryptography 38.2 (2006): 237-257.
[14] Patel, Monika, and Priti Srinivas Sajja. “The Significant Impact of
Biometric Watermark for Providing Image Security using DWT based
Alpha Blending Watermarking Technique.”
[15] Rubal Jain and Chander Kant. “Attacks on Biometric Systems: An
Overview.” International Journal of Advances in Scientific Research
2015; 1(07): 283-288.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
103 https://sites.google.com/site/ijcsis/
ISSN 1947-5500
6. .
[16] M. Villa and A. Verma. "Fingerprint Recognition," in Biometrics in a
Data Driven World: Trends, Technologies, and Challenges, M.
Gofman and S. Mitra Eds., CRC Press, USA, pp. 265-281, 2017.
[17] Ramu, T., and T. Arivoli. "Biometric Template Security: An
Overview." Proceedings of International Conference on Electronics.
Vol. 65. 2012.
[18] Siwach, Ajay, Sunil Malhotra, and Ravi Shankar. "Analysis of
Different Error Detection Schemes over OFDM Signal." International
Journal of Engineering Trends and Technology- Volume4 Issue4-
2013
AUTHORS PROFILE
Tanjarul Islam Mishu received his B.Sc. (Engg.) in
Computer Science and Engineering from Jatiya Kabi
Kazi Nazrul Islam University, Mymensingh,
Bangladesh in 2016. Currently, he is student in
M.Sc. of the institute. His research interest is focused
on Biometrics Systems, Pattern Recognition, Image
Processing, and Data Mining.
Dr. Md. Mijanur Rahman is a faculty member of
the Dept. of Computer Science and Engineering,
Jatiya Kabi Kazi Nazrul Islam University, Trishal,
Mymensingh, Bangladesh, since April 2008 (very
beginning of the university). Now, Dr. Rahman is
working as an Associate Professor of the CSE
department. He also served as Lecturer and Assistant Professor in
the same department. He served before as an Instructor (Tech)
Computer in Govt. Polytechnic Institute from December 2005 to
April 2008. Dr. Rahman obtained his B. Sc. (Hons) and M. Sc.
degree both with first class first in CSE from Islamic University,
Kushtia, Bangladesh. He also obtained his PhD degree in
Computer Science and Engineering from Jahangirnagar University,
Savar, Dhaka, Bangladesh in August 2014. His teaching and
research interest lies in the areas such as Digital Signal Processing,
Digital Speech Processing, Biometric Technology, Pattern
Recognition, etc. Many of his research papers have been published
in both national and international journals.
International Journal of Computer Science and Information Security (IJCSIS),
Vol. 16, No. 3, March 2018
104 https://sites.google.com/site/ijcsis/
ISSN 1947-5500