Hazards of Biometric Authentication in Practice

Samantha Phang, Christopher Pavlovski

Abstract


With the increase in cyber threats and attacks many institutions are exploring how newer technologies may be applied to strengthen the way users are verified when bestowing permissions for carrying out web transactions. In particular, many institutions are under increasing pressure to improve the security instruments used to authenticate users, while permitting access to their personal records to approve transactions. Whilst multifactor authentication protocols have been adopted to validate more sensitive transactions, this has added an additional physical interaction during the verification process. More recently, the industry has turned its attention to the use of biometric authentication as a way to securely verify user identities. This has reduced the complexity associated with existing authentication processes that require passwords, tokens, and challenge-response keywords. This paper explores these new authentication techniques, discussing the benefits while highlighting the challenges in practice to using biometrics. In particular, identity theft of biometric markers and its potential impact to customers and liability challenges for institutions are presented.

Keywords


Biometric Authentication; Cyber Threat; Identity Theft

References


A. Das, J. Bonneau, M. Caesar, N. Borisov, and X. Wang, “The tangled web of password reuse”, Network and Distributed System Security (NDSS) Symposium, 2014.

M. Kosmerlj, T. Fladsrud, E. Hjelmas, and E. Snekkenes, “Face recognition issues in a border control environment”, in International Conference on Biometrics (ICB 2006), pp. 33–39.

T. Kwon and H. Moon, “Biometric authentication for border control applications”, IEEE Transactions on Knowledge and Data Engineering, vol. 20, no. 8, Aug 2008, pp. 1091–1096.

S. M. Rahal, H. A. Aboalsamah, and K. N. Muteb, “Multimodal biometric authentication system – MBAS”, Information and Communication Technologies, vol. 1, 2006, pp.1026–1030.

C. Rathgeb and A. Uhl, “Two-factor authentication or how to potentially counterfeit experimental results in biometric systems”, in International Conference Image Analysis and Recognition (ICIAR), 2010, pp. 296–305.

S. Trewin, C. Swart1, L. Koved, J. Martino, K. Singh, and S. Ben-David, “Biometric authentication on a mobile device: a study of user effort, error and task disruption”, in Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC), ACM, 2012, pp. 159–168.

L.M. Mayron, “Biometric authentication on mobile devices”, IEEE Security and Privacy, vol. 13, no. 3, pp. 70–73, June 2015.

C. Senk and F. Dotzler, “Biometric authentication as a service for enterprise identity management deployment: a data protection perspective”, International Conference on Availability, Reliability and Security, Aug 2011, pp. 43–50.

Q. Xiao, “A biometric authentication approach for high security ad-hoc networks”, in Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, June 2004, pp. 250–256.

A. Kounoudes,V. Kekatos, and S. Mavromoustakos, “Voice biometric authentication for enhancing Internet service security”, Information and Communication Technologies, 2006, vol. 1, pp. 1020–1025.

S. Prabhakar, S. Pankanti, and A.K. Jain, “Biometric recognition: security and privacy concerns”, IEEE Security and Privacy, 2003, pp. 33–42.

E. Kindt, “Need for legal analysis of biometric profiling”, in Profiling the European Citizen, Cross-Disciplinary Perspectives, M. Hildebrandt and S. Gutwirth. Springer Science, 2008, pp. 139–145.

B. Schneier, “The uses and abuses of biometrics”, Communications of the ACM, vol. 42, no. 8, p. 136, Aug 1999.

N. Duta, “A survey of biometric technology based on hand shape”, Pattern Recognition, vol. 42, no. 11, pp. 2797–2806, 2009.

L. Ma, Y. Wang, and T. Tan, “Iris recognition based on multichannel Gabor filtering,” in Proceedings of the Fifth Asian Conference on Computer Vision, Melbourne, Australia, 2002, pp. 279–283.

R. Wildes, J. Asmunth, G. Green, S. Hsu, R. Kolczyski, J. Matey, and S. McBride, “A machine-vision system for iris recognition”, Machine Vision and Applications, Springer-Verlag, vol. 9, no. 1, pp.1–8, 1996.

J. Daugman, “Demodulation by complex-valued wavelets for stochastic pattern recognition,” International Journal of Wavelets, Multiresolution and Information Processing, vol. 1, no. 1, pp. 1–17, 2003.

L. Ma, T. Tan, Y. Wang, and D. Zhang, D., “Local intensity variation analysis for iris recognition”, Pattern recognition, vol. 37, no. 6, pp. 1287–1298, 2004.

W. Q. Yan, 2016, “Biometrics for surveillance”, in Introduction to Intelligent Surveillance, Springer, pp. 85–92, 2016.

I. Sujit and A. M. Patil, “A review on image-based face recognition techniques”, International Journal of Engineering Research and Management (IJERM), Vol. 2, no. 1, pp. 47–50, 2015.

M. Faundez-Zanuy, “On-line signature recognition based on VQ-DTW”, Pattern Recognition, vol. 40, no. 3, pp. 981–992, 2007.

J. Pereira and L. Sher, “How you can help find a missing child on Facebook with new amber alert feature”, ABC News, viewed 2 Mar. 2016. [Online]. Available: http://abcnews.go.com/Technology/find-missing-child-facebook-amber-alert-feature/story?id=28173570

The European Child Rescue Alert and Police Network on Missing Children, “AMBER alert Europe partners up with Facebook to save lives of missing children”, AMBER Alert in the news, viewed 2 Mar. 2016. [Online]. Available: http://www.amberalert.eu/amber-alert-europe-partners-up-with-facebook-to-save-lives-of-missing-children/

E. Steel, “How a new police tool for face recognition works”, The Wall Street Journal, viewed 2 Mar. 2016. [Online]. Available: http://blogs.wsj.com/digits/2011/07/13/how-a-new-police-tool-for-face-recognition-works/

M. Warman, “Say goodbye to the pin: voice recognition takes over at Barclays Wealth”, The Telegraph, viewed 2 Mar. 2016. [Online]. Available: http://www.telegraph.co.uk/technology/news/10044493/Say-goodbye-to-the-pin-voice-recognition-takes-over-at-Barclays-Wealth.html

D. Maltoni, “A tutorial on fingerprint recognition”, in Advanced Studies in Biometrics, Springer Berlin Heidelberg, pp. 43–68, 2005.

R. Sharma and M. S. Patterh, “Face recognition using face alignment and PCA techniques: a literature survey”, IOSR Journal of Computer Engineering (IOSR-JCE), vol. 17, no. 4, Ver. III, p. 17–30, 2015.

T. Mansfield, G. Kelly, D. Chandler, and J. Kane, “Biometric product testing final report”, Centre for Mathematics and Scientific Computing, National Physical Laboratory, Middlesex, UK, 2001.

S. S. Phang, Investigating and Developing a Model for Iris Changes under Varied Lighting Conditions, Master thesis, School of Engineering Systems, Faculty of Built Environment and Engineering, Queensland University of Technology, 2007.

C. Zara, “Facebook keeps getting sued over face-recognition software, and privacy groups say we should be paying more attention”, International Business Times, viewed 29 Mar. 2016. [Online]. Available: http://www.ibtimes.com/facebook-keeps-getting-sued-over-face-recognition-software-privacy-groups-say-we-2082166

V. Pasupathinathan, J. Pieprzyk, and H. Wang, “Security analysis of Australian and E.U. E-passport implementation”, Journal of Research and Practice in Information Technology, Vol. 40, no. 3, August 2008, pp. 187–205.

S. Venugopalan, U. Prasad, K. Harun, K. Neblett, D. Toomey, J. Heyman, and M. Savvides, “Long range iris acquisition system for stationary and mobile subjects”, in International Joint Conference Biometrics (IJCB), IEEE, 2011, pp. 1–8.


Full Text: PDF

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

IT in Innovation IT in Business IT in Engineering IT in Health IT in Science IT in Design IT in Fashion

IT in Industry © (2012 - ) · http://www.it-in-industry.org · ISSN (Online): 2203-1731; ISSN (Print): 2204-0595