Showing papers on "Biometrics published in 2001"

Enhancing security and privacy in biometrics-based authentication systems

Abstract: Because biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. It is important that such biometrics-based authentication systems be designed to withstand attacks when employed in security-critical applications, especially in unattended remote applications such as e-commerce. In this paper we outline the inherent strengths of biometrics-based authentication, identify the weak links in systems employing biometrics-based authentication, and present new solutions for eliminating some of these weak links. Although, for illustration purposes, fingerprint authentication is used throughout, our analysis extends to other biometrics-based methods.

Information Fusion in Biometrics

Abstract: User verification systems that use a single biometric indicator often have to contend with noisy sensor data, restricted degrees of freedom and unacceptable error rates. Attempting to improve the performance of individual matchers in such situations may not prove to be effective because of these inherent problems. Multimodal biometric systems seek to alleviate some of these drawbacks by providing multiple evidences of the same identity. These systems also help achieve an increase in performance that may not be possible by using a single biometric indicator. This paper addresses the problem of information fusion in verification systems. Experimental results on combining three biometric modalities (face, fingerprint and hand geometry) are also presented.

An Analysis of Minutiae Matching Strength

Abstract: In recent years there has been exponential growth in the use of biometrics for user authentication applications because biometrics-based authentication offers several advantages over knowledge and possession-based methods such as password/PIN-based systems. However, it is important that biometrics-based authentication systems be designed to withstand different sources of attacks on the system when employed in security-critical applications. This is even more important for unattended remote applications such as e-commerce. In this paper we outline the potential security holes in a biometrics-based authentication scheme, quantify the numerical strength of one method of fingerprint matching, then discuss how to combat some of the remaining weaknesses.

A practical guide to biometric security technology

Abstract: As organizations search for more secure authentication methods for user access, e-commerce and other security applications, biometrics is gaining increasing attention But should your company use biometrics? And, if so, which ones should you use and how do you choose them? There is no one best biometric technology Different applications require different biometrics To select the right biometric for your situation, you will need to navigate through some complex vendor products and keep an eye on future developments in technology and standards Your options have never been more diverse After years of research and development, vendors now have several products to offer Some are relatively immature, having only recently become commercially available, but even these can substantially improve your company's information security posture We briefly describe some emerging biometric technologies to help guide your decision making

Biometrical fingerprint recognition: don't get your fingers burned

Abstract: One of the most critical issues to solve when building multi-accessible systems, such as computer applications, cars or physical buildings, is to determine the identity of a person. A system protecting confidential information, or items of value, puts strong security demands on the identification. Biometry provides us with a userfriendly method for this identification and is becoming a competitor for current identification mechanisms, especially for electronic transactions. However, there are ways to compromise a system based on biometric verification. This article focuses on the drawbacks and risks of biometric verification, specifically verification based on fingerprints. It shows how all currently available fingerprint scanners can be fooled by dummies that are created with very limited means and skills.

The electroencephalogram as a biometric

Abstract: This paper examines the effectiveness electroencephalogram (EEG) as a biometric identification of individual subjects in a pool of 40 normal subjects. The EEG's second order statistics are computed using autoregressive models of various order. The coefficients in these models are then evaluated for their biometric potential. Discriminant functions applied to the model coefficients are used to examine the degree to which the subjects in the data pool can be identified. The results indicate that the EEG has significant biometric potential. In this data pool, 100% of subjects are correctly classified when all data is used, and over 80% when the functions are computed from half the data and then applied to the remaining.

An apparatus for identity verification, a system for identity verification, a card for identity verification and a method for identity verification based on identification by biometrics

Abstract: An identity verification system is used to identify persons with high accuracy, while avoiding direct contact with the device to prevent any negative psychological reaction from a user. The system includes: a camera unit and an image processing unit for obtaining object images of body parts (such as fingerprints and irides) by scanning, without physical contact; an image display unit for displaying layered images of the body part as scanned and a guide showing the body part in an optimal position; a control unit for extracting biometric characteristic data from object images and sending the data to a verification server after encrypting by an encryption unit; and a communications interface unit.

Mobile electronic apparatus having function of verifying a user by biometrics information

Abstract: A mobile electronic apparatus in which biometrics information, free from being stolen or faked by a unauthorized person, is used for user verification, virtually perfectly protecting an authorized user's personal data stored in a storing section of the apparatus. A verifying section compares a user's biometrics feature information with the authorized user's reference biometrics feature information to discriminate whether the fingerprint feature information for verification matches the reference fingerprint feature information. If it matches, a display control section reads out the personal data stored in the storing section and controls a display section to display the read-out personal data. The apparatus is useful when applied to a portable telephone, an electronic information terminal, or the like, so long as it has a function of user verification by biometrics information (fingerprint, palmprint, finger shape, hand shape, voiceprint, retina, iris, facial recognition, signature dynamics, blood vessel pattern, key strokes, etc.).

Fundamentals of biometric authentication technologies

Abstract: Biometric authentication technologies are used for the machine identification of individuals. The human-generated patterns used may be primarily physiological or behavioral, but usually contain elements of both components. Examples include voice, handwriting, face, eye and fingerprint identification. In this paper, we look at these technologies and their applications in general, developing a systematic approach to classifying, analyzing and evaluating them. A general system model is shown and test results for a number of technologies are considered.

Biometric rights management system

Abstract: An apparatus and method for using biometric information to control access to digital media that is obtained over a network such as the Internet. Encryption, techniques are used in combination with biometric verification technology to control and monitor access to online or locally held media. Biometrics such as keystroke dynamics are measured at a user's computer to confirm the identity of a user for the purpose of allowing the user to audit music files to which the user has authorized access.

Fingerprint verification system utilizing a facial image-based heuristic search method

Abstract: A biometric verification system for controlling access is provided that does not rely on a non-biometric discriminator, such as a PIN or magnetic card, to convert a one-to-many verification task to a one-to-one verification task. The system enrolls authorized users by obtaining digitized fingerprint templates from them and storing them in a database. Video cameras and fingerprint sensors are provided for use in authenticating persons seeking access. Software compares a digital representation of a captured human facial image with stored facial images in a database of facial images, generating a match confidence therefrom and rank-ordering the database from highest to lowest match confidence. The software then compares captured human fingerprints with stored fingerprint templates associated with the rank-ordered database to verify the identity of the person and provide an output signal indicative of recognition.

Security access method and apparatus

Abstract: A portable biometric device enables a designated person to unlock any one portal exclusive of other portals of a secure entity and or a secure service by choosing which of their personal biometric characteristics is presented to the portable biometric device. The portable biometric device includes a biometric sensor such that a biometric characteristic of a person for example a finger pattern is read dependent upon the person presenting the biometric characteristic to the biometric sensor. The reading is encoded in order for a processor to determine if the biometric characteristic has been predesignated for access via a predesignated one of the plurality of portals. If so, the processor selects an appropriate authorization code which is communicated by wireless transmission for unlocking the predesignated one of the portals, to the exclusion of any other of the portals. In an alternate example the processor is a central controller remote from the biometric device. The central controller is responsive to a wireless transmission of the encoded reading, from the portable biometric device, for determining which one if any of the predesignated portals is to be unlocked.

Biometric authentication device for use with a personal digital assistant

Abstract: A biometric authentication device for use with a host having memory, processing power and communication capabilities, such as a personal digital assistant (PDA). The biometric device includes a finger print module having a fingerprint sensor for capturing a user's fingerprint placed onto the fingerprint sensor. The fingerprint module is interconnected and communicates with the host PDA. The fingerprint module also includes a portion adapted to receive and read a card containing electronic fingerprint information, such as a smart card. The fingerprint module is capable of determining a match between the user's fingerprint captured from the fingerprint sensor and the electronic fingerprint information stored on the smart card. Determination of the match between the end user (and those) captured fingerprint and the electronic fingerprint information enables biometric verification or identification of the end user. This information may be transmitted via the interconnected PDA or other wireless host device. The biometric device is useful in time and attendance, access and control as well as user identification and verification applications. Application program interface software used with the biometric device permits application specific solutions to be developed for the particular PDA or other host device.

Personal authentication system and method using biometrics information, and registering apparatus, authenticating apparatus and pattern information input medium for the system

Abstract: A system performing secondary verification using only existing apparatuses to accomplish a measure for relief in personal authentication without causing complexity or without increasing cost. The system has a registering apparatus for obtaining data for verification from information inputted using an inputting unit and registering the data. The registering apparatus has a first extracting unit for extracting biometrics characteristic data from the biometrics information obtained by the inputting unit, and registering the biometrics characteristic data as registry biometrics characteristic data for primary verification, and a second extracting unit for extracting data, which is different from the registry biometrics characteristic data, from information inputted using the inputting unit and registering the data as registry data for secondary verification. The system is used for personal authentication using biometrics information such as fingerprint, palm print, finger shape, palm shape, voice, retina, iris, face image, dynamic signature, blood vessel pattern, keystroke, or the like.

Distributed biometric access control apparatus and method

Abstract: An access control apparatus (20) and method. Enrollment is conducted at a centralized server (40) and enrollment data such as identification data is downloaded to plural local access units (60) at respective entrances to a restricted area. The local access units then collect data of a person upon an attempted entry in to the area and compare the data with downloaded enrollment data to determine if the person is authorized for access.

Anonymous biometric authentication

Abstract: The use of an anonymous biometric authentication system and method that use biometrics to anonymously authenticate an individual and grant certain privileges based on the anonymous authentication is provided. The system and method permit enrollment of an individual by submission of a first biometric and associated identity documents or credentials to an enrollment authority. The enrollment authority verifies the identity of the identity of the individual submitting the biometric using the credentials which are then returned to the individual or discarded. The first biometric is stored in a database for later retrieval in anonymously authenticating an individual seeking to exercise certain privileges. No other personal identity information is stored along with the biometric during the enrollment process. When an individual later seeks to exercise certain privileges, they must submit a second biometric that is compared to the stored biometrics in the database in order to anonymously authenticate the identity of the individual as having access to such privileges. No other personal information is captured, collected, or solicited during the authentication process. Privileges are granted to an individual based on the comparison of the later captured biometric to the stored biometrics in the database. Alternatively, the anonymous biometric authentication system can be designed to avoid repeat offenders by capturing a biometric of an individual seeking to exercise a privilege and denying the privilege if the captured biometric is matched to a biometric stored in a database containing the biometrics of previous offenders. Preferably, the system and method include capture and storage of a powerful biometric identifier based on the iris of the eye which uniquely identifies the individual that has submitted the biometric. Anonymous biometric authentication allows verification of the identity of an individual seeking certain privileges while at the same time protecting the privacy of personal information about the individual.

Iris recognition for biometric identification using dyadic wavelet transform zero-crossing

Abstract: A novel biometric identification approach based on the human iris pattern is proposed. The main idea of this technique is to represent the features of the iris by fine-to-coarse approximations at different resolution levels based on the discrete dyadic wavelet transform zero-crossing representation. The resulting one-dimensional (1D) signals are compared with model features using different distances. Before performing the feature extraction, a pre-processing step is to be made by image processing techniques, isolating the iris and enhancing the area of study. The proposed technique is translation, rotation and scale invariant. Results show a classification success above 98%, achieving an equal error rate equal to 0.21% and the possibility of having null false acceptance rates with low false rejection rates.

Biometric verification for electronic transactions over the web

Abstract: A security system for electronic commerce for verifying the authenticity of a user including: a server authentication program installed in a web-server at a website of a web-service provider; a client software component downloaded and installed at a workstation of the user; the server authentication program being integrated with existing web-applications with the web-service provider and for receiving existing security parameters entered by the user; a biometric scanner activated for identifying characteristics of a biometrics image and for converting the biometrics image into digital data; a device for compressing and encrypting the digital data from the biometric scanner; a device for transmitting the compressed and encrypted data to the web-server; a device for comparing the encrypted data with data stored in a database; and a device for sending status codes of comparison, if comparison is successful, to the web-service provider.

Automated Biometrics

Abstract: Identity verification becomes a challenging task wizen it has to be automated with high accuracy and nonrepudiability. Existing automatic verification methods such as passwords and credit cards are vulnerable to misuse and fraud. Automated biometrics-based attthentication methods soh, e these problems by providing a strong guarantee of the user's identity: In this tutorial, we present an overview of the fast-developing and excithzg area of automated biometrics. Several popular biometrics including fingerprint, face and iris are reviewed, and an introduction to accuracy evaluation methods is presented.

Fingerprint classification and matching using a filterbank

Abstract: Accurate automatic personal identification is critical in a variety of applications in our electronically interconnected society. Biometrics, which refers to identification based on physical or behavioral characteristics, is being increasingly adopted to provide positive identification with a high degree of confidence. Among all the biometric techniques, fingerprint-based authentication systems have received the most attention because of the long history of fingerprints and their extensive use in forensics. However, the numerous fingerprint systems currently available still do not meet the stringent performance requirements of several important civilian applications. To assess the performance limitations of popular minutiae-based fingerprint verification system, we theoretically estimate the probability of a false correspondence between two fingerprints from different fingers based on the minutiae representation of fingerprints. Due to the limited amount of information present in the minutiae-based representation, it is desirable to explore alternative representations of fingerprints. We present a novel filterbank-based representation of fingerprints. We have used this compact representation for fingerprint classification as well as fingerprint verification. Experimental results show that this algorithm competes well with the state-of-the-art minutiae-based matchers. We have developed a decision level information fusion framework which improves the fingerprint verification accuracy when multiple matchers, multiple fingers of the user, or multiple impressions of the same finger are combined. A feature verification and purification scheme is proposed to improve the performance of the minutiae-based matcher.

Random biometric authentication methods and systems

Abstract: Methods and systems for biometrically securing access to electronic systems. A user prompted to input to the electronic system at least one biometric attribute randomly selected from a user profile containing biometric attributes of the user. A user may be prompted to input such a biometric sample through a user interface integrated with the electronic system. A user may be permitted to perform a user-desired activity, such as accessing an ATM machine, particular data, or entry to a secure area, if at least one biometric attribute input by the user to the electronic system matches at least one biometric attribute randomly selected from the user profile. A user profile may be generally accessible from a server through the electronic system. A user profile may also be accessible from a biometric broker through the electronic system over a secure network connection. A user profile may also be accessible from a hand held device, such as a smart card, wireless PDA or wireless communication device.

Identification system and method for authenticating user transaction requests from end terminals

Abstract: In an identification system for electronic commerce, an end terminal transmits a transaction request message containing biometrics data of a user to a communications network, At least one electronic commerce service provider unit is provided which receives the transaction request message via the network and transmits an authentication request message containing the biometrics data to the network. An authentication server having a database for storing registered biometrics data receives the authentication request message and determines whether the received biometrics data has corresponding biometrics data in the database and returns a reply to the ECSP unit via the network indicating that the transaction request message is authenticated if the received biometrics data coincides with one of the registered biometrics data of the database.

Method for biometric authentication through layering biometric traits

Abstract: A portable biometric authentication system having a single technology for measuring multiple, varied biological traits to provide individual authentication based on a combination of biological traits. At least one of these biometric traits is a live physiological trait, such as a heartbeat waveform, that is substantially-but not necessarily completely-unique to the population of individuals. Preferably, at least one of the identifying aspects of the biological traits is derived from a measurement taken by reflecting light off of the subdermal layers of skin tissue.

Optical and smart card identification reader

Abstract: A biometric authentication device for use with a data card such as an optical card, a memory chip card, or a smart card. The biometric device includes a fingerprint module having a fingerprint sensor for capturing a user's fingerprint placed onto the fingerprint sensor. The biometric device includes a portion adapted to receive and read a card containing optical or electronic fingerprint information. The biometric device includes processing capabilities to determine a match between data from the user's fingerprint captured from the fingerprint sensor and the electronic fingerprint data stored on the optical or smart card. Determination of the match between the captured fingerprint data and the electronic fingerprint data enables biometric verification of identification of the end user. The biometric device is useful in time and attendance, access and control, as well as user identification and verification applications. Programmable software used with the biometric device permits application specific biometric solutions to be developed.

Biometric identification method and system

Abstract: A biometric identification system ensuring reliable and protective identification of individuals even in a system having a biometric input device and a biometric verifier are separately provided is disclosed. The biometric data input device has a biometric data sensor and an encoder that encodes digital biometric data using secret information identifying the biometric data input device to transmit encoded data to the biometric verifier. The biometric verifier decodes the encoded data using the secret information to reproduce digital biometric data. The identity of the individual is verified when the digital biometric data is a registered biometric feature of an authorized user and the biometric data input device is an authorized device.

Method and apparatus for calibration over time of histological and physiological biometric markers for authentication

Abstract: The present invention is directed toward a method for calibrating a biometric authentication device over time. The method of the present invention involves obtaining an authenticating biometric value from a biometric measurement. The biometric value is then weighted and integrated into the authentication data set or template.

Iris Recognition with Low Template Size

Abstract: Among all the biometric techniques known nowadays, Iris Recognition is taken as the most promising of all, due to its low error rates without being invasive and with low relation to police records. Based on Daugman s work, the authors have developed their own Iris Recognition system, obtaining results that show the performance of the prototype and proves the excellences of the system initially developed by Daugman. A full coverage of the pre-processing and feature extraction blocks is given. Special efforts have been applied in order to obtain low template sizes and fast verification algorithms. This effort is intended to enable a human authentication in small embedded systems, such as an Integrated Circuit Card (smart cards). The final results show viability of this target, enabling a template size down to 256 bits. Future works will be focussed in new feature extraction algorithms, as well as optimising the pre-processing block.

Biometric authentication device for use with token fingerprint data storage

Abstract: A biometric authentication device for use with a token such as button having biometric data stored thereon. The biometric device includes a fingerprint module having a fingerprint sensor for capturing a user's fingerprint placed onto the fingerprint sensor. The fingerprint module is capable of receiving and reading the token when placed on a token socket located on the biometric. device. The tokens contain user information, including electronic fingerprint information. The fingerprint module is capable of determining a match between the user's fingerprint captured from the fingerprint sensor and the electronic fingerprint information stored on the token. Determination of the match between the end user captured fingerprint and the stored electronic fingerprint information enables biometric verification or identification of the end user. Status indicators indicate to a user whether a successful match has occurred between the user supplied fingerprint and the biometric information stored on the token. The information may be transmitted to a central database and may be part of a network of biometric devices. The biometric device is useful in time and attendance, access and control as well as user identification and verification applications. Application program interface software used with the biometric device permits application specific solutions to be developed for biometric token applications.

Biometric authentication device for use in mobile telecommunications

Abstract: A biometric authentication device for use with a telecommunications device such as a wireless phone having memory, processing power and communication capabilities is disclosed. The biometric device includes a fingerprint module having a fingerprint sensor for capturing a user's fingerprint placed onto the fingerprint sensor. The fingerprint module is interconnected and communicates with the telecommunications device. The fingerprint module also includes a portion adapted to receive and read a card containing electronic fingerprint information, such as a smart card. The fingerprint module is capable of determining a match between the user's fingerprint captured from the fingerprint sensor and the electronic fingerprint information stored on the smart card. Determination of the match between the end user captured fingerprint and the stored electronic fingerprint information enables biometric verification or identification of the end user. This information may be transmitted via the interconnected telecommunications device. The biometric device is useful in time and attendance, access and control as well as user identification and verification applications. Application program interface software used with the biometric device permits application specific solutions to be developed for biometric telecommunications.