In recent years there has been exponential growth in the use of biometrics for user authentication applications because biometrics-based authentication offers several advantages over knowledge and possession-based methods such as password/PIN-based systems. However, it is important that biometrics-based authentication systems be designed to withstand different sources of attacks on the system when employed in security-critical applications. This is even more important for unattended remote applications such as e-commerce. In this paper we outline the potential security holes in a biometrics-based authentication scheme, quantify the numerical strength of one method of fingerprint matching, then discuss how to combat some of the remaining weaknesses.
[1]
Sharath Pankanti,et al.
BIOMETRIC IDENTIFICATION
,
2000
.
[2]
Bruce Schneier,et al.
Inside risks: the uses and abuses of biometrics
,
1999,
CACM.
[3]
Bruce Schneier,et al.
SECURITY PITFALLS IN CRYPTOGRAPHY
,
1998
.
[4]
B. Miller,et al.
Vital signs of identity [biometrics]
,
1994,
IEEE Spectrum.
[5]
Nalini K. Ratha,et al.
Secure data hiding in wavelet compressed fingerprint images
,
2000,
MULTIMEDIA '00.
[6]
Nalini K. Ratha,et al.
Smartcard Based Authentication
,
1996
.