Biometrics and Security

Biometrics and Security

Existing user authentication approaches are becoming outmoded and inadequate. The vast number of digital services in use today demand unattainable requirements. Each password should be different and strong, making them increasingly difficult for users to not only keep track of, but also remember. While such requirements can be ignored, it is becoming more dangerous to do so, especially with the recent hacks and other breaches in the news. Two-factor authentication, where an additional hardware token is used, provides additional security but is clumsy and inconvenient which defeats the purpose of using digital services in the first place. Biometric authentication provides a promising alternative. Biometrics are unique physical traits (fingerprint, iris, gait, DNA, etc.) that can be presented to an electronic system as a means of confirming a user’s identity.

Compared to other authentication approaches, biometrics are more conclusive and cannot be guessed or stolen as easily. Aside from security, biometrics that are non-invasive and easy to capture, such as the face, provide the ease and convenience users crave in their digital lives. All that said, there are various challenges that FICS is investigating to bring biometrics into practical use. These include: (i) Privacy preserving biometric enrollment, sensing, and storage to protect against template theft; (ii) The ability to cancel or revoke biometrics in case of data leakage; (iii) Improved and low-cost pre-processing, feature extraction, quantization, etc. methods to improve the reliability of biometrics authentication in the presence of noise; (iv) Attack modeling that determines the most suitable applications (IoT, medical, electronic voting, retail , etc.) for each biometric type; and more.