Which of the following biometric authentication systems is considered to be the most secure?

2.2.1.1.2 Biometrics

Biometric authentication involves using some part of your physical makeup to authenticate you. This could be a fingerprint, an iris scan, a retina scan, or some other physical characteristic. A single characteristic or multiple characteristics could be used. It all depends on the infrastructure and the level of security desired. With biometric authentication, the physical characteristic being examined is usually mapped to a username. This username is used to make decisions after the person has been authenticated. In some cases, the user must enter the username when attempting to authenticate; in others, a lookup is done on the biometric sample in order to determine the username.

Biometric authentication is performed by doing a comparison of the physical aspect you present for authentication against a copy that has been stored. For example, you would place your finger on a fingerprint reader for comparison against the stored sample. If your fingerprint matches the stored sample, then the authentication is considered to be successful.

In order to set up biometric authentication the appropriate infrastructure must be in place. Once the infrastructure is set up we register users. Some products allow users to register directly while others require a registration agent to perform the registration for the user. Let’s take the example of fingerprint-based authentication. During the registration process, the system will ask the user to submit a sample, in actual fact it will create multiple samples. The user places their finger on the fingerprint reader. The system will record images of the user’s fingerprint. The system will use the multiple images to determine a point pattern to identify the user’s fingerprint. These points are basically dots placed on different areas of the fingerprint. These dots are used to denote the pattern made by the fingerprint. Once a sufficient number of samples have been taken to form a consistent point pattern, the pattern is stored and used as the basis for later comparison during authentication.

Biometric authentication is a fairly solid method of authentication and is in use by many organizations today but, it is not without its issues or drawbacks. One of the problems with biometric authentication is that it usually requires special hardware such as a fingerprint reader, retina scanner, and so on. The hardware has to be installed and configured on each system (or endpoint) that will be used for login. This limits the overall usability of the solution. You can’t just walk up to any system and expect to use it to authenticate. It can be especially problematic when you are external to your organization (i.e., working remotely or on the road), as you need a system that has the necessary hardware installed and configured per the corporate policy. In addition, cost can also be an issue with biometrics. The specialized hardware required for biometric authentication can be expensive and has to be purchased for all authentication endpoints. Therefore, the initial investment required for a biometric solution can be quite sizeable.

A second potential concern with biometrics is security. Part of setting up a biometric solution includes configuring the sensitivity level for the sample. The sensitivity level determines how close a match you need for authentication to be successful. Configuring the sensitivity level can be somewhat tricky. If it’s set too low, one recorded sample could potentially match multiple physical samples. If it’s set too high, you could block access to someone who is legitimately authorized to access the system.

There have also been cases where people have been able to break biometric authentication. The main issue here is that in many cases, biometric authentication relies only on the image presented during authentication, so it can be tricked by a forged image (we see plenty of examples of this in modern-day spy films). In order to combat this, some biometric manufacturers have been adding other requirements to their biometric authentication solution. For example, a fingerprint reader may also check the temperature of the finger used to supply the fingerprint. If the temperature is not within a normal range for the human body, the system assumes the fingerprint is being supplied by some bogus method and the authentication fails.

For these reasons, we do not see a lot of Internet-based applications using biometric authentication. We see it more in corporate settings and, many times, it’s used just for certain applications or under special circumstances.

Abstract

Biometric authentication is the process of authenticating the each and every individual identification based on biometric measures. Retina biometric has been regarded as secure approach among all the biometric measures available as it offers a unique stencil for each individual and also it does not alter during the person’s life. In this work, an efficient biometric retina identification using ANFIS-based Retina Biometric Authentication System (ARBAS) for person’s authentication has been suggested and proved it on a real-time dataset named as VARIA database that contains samples of retinal images collected from various people at distinct occasion of time. The authentication process using retina undergoes two phases: Enrollment Phase and Authentication Phase. In Enrollment Phase, the retina of the various people has been scanned; the biometric pattern has been derived based on the retina’s extracted feature and stored the template in the database for future use. In the Authentication Phase, the person’s retina has been scanned; the biometric pattern has been extracted from it and correlated the extracted pattern with the pattern stored in the database. If the pattern is matched, then the user is authenticated as an authorized user. ARBAS achieves FRR and the FAR with the percentage of 2.78% and 2.94%, respectively, on the VARIA database.

Biometrics Authentication

Biometrics authentication devices rely on physical characteristics such as a fingerprint, facial patterns, or iris or retinal patterns to verify user identity. Biometrics authentication is becoming popular for many purposes, including network logon. A biometrics template or identifier (a sample known to be from the authorized user) must be stored in a database for the device to compare to a new sample given during the logon process. Biometrics are often used in conjunction with smart cards in high-security environments. The most popular types of biometrics devices are the following:

Fingerprint scanners These are widely available for both desktop and portable computers from a variety of vendors, connecting via a USB or Personal Computer Memory Card International Association (PCMCIA, or PC Card) interface.

Facial pattern recognition devices These devices use facial geometry analysis to verify identity.

Hand geometry recognition devices These are similar to facial pattern devices but analyze hand geometry.

Iris scan identification devices Iris scanners analyze the trabecular meshwork tissue in the iris, which is permanently formed during the eighth month of human gestation.

Retinal scan identification devices Retina scanners analyze the patterns of blood vessels on the retina.

Summary

Biometric authentication regimes can solve important problems within your company's SCADA security system, but they are not helpful in all situations, and they present the system administrator with unique issues and risks. In a SCADA security network, biometric components are useful only at the edges of the network where people interact with the SCADA security and where secure facilities and equipment need authorized access. The variety of biometric readings, both invasive and remote, demonstrates that biometric security can meet a wide array of priorities within your overall security program.

However, each biometric authentication capture device provides its own set of choices, such as whether it is more important to your company to allow ready access in an emergency or whether it is more important take extreme steps to exclude any unauthorized people from accessing secure facilities. These devices are not foolproof and can be beaten at a number of different points of vulnerability, including tricking the scanners or reworking the system software. Storage and protection of biometric samples can also be hazardous. Finally, biometric systems are not yet so widespread that the law and regulations for biometric capture can be expected to remain constant over the several years of your company's investment in these systems.

Abstract

Biometric authentication is used in its fullest potential in all smart environments. Face recognition and fingerprint recognition are the two most popular approaches for biometric authentication. In some places, where a higher level of security is required can be equipped with the combination of face recognition and fingerprint recognition. In general, from the client side, the biometric data will be collected using a camera and fingerprint scanner, and that information will be transmitted to a cloud service provider to do the complex tasks, such as face recognition and fingerprint recognition. In such situations, the transmission of face images and fingerprints from the client side to a server is a major concern since an intruder may try to grab that information, and later, they can use that information to control the authentication system. In this chapter, we discuss a secure mechanism to send the face images and the fingerprints with the aid of a reversible data hiding (RDH) through the encryption scheme. RDH is a process of hiding some data by using a concealing medium in such a way that later the extraction of the hidden message is possible along with the recovery of the original images. In a RDH through encryption scheme, the RDH process and the image encryption process will be combined into a single task to hide the secret message in an image. In this chapter, we propose a new model in which the compressed fingerprint data as a secret message will be embedded into the face image through a reversible data hiding through the encryption scheme. The encrypted image obtained after RDH through encryption will be transmitted to the cloud service provider for further processing.

Biometric Authentication

Biometric authentication devices rely on physical characteristics such as a fingerprint, facial patterns, or iris or retinal patterns to verify user identity. Biometric authentication is becoming popular for many purposes, including network logon. A biometric template or identifier (a sample known to be from the authorized user) must be stored in a database for the device to compare to a new sample given during the logon process. Biometrics is often used in conjunction with smart cards in high-security environments. The most popular types of biometric devices are the following:

Fingerprint scanners These are widely available for both desktop and portable computers from a variety of vendors, connecting via a Universal Serial Bus (USB) or PCMCIA (PC Card) interface.

Facial pattern recognition devices These devices use facial geometry analysis to verify identity.

Hand geometry recognition devices These are similar to facial pattern devices but analyze hand geometry.

Iris scan identification devices Iris scanners analyze the trabecular meshwork tissue in the iris, which is permanently formed during the eighth month of human gestation.

Retinal scan identification devices Retina scanners analyze the patterns of blood vessels on the retina.

A large number of physiological characteristics can be used as identifiers, and devices have been developed that verify identity based on knee scans, ear geometry, vein pattern recognition, and even body odor recognition. In addition, some devices analyze and compare behavioral traits using methods such as voice pattern recognition, signature verification, keystroke pattern recognition, breathing pattern recognition, gait pattern recognition, and even brainwave pattern recognition, although many of these are only in experimental stages. Biometrics is considered to be among the most reliable authentication methods possible.

On the Scene

2.7 DNA biometrics system

Fig. 6 illustrates the DNA matching process. The most reliable way of biometric authentication is to use a person’s DNA code. It’s based on the human deoxyribonucleic acid chain’s special series. The procedure starts with the preparation of a DNA sample like buccal smear, saliva, sperm, blood, and other tissues. The sample is analyzed, a profile of DNA is established, and their identities are verified by comparing them with another sample. Since everyone’s DNA is different, it’s difficult to mimic this trait. Each person’s DNA carries a genetic trait inherited by his/her parents. This DNA is duplicated in every cell of the human body. The amount of variable number tandem repeat (VNTR) that repeats at a number of distinct samples can be calculated by DNA profiling. The DNA profile of a person is made up of quantities of VNTR. The system requires time as it has more complex steps to collect DNA from each individual. To begin, it must collect DNA from a physical sample given by each person. The samples must then be broken down into tiny fragments containing VNTR. Following that, each DNA fragment’s size is calculated and arranged before being matched with other samples [28].

DNA biometric system is highly unique, the chances of more than one people having the similar DNA profile are very unlikely, and the technology is still relatively new and is seldom used in public. It necessitates the use of a lot of costly devices for the purpose of effectively breaking down DNA and analyzing the specific features of DNA in order to build a DNA profile. To collect users’ DNA data, the system may also require physical samples (hair, blood, etc.) from them. Another element that contributes to the system’s underutilization is time. To complete all of the processes of building and checking each person’s DNA profile, the system takes a considerable amount of time. Unlike other biometric systems, it is not as widely used due to these drawbacks and barriers. In future, this unique and improved biometric technology will be used in everyday lives [29].

Don't Cause Security Barriers

Volatile data can contain information relating to security barriers previously passed by the user. Think of password entry, biometric authentication, or encrypted partitions. As long as the device is switched on, the security system usually does not influence the extraction of data, but after it is switched off the access procedure must be reenacted.

For GSM and UMTS phones, for example, a PIN code or a PUK code might be needed to access the chip card inside the phone when the phone is switched on, as discussed in the procedural portion of the section on data collection later in this chapter.

1.3 Enrolment mechanisms

Biometrics are physical security mechanisms which deny any unauthorised access via authentication. This security process is referred to as biometric authentication and is reliant on individuals’ unique biological characteristics to identify the individual correctly. These traits can be used instead of passwords to verify and identify individuals as they are bound to the individual. Retina, iris, facial, fingerprint, or palm prints are all unique, but Garcia (2018) states that to preserve privacy, biometrics should never be stored in a public distributed ledger as it's accessible to anyone whether it's in an encrypted or template state. The reason for this is that there are no guarantees that the system will remain safe in future due to advances in quantum computing.

An important part of the process is the method used to compare the information presented versus the information on record as most common used methods still use signature and photo comparisons to perform most transactions. These methods are unreliable, more so when the person who is making the comparison doesn’t know the individual.

6 Discussions

This is also a study of biometrics in big data, i.e., when we have unprecedented amount of data available for biometric authentication and verification tasks. Big data implies that we not only need to address the challenges in volume, but also in the variety and uncertainty of the data. Our study deals with millions of blogs written by tens of thousands of authors. Here are some of our learnings while working with such data:

We need to develop methods that are computationally inexpensive and scales well with the increasing data. We use a random sample of genuine and impostor data points, as the actual number of data points become prohibitively large to store and analyze,

Since the inception of the biometric system, developers need to carefully choose programming environments and software tools appropriate for handling big data. Given that this analysis requires computing distance between every pair of blogs, the complexity of this authorship attribution is O(N2) in the number of blogs. To address this challenge, we used efficient data structures (such as associative maps in Java and Python) and scalable procedures involving large matrices.

To reduce the uncertainty in the data, we constrained the dataset, by taking only the blogs which are personal stories written by an identifiable author.