SlideShare a Scribd company logo

Biometrics system penetration in mobile devices

Swapnil Jagtap
Swapnil Jagtap

Biometrics is the automated identification or verification of human identity through the measurement of repeatable physiological or behavioral characteristics.

Engineering
1 of 28
Download to read offline
Biometrics System Penetration in Mobile Devices A NON-CREDIT COURSE REPORT ON BIO-METRICS AND CYBER SECURITY SUBMITTED TO SAVITRIBAI PHULE PUNE UNIVERSITY, PUNE FOR THE PARTIAL FULFILLMENT OF AWARD OF DEGREE Of MASTER OF ENGINEERING In (Computer Engineering) By Swapnil S. Jagtap Semester-III Roll No: ****** UNDER THE GUIDANCE OF Guide Name (Department of Computer Engineering) VPCOE, Baramati. DEPARTMENT OF COMPUTER ENGINEERING Vidya Pratishthan’s Kamalnayan Bajaj Institute of Engineering & Technology, Vidyanagari Bhigawan Road Baramati, Dist. Pune - 413133 2016-2017
CERTIFICATE This is to certify that Mr. Swapnil S. Jagtap has successfully submitted his report to Department of Computer Engineering, VPKBIET, Baramati, on Biometrics System Penetration in Mobile Devices During the academic year 2016-2017 in the partial fulfillment towards completion of Second Year of Master of Engineering in Computer Engineering, of Savitribai Phule Pune University, Pune(Maharashtra) Swapnil S. Jagtap Guide Name Student Guide Dept. of Comp. Engg. Dept. of Comp. Engg. Date : Place: VPKBIET, Baramati.
Contents 1 Introduction 3 2 Working Principle of Biometrics 6 3 Basic Mechanisms 11 3.1 Biometric Collection . . . . . . . . . . . . . . . . . . . . . . . 11 3.2 Biometric Templates . . . . . . . . . . . . . . . . . . . . . . . 12 3.3 Biometrics Identification Schemes . . . . . . . . . . . . . . . . 12 3.4 Comparison of Various Biometric Technologies . . . . . . . . . 12 3.5 Biometric Modalities . . . . . . . . . . . . . . . . . . . . . . . 13 3.5.1 Fingerprint . . . . . . . . . . . . . . . . . . . . . . . . 13 3.5.2 Face Image . . . . . . . . . . . . . . . . . . . . . . . . 14 3.5.3 Hand Geometry . . . . . . . . . . . . . . . . . . . . . . 15 3.5.4 Speech/voice . . . . . . . . . . . . . . . . . . . . . . . 16 3.5.5 Iris . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.5.6 Signature Verification . . . . . . . . . . . . . . . . . . . 17 4 Where to use Biometrics? 18 4.1 Biometric Devices: . . . . . . . . . . . . . . . . . . . . . . . . 19 4.2 Biometric Applications . . . . . . . . . . . . . . . . . . . . . . 20 4.3 Biometric Security . . . . . . . . . . . . . . . . . . . . . . . . 20 5 Security Threats for Mobile Platforms 22 5.1 Vulnerablity . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.2 Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.3 Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 6 Biometrics Performance Evaluation 24 7 Future Outlook 25 8 References 27
Chapter 1 Introduction What is Biometrics? “Biometrics is the automated identification or verification of human iden- tity through the measurement of repeatable physiological or behavioral char- acteristics.” Identification: The search of a biometric sample against a database of other samples in order to ascertain whether the donor is already contained in or new to the database. Verification: It refers to the ‘one to one’comparison between a sample and another to ask the question, ‘are you who you say you are?’The term “biometrics”is derived from the Greek words bio (life) and metric (to measure). For our use, biometrics refers to technologies for measuring and analyzing a person’s physiological or behavioral characteristics, such as fingerprints, irises, voice patterns, facial patterns, and hand measurements for identification and ver- ification purposes. 3
Figure 1.1: Explains the meaning of definition Identification and verification have long been accomplished by showing something you have, such as a license or a passport. Sometimes it also required something you know, such as a password or a PIN. As we move into a time when we need more secure and accurate measures, we begin to look at using something you are biometrics. Biometrics are automated methods of recognizing a person based on a physiological or behavioral char- acteristic. History of Biometrics: Chinese Precursor: Possibly the first known example of biometrics in practice was a form of finger printing being used in China in the 14th century, as reported by ex- plorer Joao de Barros. He wrote that the Chinese merchants were stamping children’s palm prints and footprints on paper with ink to distinguish the young children from one another. This is one of the earliest known cases of biometrics in use and is still being used today. European Origins: Until the late 1800s, identification largely relied upon “photographic memory.”In the 1890s, an anthropologist and police desk clerk in Paris named Alphonse Bertillon sought to fix the problem of identifying convicted criminals and turned biometrics into a distinct field of study. He devel- oped a method of multiple body measurements which got named after him (Bertillonage). 4
His system was used by police authorities throughout the world, until it quickly faded when it was discovered that some people shared the same measurements and based on the measurements alone, two people could get treated as one. After the failure of Bertillonage, the police started using finger printing, which was developed by Richard Edward Henry of Scotland Yard, essentially reverting to the same methods used by the Chinese for years. Modern Times: In the past three decades biometrics has moved from a single method (fin- gerprinting) to more than ten discreet methods. Companies involved with new methods number in the hundreds and continue to improve their meth- ods as the technology available to them advances. Prices for the hardware required continue to fall making systems more feasible for low and mid-level budgets. As the industry grows however, so does the public concern over privacy issues. Laws and regulations continue to be drafted and standards are beginning to be developed. While no other biometric has yet reached the breadth of use of fingerprinting, some are beginning to be used in both legal and business areas. 5
Chapter 2 Working Principle of Biometrics Biometric devices consist of a reader or scanning device, software that converts the gathered information into digital form, and a database that stores the biometric data for comparison with previous records. When con- verting the biometric input, the software identifies specific points of data as match points. The match points are processed using an algorithm into a value that can be compared with biometric data in the database. All Bio- metric authentications require comparing a registered or enrolled biometric sample (biometric template or identifier) against a newly captured biometric sample (for example, a fingerprint captured during a login). Enrollment Mode: A sample of the biometric trait is captured, processed by a computer, and stored for later comparison. Biometric recognition can be used in Identifi- cation mode, where the biometric system identifies a person from the entire enrolled population by searching a database for a match based solely on the biometric. For example, an entire database can be searched to verify a per- son has not applied for entitlement benefits under two different names. This is sometimes called “one-to-many”matching. Verification Mode: In this mode, biometric system authenticates a person claimed iden- tity from their previously enrolled pattern. This is also called “one-to- one”matching. In most computer access or network access environments, verification mode would be used. A user enters an account, user name or 6
inserts a token such as a smart card, but instead of entering a password, a simple glance at a camera is enough to authenticate the user. Types of Biometrics: There are two types of biometrics: 1. Behavioral biometrics: Used for verification. 2. Physical biometrics: Used for either identification or verification. Behavioral biometrics: • Speaker Recognition - Analyzing vocal behavior. • Signature - Analyzing signature dynamics. • Keystroke - Measuring the time spacing of typed words. Physical biometrics: • Fingerprint - Analyzing fingertip patterns. • Facial Recognition - Measuring facial characteristics. • Hand Geometry - Measuring the shape of the hand. • Iris recognition - Analyzing features of colored ring of the eye. • Vascular Patterns - Analyzing vein patterns. • Retinal Scan - Analyzing blood vessels in the eye. • Bertillonage - Measuring body lengths. 7
Characteristics of Biometrics: Biometric characteristics can be divided in two main classes, 1. Physiological 2. Behavioral Physiological - are related to the shape of the body. The oldest traits, that have been used for more than 100 years, are fingerprints. Other exam- ples are face recognition, hand geometry and iris recognition. Behavioral - are related to the behavior of a person. The first charac- teristic to be used, still widely used today, is the signature. More modern approaches are the study of keystroke dynamics and of voice. Figure 2.1: Facial Recognition The human face is one of the easiest characteristic which can be used in biometric security system to identify a user. Face recognition technology, is very popular and is used more widely because it does not require any kind of physical contact between the users and device. Cameras scan the user face and match it to a database for verification. Furthermore, it is easy to install 8
and does not require any expensive hardware. Facial recognition technology is used widely in a variety of security systems such as physical access control or computer user accounts. Figure 2.2: Iris Recognition The human iris is a thin circular structure in the eyes which is responsible for controlling the diameter and size of the pupils. It also controls the amount of light which is allowed through to retinal in order to protect the eye’s retina. Iris color is also a variable different to each person depending upon their genes. Iris color will decide eye color for each individual. There are several colors for iris such as: brown, green, blue, grey, hazel, violet, pink. The iris also has its own patterns from eye to eye and person to person, this will make up to uniqueness for each individual. Figure 2.3: Vascular Patterns One of the recent biometric technologies invented is the vein recognition system. Veins are blood vessels that carry blood to the heart. Each person’s 9
veins have unique physical and behavioral traits. Taking advantage of this, biometrics uses unique characteristics of the veins as a method to identify the user. Vein recognition systems mainly focus on the veins in the users hands. Each finger on human hand has veins which connect directly with the heart and it has its own physical traits. Figure 2.4: Fingerprint types Our fingerprint is made of a number of ridges and valley on the sur- face of finger that are unique to each human. “Ridges are the upper skin layer segments of the finger and valleys are the lower segments”. The ridges form two minutiae points: ridge endings-where the ridges end, and ridge bifurcations-where the ridges split in two. The uniqueness of a fingerprint can be determined by the different patterns of ridges and furrows as well as the minutiae points. There are five basic patterns which make up the finger- print: the arch such as tented and plain arch covers 5% of fingerprint; left and right loop covers 60% of fingerprints; whorl covers 34% of fingerprints and accidental whorls covers 1% of fingerprints. 10
Chapter 3 Basic Mechanisms The diagram shows a simple block diagram of a biometric system. When such a system is networked together with telecommunications technology, biomet- ric systems become tele biometric systems. The main operations a system can perform are enrollment and test. During the enrollment, biometric infor- mation from an individual is stored. During the test, biometric information is detected and compared with the stored information. Note that it is crucial that storage and retrieval of such systems themselves be secure if the bio- metric system is robust. The first block (sensor) is the interface between the real world and our system; it has to acquire all the necessary data. Most of the times it is an image acquisition system, but it can change according to the characteristics desired. The second block performs all the necessary pre- processing: it has to remove artifacts from the sensor, to enhance the input (e.g. removing background noise), to use some kind of normalization, etc. In the third block features needed are extracted. This step is an important step as the correct features need to be extracted and the optimal way. A vector of numbers or an image with particular properties is used to create a template. A template is a synthesis of all the characteristics extracted from the source, in the optimal size to allow for adequate identifiability. 3.1 Biometric Collection Biometrics are typically collected using a device called a sensor. These sen- sors are used to acquire the data needed for recognition and to convert the data to a digital form. The quality of the sensor used has a significant impact on the recognition results. Example “sensors”could be digital cameras (for face recognition) or a telephone (for voice recognition). 11
3.2 Biometric Templates A biometric template is a digital representation of an individuals distinct characteristics, representing information extracted from a biometric sample. Biometric templates are what are actually compared in a biometric recog- nition system. Templates can vary between biometric modalities as well as vendors. Not all biometric devices are template based. For example, voice recognition is based on models. The difference between templates and models is beyond the scope of this paper. 3.3 Biometrics Identification Schemes There are several types of biometric identification schemes: 1. Face - the analysis of facial characteristics. 2. Fingerprint - the analysis of an individuals unique fingerprints. 3. Hand geometry - the analysis of the shape of the hand and the length of the fingers. 4. Retina - the analysis of the capillary vessels located at the back of the eye. 5. Iris - the analysis of the colored ring that surrounds the eyes pupil. 6. Signature - the analysis of the way a person signs his name. 7. Vein - the analysis of pattern of veins in the back of the hand and the wrist. 8. Voice - the analysis of the tone, pitch, cadence and frequency of a persons voice. 3.4 Comparison of Various Biometric Tech- nologies It is possible to understand if a human characteristic can be used for biomet- rics in terms of the following parameters: 1. Uniqueness - is how well the biometric separates individually from another. 12
2. Permanence - measures how well a biometric resist aging. 3. Collectability - eases of acquisition for measurement. 4. Performance - accuracy, speed, and robustness of technology used. 5. Acceptability - degree of approval of a technology. 6. Circumvention - eases of use of a substitute. 3.5 Biometric Modalities Different applications and environments have different constraints. For in- stance, adequate fingerprint samples require user cooperation; whereas, a face image can be Captured by a surveillance camera. Furthermore, Finger- prints are not available for many of the suspects on Watch lists. There are also multiple biometric modalities for technical and financial reasons. Many scientists become interested in developing a system based on their own re- search. Upon a successful implementation, venture capitalist, interested in the implementation of such a system, commercialize a product. Therefore, wide varieties of modalities are being researched and are available on the market. 3.5.1 Fingerprint The patterns of friction ridges and valleys on an individual’s fingertips are unique to that individual. For decades, law enforcement has been classify- ing and determining identity by matching key points of ridge endings and bifurcations. Fingerprints are unique for each finger of a person including identical twins. One of the most commercially available biometric technolo- gies, fingerprint recognition devices for desktop and laptop access are now widely available from many different vendors at a low cost. With these de- vices, users no longer need to type passwords - instead, only a touch provides instant access. Fingerprint systems can also be used in identification mode. Several states check fingerprints for new applicants to social services benefits to ensure recipients do not fraudulently obtain benefits under fake names. New York State has over 900,000 people enrolled in such a system. Advantages: • Subjects have multiple fingers. 13
• Easy to use, with some training • Some systems require little space. • Large amounts of existing data to allow background and/or watch list checks. • Has proven effective in many large-scale systems over years of use. • Fingerprints are unique to each finger of each individual and the ridge arrangement remains permanent during one’s lifetime. Disadvantages: • Public Perceptions. • Privacy concerns of criminal implications. • Health or societal concerns with touching a sensor used by countless individuals. 3.5.2 Face Image The identification of a person by their facial image can be done in a number of different ways such as by capturing an image of the face in the visible spectrum using an inexpensive camera or by using the infrared patterns of facial heat emission. Facial recognition in visible light typically model key features from the central portion of a facial image. Using a wide assortment of cameras, the visible light systems extract features from the captured im- ages that do not change over time while avoiding superficial features such as facial expressions or hair. Several approaches to modeling facial images in the visible spectrum are Principal Component Analysis, Local Feature Anal- ysis, neural networks, elastic graph theory, and multi-resolution analysis. Some of the challenges of facial recognition in the visual spectrum include reducing the impact of variable lighting and detecting a mask or photograph. Some facial recognition systems may require a stationary or posed user in order to capture the image, though many systems use a real-time process to detect a person’s head and locate the face automatically. Major benefits of facial recognition are that it is non-intrusive, hands-free, continuous and accepted by most users. 14
Advantages: • No contact required. • Commonly available sensors (cameras). • Large amounts of existing data to allow background and/or watch list checks. • Easy for humans to verify results. Disadvantages: • Face can be obstructed by hair, glasses, hats, scarves etc. • Sensitive to changes in lighting, expression, and poses faces changeover time. • Propensity for users to provide poor-quality video images yet to expect accurate results. 3.5.3 Hand Geometry These methods of personal authentication are well established. Hand recog- nition has been available for over twenty years. To achieve personal authen- tication, a system may measure either physical characteristics of the fingers or the hands. These include length, width, thickness and surface area of the hand. One interesting characteristic is that some systems require a small biometric sample (a few bytes). Hand geometry has gained acceptance in a range of applications. It can frequently be found in physical access control in commercial and residential applications, in time and attendance systems and in general personal authentication applications. Advantages: • Easy to capture. • Believed to be a highly stable pattern over the adult lifespan. Disadvantages: • Use requires some training. • Not sufficiently distinctive for identification over large Databases. • Usually used for verification of a claimed enrollment identity. • System requires a large amount of physical space. 15
3.5.4 Speech/voice Speech recognition has a history dating back some four decades, where the output of several analog filters was averaged over time for matching. Speech recognition uses the acoustic features of speech that have been found to differ between individuals. These acoustic patterns reflect both anatomy (e.g., size and shape of the throat and mouth) and learned behavioral patterns (e.g., voice pitch, speaking style). This incorporation of learned patterns into the voice templates (the latter called “voiceprints”) has earned speaker recogni- tion its classification as a “behavioral biometric”. Speech recognition systems employ three styles of spoken input: text-dependent, text-prompted and text independent. Most speaker verification applications use text-dependent in- put, which involves selection and enrollment of one or more voice passwords. Text-prompted input is used whenever there is concern of imposters. The various technologies used to process and store voiceprints includes hidden Markov models, pattern matching algorithms, neural networks, matrix repre- sentation and decision trees. Some systems also use “anti-speaker”techniques, such as cohort models, and world models. Ambient noise levels can impede both collection of the initial and subsequent voice samples. Performance degradation can result from changes in behavioral attributes of the voice and from enrollment using one telephone and verification on another telephone. Voice changes due to aging also need to be addressed by recognition systems. Many companies market speaker recognition engines, often as part of large voice processing, control and switching systems. Capture of the biometric is seen as non-invasive. The technology needs little additional hardware by using existing microphones and voice-transmission technology allowing recog- nition over long distances via ordinary telephones (wire line or wireless). Advantages: • Public Acceptance. • No Contact Required. • Commonly Available Sensors (telephones & microphones). Disadvantages: • Difficult to control sensor and channel variances that significantly im- pact capabilities. • Not sufficiently distinctive for identification over large databases. 16
3.5.5 Iris This recognition method uses the iris of the eye which is the colored area that surrounds the pupil. Iris patterns are thought unique. The iris patterns are obtained through a video-based image acquisition system. Iris scanning de- vices have been used in personal authentication applications for several years. Systems based on iris recognition have substantially decreased in price and this trend is expected to continue. The technology works well in both veri- fication and identification modes. Current systems can be used even in the presence of eyeglasses and contact lenses. The technology is not intrusive. It does not require physical contact with a scanner. Iris recognition has been demonstrated to work with individuals from different ethnic groups and na- tionalities. Advantages: • No contact Required. • Protected internal organ, less prone to injury. • Believed to be highly stable over lifetime. Disadvantages: • Difficult to capture for some individuals. • Easily obscured by eyelashes, eyelids, lens and reflections from the cornea. • Public myths and fears related to scanning the eye with a light source. • Acquisition of an iris image requires more training and attentiveness than most biometrics. • Lack of existing data ability to use for background or watch list checks. • Cannot be verified by a human. 3.5.6 Signature Verification This technology uses the dynamic analysis of a signature to authenticate a person. The technology is based on measuring speed, pressure and angle used by the person when a signature is produced. One focus for this technology has been e-business applications and other applications where signature is an accepted method of personal authentication. 17
Chapter 4 Where to use Biometrics? Biometric use involves controlling access to physical locations (laboratories, buildings etc.) Biometrics can be used to determine whether or not a person is already in database such as for social service or national id applications. Biometrics can be used in environments where recognition of an individual is required. Applications vary and range from logical access to a personal computer to physical access of a secured laboratory. They can be used in a variety of collection environments as identification systems. Biometrics are also used for accountability applications such as recording the biometric identities of individuals. Wireless Biometrics: As biometrics systems improve, become smaller and require less power for operation, the potential to integrate into new application grows. The ability to operate the biometrics verification solution from battery supply is unprecedented. Previously, biometrics have been used in combination with personal computers and based on a stringent platform to maintain reasonable performance. However, as the technology for fingerprint recognition is being miniaturized and streamlined for performance, new avenues of application can be found when technologies are integrated together in small, simple and stand-alone packaging. Wireless biometrics will consist of both the hardware and software for the fingerprint scanning devices that will be embedded in wireless handheld devices. The solution will come as a bundle of a range of validation, transaction management and content protection services based on the devices. 18
Tele-Biometrics: Tele-biometrics applies biometrics to telecommunications and telecommu- nications to remote biometric sensing. With the emergence of multimodal biometrics systems gathering data from different sensors and contexts, Inter- national Standards that support systems performing biometric enrollment and verification or identification have begun to focus on human physiological thresholds as constraints and frameworks for “plug and play”tele-biometric networks. Attending to these wetware protocols has become particularly ur- gent in the context of a recent study suggesting possible pathological effects from RFID transponders implanted in dogs. 4.1 Biometric Devices: • Optical Fingerprint Scanner - Our biometric hamster is the next generation model of popular and versatile biometric fingerprint readers. Packaged in a comfortable, ergonomic design, this biometric scanner features the industry’s most rugged and advanced optical sensor using patented SEIR fingerprint biometric technology. • Optic-Mouse - Optic-Mouse is an innovative optical tracking mouse that can operate on almost any surface with exceptional response, it features the industry’s most rugged and advanced optical sensor using patented SEIR fingerprint biometric technology. • iGuard - Integrated Access Control and Time Attendance Sys- tem - iGuard is a complete solution combining a access control system and time attendance system. It utilizes patented embedded web server technology combined with biometrics and smart card authentication. This is the world sonly available system that has achieved advanced op- erability using world-renowned TCP/IP networking protocol without having to compromise on security. • Personal Fingerprint Safes - Biometric personal safes are revolu- tionary locking storage cases that open with just the touch of your finger. These products are designed as “access denial”secure storage for medications, jewelry, weapons, documents, and other valuable or potentially harmful items. • Biometric Fingerprint Door Locks - Your fingerprint is the key with our revolutionary fingerprint door lock. This amazing new prod- 19
uct replaces keyed locking mechanisms with a fingerprint sensor that actually recognizes who is and who is not authorized to enter. • Biometric Versus Forensic - While both biometrics and forensic involves human recognition, biometrics is typically applied using au- tomated techniques to prevent situation application such as gaining access to sensitive information or to a secured facility. Forensic appli- cations typically occur after a crime has occurred, and may not use fully automated methods. Forensic methods are often used to assist in the legal process. Forensic usually requires days of processing and are held to much higher accuracy requirements. 4.2 Biometric Applications • Biometric Time Clocks - Which are being increasingly used in var- ious organizations to control employee timekeeping. • Biometric safes and biometric locks - Provides security to the homeowners. • Biometric access control systems - Providing strong security at entrances. Biometric systems are also developed for securing access to PC’s and providing single logon facilities. • Wireless biometrics - for high end security and providing safer trans- actions from wireless devices like PDA’s, etc. • Identifying DNA Patterns - of biometrics technology in identifying DNA patterns for identifying criminals, etc. • Biometrics airport security - devices are also deployed at some of the worlds famous airports to enhance the security standards. 4.3 Biometric Security A concern is how a person’s biometric, once collected, can be protected. Aus- tralia has therefore introduced a Biometrics Institute Privacy Code Biomet- rics Institute in order to protect consumer personal data beyond the current protections offered by the Australian Privacy Act. 20
Sociological Concerns: As technology advances, and time goes on, more private companies and public utilities may use biometrics for safe, accurate identification. These advances are likely to raise concerns such as: • Physical - Some believe this technology can cause physical harm to an individual using the methods or that instruments used are unsanitary. For example, there are concerns that retina scanners might not always be clean. • Personal Information - There are concerns whether our personal in- formation taken through biometric methods can be misused, tampered with or sold, e.g. by criminals stealing, rearranging or copying the bio- metric data. Also, the data obtained using biometrics can be used in unauthorized ways without the individual’s consent. Danger to owners of secured items: When thieves cannot get access to secure properties, there is a chance that person secured items the thieves will stalk and assault the property owner to gain access. If the item is secured with a biometric device, the damage to the owner could be irreversible, and potentially cost more than the secured property. In 2005, Malaysian car thieves cut off the finger of a Mercedes-Benz S-Class owner when attempting to steal the car. Cancelable Biometrics: Physical features, such as face, fingerprint, iris, retina, hand, or behav- ioral features, such as signature, voice, gait, must fulfill a certain criterion to qualify for use in recognition. They must be unique, universal, accept- able, collectable and convenient to the person, in addition, to reliability at recognition, performance and circumvention. However, most importantly, permanence is a key feature for biometrics. They must retain all the above features in particular the uniqueness unchanged, or acceptably changed, over the lifetime of the individual. On the other hand, this fundamental feature has brought biometrics to challenge a new risk. If biometric data is obtained, for example compromised from a database, by unauthorized users, the gen- uine owner will lose control over them forever and lose his/her identity. 21
Chapter 5 Security Threats for Mobile Platforms The usage of the mobile phone over the last few years has made fundamental changes in our daily life. Mobile devices, namely Personal Digital Assistants (PDAs) and smart phones are containing ever more personal information, including address books, schedules as well as payment information. Smart phones or mobile phones with advanced capabilities like those of personal computers (PCs) are appearing in more peoples pockets, purses, and brief- cases. Smart phones popularity and relatively lack security have made them attractive targets for attackers. Mobile phones are becoming more and more valuable as targets for attack. People are using smart phones for an increasing number of activities and often store sensitive data, such as email, calendars, contact information and password on the devices. Mobile applications for social networking keep a wealth of personal information. 5.1 Vulnerablity A weakness that is inherent in every network and device. This includes routers, switches, desktops, servers and even security devices themselves. 5.2 Threats People eager, willing and qualified to take advantage of each security weak- ness and they continually search for new exploits and weaknesses. 22
5.3 Attacks Threats use a variety of tools, scripts and programs to launch attacks against networks and network devices. Typically the network devices under attack are the endpoints such as servers and desktops. Table below shows the various attacks on mobile devices. Attacks Causes Attack Type Mobile Security (Features) Affects Mobility Lost or Authentication, theft device Confidentiality Limited resources DoS (Denial of Service) Data Integrity, Confidentiality, Availability Strong Connectivity Viruses or worms Data Integrity, Requirement (malware) Confidentiality and Charging Table 5.1: Various Attacks on Mobile Devices Several major security issues loom over the use of such devices, including • Mobile devices are often stolen or missing, due to their small size. • The contents in the mobile devices are unencrypted or encrypted under a flawed protocol. • Mobile devices are pron to middle-man attack or viruses attack from wireless connection. • User authentication is weak or disabled or in a common default mode, the authentication mechanism is single static password authentication can be circumvented easily. 23
Chapter 6 Biometrics Performance Evaluation Biometrics does not operate like passwords, where the correct input of the secret knowledge can assure access to the system with 100provide a sample, but several factors may still cause them to be rejected by the system. These factors might be environmental or related to the underlying uniqueness of the characteristics involved. This might not only lead to rejecting an authorized user but also in accepting an impostor. The quality metrics used to evaluate the performance of the biometric system are as follows: • False Acceptance Rate (FAR) - which represents the probability of an impostor getting accepted by the system (sometimes referred to as the Impostor Pass Rate). • False Rejection Rate (FRR) - which represents the probability of falsely rejecting an authorized user (sometimes referred to as the False Alarm Rate). • Failure to Enroll Rate (FTE) - which refers to situation where the sample is not able to provide enough information to create a template. That can be due to noise from the capture or a lack of features from the user, for example burned fingers. • Failure to Acquire Rate (FTA) - which refers to the situation where the system is unable to acquire a sample from the user. 24
Chapter 7 Future Outlook According to most experts, the future of biometrics is dependent upon two critical areas: Standardization and the use of Hybrid Technologies. Standardization: Currently, the biometrics industry is very fragmented, with more than 150 companies with their own proprietary systems and methodologies. Stan- dards have only recently been established in order to provide direction for the development of a common interface that will allow for shared biometric tem- plates. The BioAPI standard created by the BioAPI Consortium, a group of more than 60 vendors and government agencies, defines a common structure for interfacing with biometrics. Yet, competitive forces remain as technol- ogy giants like Microsoft have abandoned the consortium and the BioAPI standard in order to develop their own proprietary software standards. The development and acceptance of a primary standard is critical for the growth and applicability of the biometrics industry. Only after the technological standard is more established can systems integrate and interact efficiently. Hybrid Technologies: One of the critical concerns with the use of biometric technologies is that of privacy and security of stored personal biometric data. To have personal data stored in a centralized database leaves the information potentially open to theft or compromise. The concept of combining smart card or public key infrastructures with biometric readers where the biometric template is stored on an individually controlled key has been suggested as a solution for the privacy concern and is considered by some critical to the advancement of biometric applications. Biometrics is a powerful combination of science and 25
technology that can be used to protect and secure our most valuable infor- mation and property. The future holds no limits for this industry as more applications are found. Further, the technology itself continues to improve in terms of application and accuracy. From the application of total body scan- ning for highest security areas to speed and accuracy of identification when shopping on-line, the applications are boundless. Imagine a world where in- terstate air travel is allowed automatically via a full body scan that not only verifies identity but simultaneously searches for insecure or illegal parapher- nalia. Where access to one is bank or credit accounts is only granted after identification via iris or retina scan. Where a shopping trip is made possible by a vehicle that operates only with biometric verification of ownership and payment is made via a fingerprint scan that links directly to one is credit account. In the future, we will live in a faster paced, more secure world where verification of one is identity is critical for daily activities. While some might argue that privacy and personal “freedom”are sacrificed with this level of control, most believe that it is the necessary price for a secure world envi- ronment. 26
Chapter 8 References 1. M.Sujithra, Dr. G.Padmavathi, “Mobile Device Security-A survey on Mobile Device Threats, Vulnerabilities and their Defensive Mech- anism,”International Journal of Computer Applications (IJCA), Vol. 56, No. 14, 2012. 2. Anurag Kumar Jain, DevendraShanbhag, “Addressing Security and Risks in Mobile Applications,”2012. 3. Roberta Cozza, “Forecast: Mobile Communications Devices by Open Operating System, Worldwide,”Gartner, 2011. 4. M.Sujithra, Dr. G.Padmavathi, “Biometrics for Low Power Mobile Devices,”International Conference on Mathematical Modelling and Ap- plied Soft Computing, Vol. 2, 2012. 5. Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile,”Produced for US-CERT, a government organization, Carnegie Mellon University - US, 2011. 6. C.R. Mulliner, “Security of smart phones,”Masters thesis submitted to University of California, Santa Barbara, 2006. 7. M.Sujithra, Dr. G.Padmavathi, “Biometric System Penetration in Re- source Constrained Mobile Device,”International Journal on Bioinfor- matics & Biosciences (IJBB) Vol. 3, No. 1, March 2013. 8. Anil K. Jain, Arun Ross and Salil Prabhakar, “An Introduction to Biometric Recognition,”IEEE Transactions on Circuits and Systems for Video Technologies, Vol. 14, No. 1, 2004. 27

Recommended

Ubiquitous security- is it just biometrics?
Ubiquitous security- is it just biometrics?Ubiquitous security- is it just biometrics?
Ubiquitous security- is it just biometrics?Siddharth Kishan
 
Biometrics
BiometricsBiometrics
BiometricsPriyanka Sharma
 
A study on biometric authentication techniques
A study on biometric authentication techniquesA study on biometric authentication techniques
A study on biometric authentication techniquesSubhash Basistha
 
Biometricsppt
BiometricspptBiometricsppt
BiometricspptDrKRBadhiti
 
Biometric technology
Biometric technologyBiometric technology
Biometric technologyDharmik
 
Jss academy of technical education
Jss academy of technical educationJss academy of technical education
Jss academy of technical educationArhind Gautam
 
Final Report Biometrics
Final Report BiometricsFinal Report Biometrics
Final Report Biometricsanoop80686
 
Biometric Security Systems ppt
Biometric Security Systems pptBiometric Security Systems ppt
Biometric Security Systems pptOECLIB Odisha Electronics Control Library
 

Recommended

Ubiquitous security- is it just biometrics?
Ubiquitous security- is it just biometrics?Ubiquitous security- is it just biometrics?
Ubiquitous security- is it just biometrics?Siddharth Kishan
 
Biometrics
BiometricsBiometrics
BiometricsPriyanka Sharma
 
A study on biometric authentication techniques
A study on biometric authentication techniquesA study on biometric authentication techniques
A study on biometric authentication techniquesSubhash Basistha
 
Biometricsppt
BiometricspptBiometricsppt
BiometricspptDrKRBadhiti
 
Biometric technology
Biometric technologyBiometric technology
Biometric technologyDharmik
 
Jss academy of technical education
Jss academy of technical educationJss academy of technical education
Jss academy of technical educationArhind Gautam
 
Final Report Biometrics
Final Report BiometricsFinal Report Biometrics
Final Report Biometricsanoop80686
 
Biometric Security Systems ppt
Biometric Security Systems pptBiometric Security Systems ppt
Biometric Security Systems pptOECLIB Odisha Electronics Control Library
 
A Comparison Based Study on Biometrics for Human Recognition
A Comparison Based Study on Biometrics for Human RecognitionA Comparison Based Study on Biometrics for Human Recognition
A Comparison Based Study on Biometrics for Human RecognitionIOSR Journals
 
Biometric seminar proma
Biometric seminar promaBiometric seminar proma
Biometric seminar promaproma_goswami
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesPrabh Jeet
 
MULTIMODAL BIOMETRIC SECURITY SYSTEM
MULTIMODAL BIOMETRIC SECURITY SYSTEMMULTIMODAL BIOMETRIC SECURITY SYSTEM
MULTIMODAL BIOMETRIC SECURITY SYSTEMxiaomi5
 
Ins & Outs of Biometric Authentication
Ins & Outs of Biometric AuthenticationIns & Outs of Biometric Authentication
Ins & Outs of Biometric AuthenticationIVR Technology Group
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Pavan Kumar MT
 
Biometric security system
Biometric security systemBiometric security system
Biometric security systemMithun Paul
 
Introduction of Biometrics
Introduction of BiometricsIntroduction of Biometrics
Introduction of BiometricsAnit Thapaliya
 
Seminar
SeminarSeminar
SeminarNidhi Nayan
 
Enhancing the Cash Point using Multimode Biometric System
Enhancing the Cash Point using Multimode Biometric SystemEnhancing the Cash Point using Multimode Biometric System
Enhancing the Cash Point using Multimode Biometric Systemijtsrd
 
Biometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyBiometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyStar Link Communication Pvt Ltd
 
Biometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febBiometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febNavin Kumar
 
Biometricstechnology in iot and machine learning
Biometricstechnology in iot and machine learningBiometricstechnology in iot and machine learning
Biometricstechnology in iot and machine learningAnkit Gupta
 
4.report (biometric security system)
4.report (biometric security system)4.report (biometric security system)
4.report (biometric security system)JIEMS Akkalkuwa
 
Biometric technology
Biometric technology Biometric technology
Biometric technology r1o9h9i6t
 
Biometrics
BiometricsBiometrics
BiometricsPresentaionslive.blogspot.com
 
Zahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesZahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesPluribus One
 
biometric technology
biometric technologybiometric technology
biometric technologyAnmol Bagga
 
Biometric authentication system
Biometric authentication systemBiometric authentication system
Biometric authentication systemManoj Kumar
 
biometrics and cyber security
biometrics and cyber securitybiometrics and cyber security
biometrics and cyber securityKarthiga Manisekaran
 
Biometrics Essay
Biometrics EssayBiometrics Essay
Biometrics EssayLanate Drummond
 
Security Issues Related to Biometrics
Security Issues Related to BiometricsSecurity Issues Related to Biometrics
Security Issues Related to BiometricsYogeshIJTSRD
 

More Related Content

What's hot

A Comparison Based Study on Biometrics for Human Recognition
A Comparison Based Study on Biometrics for Human RecognitionA Comparison Based Study on Biometrics for Human Recognition
A Comparison Based Study on Biometrics for Human RecognitionIOSR Journals
 
Biometric seminar proma
Biometric seminar promaBiometric seminar proma
Biometric seminar promaproma_goswami
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesPrabh Jeet
 
MULTIMODAL BIOMETRIC SECURITY SYSTEM
MULTIMODAL BIOMETRIC SECURITY SYSTEMMULTIMODAL BIOMETRIC SECURITY SYSTEM
MULTIMODAL BIOMETRIC SECURITY SYSTEMxiaomi5
 
Ins & Outs of Biometric Authentication
Ins & Outs of Biometric AuthenticationIns & Outs of Biometric Authentication
Ins & Outs of Biometric AuthenticationIVR Technology Group
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Pavan Kumar MT
 
Biometric security system
Biometric security systemBiometric security system
Biometric security systemMithun Paul
 
Introduction of Biometrics
Introduction of BiometricsIntroduction of Biometrics
Introduction of BiometricsAnit Thapaliya
 
Enhancing the Cash Point using Multimode Biometric System
Enhancing the Cash Point using Multimode Biometric SystemEnhancing the Cash Point using Multimode Biometric System
Enhancing the Cash Point using Multimode Biometric Systemijtsrd
 
Biometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febBiometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febNavin Kumar
 
Biometricstechnology in iot and machine learning
Biometricstechnology in iot and machine learningBiometricstechnology in iot and machine learning
Biometricstechnology in iot and machine learningAnkit Gupta
 
4.report (biometric security system)
4.report (biometric security system)4.report (biometric security system)
4.report (biometric security system)JIEMS Akkalkuwa
 
Biometric technology
Biometric technology Biometric technology
Biometric technology r1o9h9i6t
 
Zahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesZahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesPluribus One
 
biometric technology
biometric technologybiometric technology
biometric technologyAnmol Bagga
 
Biometric authentication system
Biometric authentication systemBiometric authentication system
Biometric authentication systemManoj Kumar
 

What's hot (20)

A Comparison Based Study on Biometrics for Human Recognition
A Comparison Based Study on Biometrics for Human RecognitionA Comparison Based Study on Biometrics for Human Recognition
A Comparison Based Study on Biometrics for Human Recognition
 
Biometric seminar proma
Biometric seminar promaBiometric seminar proma
Biometric seminar proma
 
Biometric Security advantages and disadvantages
Biometric Security advantages and disadvantagesBiometric Security advantages and disadvantages
Biometric Security advantages and disadvantages
 
MULTIMODAL BIOMETRIC SECURITY SYSTEM
MULTIMODAL BIOMETRIC SECURITY SYSTEMMULTIMODAL BIOMETRIC SECURITY SYSTEM
MULTIMODAL BIOMETRIC SECURITY SYSTEM
 
Ins & Outs of Biometric Authentication
Ins & Outs of Biometric AuthenticationIns & Outs of Biometric Authentication
Ins & Outs of Biometric Authentication
 
Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.Biometrics Technology Seminar Report.
Biometrics Technology Seminar Report.
 
Biometric security system
Biometric security systemBiometric security system
Biometric security system
 
Introduction of Biometrics
Introduction of BiometricsIntroduction of Biometrics
Introduction of Biometrics
 
Seminar
SeminarSeminar
Seminar
 
Enhancing the Cash Point using Multimode Biometric System
Enhancing the Cash Point using Multimode Biometric SystemEnhancing the Cash Point using Multimode Biometric System
Enhancing the Cash Point using Multimode Biometric System
 
Biometrics Technology In the 21st Century
Biometrics Technology In the 21st CenturyBiometrics Technology In the 21st Century
Biometrics Technology In the 21st Century
 
Biometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 febBiometric authentication ppt by navin 6 feb
Biometric authentication ppt by navin 6 feb
 
Biometricstechnology in iot and machine learning
Biometricstechnology in iot and machine learningBiometricstechnology in iot and machine learning
Biometricstechnology in iot and machine learning
 
4.report (biometric security system)
4.report (biometric security system)4.report (biometric security system)
4.report (biometric security system)
 
Biometric technology
Biometric technology Biometric technology
Biometric technology
 
Biometrics
BiometricsBiometrics
Biometrics
 
Zahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense SlidesZahid Akhtar - Ph.D. Defense Slides
Zahid Akhtar - Ph.D. Defense Slides
 
biometric technology
biometric technologybiometric technology
biometric technology
 
Biometric authentication system
Biometric authentication systemBiometric authentication system
Biometric authentication system
 
biometrics and cyber security
biometrics and cyber securitybiometrics and cyber security
biometrics and cyber security
 

Similar to Biometrics system penetration in mobile devices

Security Issues Related to Biometrics
Security Issues Related to BiometricsSecurity Issues Related to Biometrics
Security Issues Related to BiometricsYogeshIJTSRD
 
BIOMETRICS TECHNOLGY
BIOMETRICS TECHNOLGYBIOMETRICS TECHNOLGY
BIOMETRICS TECHNOLGYsumitgupta575
 
Seminar Report face recognition_technology
Seminar Report face recognition_technologySeminar Report face recognition_technology
Seminar Report face recognition_technologyVivek Soni
 
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptxSEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx1A255Gauravwankar
 
Biometric encryption
Biometric encryptionBiometric encryption
Biometric encryptionDeepák Soni
 
Fingerprint detection
Fingerprint detectionFingerprint detection
Fingerprint detectionMudit Mishra
 
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and ApproachMulti-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and ApproachJigisha Aryya
 
Biometrics Based Authentication AKASH
Biometrics Based Authentication AKASHBiometrics Based Authentication AKASH
Biometrics Based Authentication AKASHAkash Deep Maurya
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docxaulasnilda
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docxRAJU852744
 
Biometrics research paper
Biometrics research paperBiometrics research paper
Biometrics research paperdesire120
 
Biometrics Research/Thesis Paper
Biometrics Research/Thesis PaperBiometrics Research/Thesis Paper
Biometrics Research/Thesis PaperSumaiya Ismail
 

Similar to Biometrics system penetration in mobile devices (20)

Biometrics Essay
Biometrics EssayBiometrics Essay
Biometrics Essay
 
Security Issues Related to Biometrics
Security Issues Related to BiometricsSecurity Issues Related to Biometrics
Security Issues Related to Biometrics
 
BIOMETRICS TECHNOLGY
BIOMETRICS TECHNOLGYBIOMETRICS TECHNOLGY
BIOMETRICS TECHNOLGY
 
Seminar Report face recognition_technology
Seminar Report face recognition_technologySeminar Report face recognition_technology
Seminar Report face recognition_technology
 
Biometrics Security System
Biometrics Security SystemBiometrics Security System
Biometrics Security System
 
Iris scanning
Iris scanningIris scanning
Iris scanning
 
Poster on biometrics
Poster on biometricsPoster on biometrics
Poster on biometrics
 
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptxSEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
 
Biometric technology
Biometric technologyBiometric technology
Biometric technology
 
Biometric encryption
Biometric encryptionBiometric encryption
Biometric encryption
 
Fingerprint detection
Fingerprint detectionFingerprint detection
Fingerprint detection
 
Multi-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and ApproachMulti-factor Implicit Biometric Authentication: Analysis and Approach
Multi-factor Implicit Biometric Authentication: Analysis and Approach
 
Biometrics Based Authentication AKASH
Biometrics Based Authentication AKASHBiometrics Based Authentication AKASH
Biometrics Based Authentication AKASH
 
Biometric
Biometric Biometric
Biometric
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
 
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx1Ethical Biometric Use23 Feb 2020Table of Cont.docx
1Ethical Biometric Use23 Feb 2020Table of Cont.docx
 
Ai
AiAi
Ai
 
Biometrics research paper
Biometrics research paperBiometrics research paper
Biometrics research paper
 
Biometrics poster
Biometrics posterBiometrics poster
Biometrics poster
 
Biometrics Research/Thesis Paper
Biometrics Research/Thesis PaperBiometrics Research/Thesis Paper
Biometrics Research/Thesis Paper
 

Recently uploaded

Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.Kamal Acharya
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdfKamal Acharya
 
Digital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptxDigital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptxpritamlangde
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsvanyagupta248
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiessarkmank1
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Servicemeghakumariji156
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxSCMS School of Architecture
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityMorshed Ahmed Rahath
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxOrlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxMuhammadAsimMuhammad6
 
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARHAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARKOUSTAV SARKAR
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfJiananWang21
 
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptxrouholahahmadi9876
 
Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Ramkumar k
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayEpec Engineered Technologies
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...vershagrag
 

Recently uploaded (20)

Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
Hospital management system project report.pdf
Hospital management system project report.pdfHospital management system project report.pdf
Hospital management system project report.pdf
 
Digital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptxDigital Communication Essentials: DPCM, DM, and ADM .pptx
Digital Communication Essentials: DPCM, DM, and ADM .pptx
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
PE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and propertiesPE 459 LECTURE 2- natural gas basic concepts and properties
PE 459 LECTURE 2- natural gas basic concepts and properties
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
 
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptxHOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
HOA1&2 - Module 3 - PREHISTORCI ARCHITECTURE OF KERALA.pptx
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxOrlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKARHAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
HAND TOOLS USED AT ELECTRONICS WORK PRESENTED BY KOUSTAV SARKAR
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
457503602-5-Gas-Well-Testing-and-Analysis-pptx.pptx
 
Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)Theory of Time 2024 (Universal Theory for Everything)
Theory of Time 2024 (Universal Theory for Everything)
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak HamilCara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
Cara Menggugurkan Sperma Yang Masuk Rahim Biyar Tidak Hamil
 
💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
💚Trustworthy Call Girls Pune Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top...
 

Biometrics system penetration in mobile devices

  • 1. Biometrics System Penetration in Mobile Devices A NON-CREDIT COURSE REPORT ON BIO-METRICS AND CYBER SECURITY SUBMITTED TO SAVITRIBAI PHULE PUNE UNIVERSITY, PUNE FOR THE PARTIAL FULFILLMENT OF AWARD OF DEGREE Of MASTER OF ENGINEERING In (Computer Engineering) By Swapnil S. Jagtap Semester-III Roll No: ****** UNDER THE GUIDANCE OF Guide Name (Department of Computer Engineering) VPCOE, Baramati. DEPARTMENT OF COMPUTER ENGINEERING Vidya Pratishthan’s Kamalnayan Bajaj Institute of Engineering & Technology, Vidyanagari Bhigawan Road Baramati, Dist. Pune - 413133 2016-2017
  • 2. CERTIFICATE This is to certify that Mr. Swapnil S. Jagtap has successfully submitted his report to Department of Computer Engineering, VPKBIET, Baramati, on Biometrics System Penetration in Mobile Devices During the academic year 2016-2017 in the partial fulfillment towards completion of Second Year of Master of Engineering in Computer Engineering, of Savitribai Phule Pune University, Pune(Maharashtra) Swapnil S. Jagtap Guide Name Student Guide Dept. of Comp. Engg. Dept. of Comp. Engg. Date : Place: VPKBIET, Baramati.
  • 3. Contents 1 Introduction 3 2 Working Principle of Biometrics 6 3 Basic Mechanisms 11 3.1 Biometric Collection . . . . . . . . . . . . . . . . . . . . . . . 11 3.2 Biometric Templates . . . . . . . . . . . . . . . . . . . . . . . 12 3.3 Biometrics Identification Schemes . . . . . . . . . . . . . . . . 12 3.4 Comparison of Various Biometric Technologies . . . . . . . . . 12 3.5 Biometric Modalities . . . . . . . . . . . . . . . . . . . . . . . 13 3.5.1 Fingerprint . . . . . . . . . . . . . . . . . . . . . . . . 13 3.5.2 Face Image . . . . . . . . . . . . . . . . . . . . . . . . 14 3.5.3 Hand Geometry . . . . . . . . . . . . . . . . . . . . . . 15 3.5.4 Speech/voice . . . . . . . . . . . . . . . . . . . . . . . 16 3.5.5 Iris . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 3.5.6 Signature Verification . . . . . . . . . . . . . . . . . . . 17 4 Where to use Biometrics? 18 4.1 Biometric Devices: . . . . . . . . . . . . . . . . . . . . . . . . 19 4.2 Biometric Applications . . . . . . . . . . . . . . . . . . . . . . 20 4.3 Biometric Security . . . . . . . . . . . . . . . . . . . . . . . . 20 5 Security Threats for Mobile Platforms 22 5.1 Vulnerablity . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.2 Threats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.3 Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 6 Biometrics Performance Evaluation 24 7 Future Outlook 25 8 References 27
  • 4. Chapter 1 Introduction What is Biometrics? “Biometrics is the automated identification or verification of human iden- tity through the measurement of repeatable physiological or behavioral char- acteristics.” Identification: The search of a biometric sample against a database of other samples in order to ascertain whether the donor is already contained in or new to the database. Verification: It refers to the ‘one to one’comparison between a sample and another to ask the question, ‘are you who you say you are?’The term “biometrics”is derived from the Greek words bio (life) and metric (to measure). For our use, biometrics refers to technologies for measuring and analyzing a person’s physiological or behavioral characteristics, such as fingerprints, irises, voice patterns, facial patterns, and hand measurements for identification and ver- ification purposes. 3
  • 5. Figure 1.1: Explains the meaning of definition Identification and verification have long been accomplished by showing something you have, such as a license or a passport. Sometimes it also required something you know, such as a password or a PIN. As we move into a time when we need more secure and accurate measures, we begin to look at using something you are biometrics. Biometrics are automated methods of recognizing a person based on a physiological or behavioral char- acteristic. History of Biometrics: Chinese Precursor: Possibly the first known example of biometrics in practice was a form of finger printing being used in China in the 14th century, as reported by ex- plorer Joao de Barros. He wrote that the Chinese merchants were stamping children’s palm prints and footprints on paper with ink to distinguish the young children from one another. This is one of the earliest known cases of biometrics in use and is still being used today. European Origins: Until the late 1800s, identification largely relied upon “photographic memory.”In the 1890s, an anthropologist and police desk clerk in Paris named Alphonse Bertillon sought to fix the problem of identifying convicted criminals and turned biometrics into a distinct field of study. He devel- oped a method of multiple body measurements which got named after him (Bertillonage). 4
  • 6. His system was used by police authorities throughout the world, until it quickly faded when it was discovered that some people shared the same measurements and based on the measurements alone, two people could get treated as one. After the failure of Bertillonage, the police started using finger printing, which was developed by Richard Edward Henry of Scotland Yard, essentially reverting to the same methods used by the Chinese for years. Modern Times: In the past three decades biometrics has moved from a single method (fin- gerprinting) to more than ten discreet methods. Companies involved with new methods number in the hundreds and continue to improve their meth- ods as the technology available to them advances. Prices for the hardware required continue to fall making systems more feasible for low and mid-level budgets. As the industry grows however, so does the public concern over privacy issues. Laws and regulations continue to be drafted and standards are beginning to be developed. While no other biometric has yet reached the breadth of use of fingerprinting, some are beginning to be used in both legal and business areas. 5
  • 7. Chapter 2 Working Principle of Biometrics Biometric devices consist of a reader or scanning device, software that converts the gathered information into digital form, and a database that stores the biometric data for comparison with previous records. When con- verting the biometric input, the software identifies specific points of data as match points. The match points are processed using an algorithm into a value that can be compared with biometric data in the database. All Bio- metric authentications require comparing a registered or enrolled biometric sample (biometric template or identifier) against a newly captured biometric sample (for example, a fingerprint captured during a login). Enrollment Mode: A sample of the biometric trait is captured, processed by a computer, and stored for later comparison. Biometric recognition can be used in Identifi- cation mode, where the biometric system identifies a person from the entire enrolled population by searching a database for a match based solely on the biometric. For example, an entire database can be searched to verify a per- son has not applied for entitlement benefits under two different names. This is sometimes called “one-to-many”matching. Verification Mode: In this mode, biometric system authenticates a person claimed iden- tity from their previously enrolled pattern. This is also called “one-to- one”matching. In most computer access or network access environments, verification mode would be used. A user enters an account, user name or 6
  • 8. inserts a token such as a smart card, but instead of entering a password, a simple glance at a camera is enough to authenticate the user. Types of Biometrics: There are two types of biometrics: 1. Behavioral biometrics: Used for verification. 2. Physical biometrics: Used for either identification or verification. Behavioral biometrics: • Speaker Recognition - Analyzing vocal behavior. • Signature - Analyzing signature dynamics. • Keystroke - Measuring the time spacing of typed words. Physical biometrics: • Fingerprint - Analyzing fingertip patterns. • Facial Recognition - Measuring facial characteristics. • Hand Geometry - Measuring the shape of the hand. • Iris recognition - Analyzing features of colored ring of the eye. • Vascular Patterns - Analyzing vein patterns. • Retinal Scan - Analyzing blood vessels in the eye. • Bertillonage - Measuring body lengths. 7
  • 9. Characteristics of Biometrics: Biometric characteristics can be divided in two main classes, 1. Physiological 2. Behavioral Physiological - are related to the shape of the body. The oldest traits, that have been used for more than 100 years, are fingerprints. Other exam- ples are face recognition, hand geometry and iris recognition. Behavioral - are related to the behavior of a person. The first charac- teristic to be used, still widely used today, is the signature. More modern approaches are the study of keystroke dynamics and of voice. Figure 2.1: Facial Recognition The human face is one of the easiest characteristic which can be used in biometric security system to identify a user. Face recognition technology, is very popular and is used more widely because it does not require any kind of physical contact between the users and device. Cameras scan the user face and match it to a database for verification. Furthermore, it is easy to install 8
  • 10. and does not require any expensive hardware. Facial recognition technology is used widely in a variety of security systems such as physical access control or computer user accounts. Figure 2.2: Iris Recognition The human iris is a thin circular structure in the eyes which is responsible for controlling the diameter and size of the pupils. It also controls the amount of light which is allowed through to retinal in order to protect the eye’s retina. Iris color is also a variable different to each person depending upon their genes. Iris color will decide eye color for each individual. There are several colors for iris such as: brown, green, blue, grey, hazel, violet, pink. The iris also has its own patterns from eye to eye and person to person, this will make up to uniqueness for each individual. Figure 2.3: Vascular Patterns One of the recent biometric technologies invented is the vein recognition system. Veins are blood vessels that carry blood to the heart. Each person’s 9
  • 11. veins have unique physical and behavioral traits. Taking advantage of this, biometrics uses unique characteristics of the veins as a method to identify the user. Vein recognition systems mainly focus on the veins in the users hands. Each finger on human hand has veins which connect directly with the heart and it has its own physical traits. Figure 2.4: Fingerprint types Our fingerprint is made of a number of ridges and valley on the sur- face of finger that are unique to each human. “Ridges are the upper skin layer segments of the finger and valleys are the lower segments”. The ridges form two minutiae points: ridge endings-where the ridges end, and ridge bifurcations-where the ridges split in two. The uniqueness of a fingerprint can be determined by the different patterns of ridges and furrows as well as the minutiae points. There are five basic patterns which make up the finger- print: the arch such as tented and plain arch covers 5% of fingerprint; left and right loop covers 60% of fingerprints; whorl covers 34% of fingerprints and accidental whorls covers 1% of fingerprints. 10
  • 12. Chapter 3 Basic Mechanisms The diagram shows a simple block diagram of a biometric system. When such a system is networked together with telecommunications technology, biomet- ric systems become tele biometric systems. The main operations a system can perform are enrollment and test. During the enrollment, biometric infor- mation from an individual is stored. During the test, biometric information is detected and compared with the stored information. Note that it is crucial that storage and retrieval of such systems themselves be secure if the bio- metric system is robust. The first block (sensor) is the interface between the real world and our system; it has to acquire all the necessary data. Most of the times it is an image acquisition system, but it can change according to the characteristics desired. The second block performs all the necessary pre- processing: it has to remove artifacts from the sensor, to enhance the input (e.g. removing background noise), to use some kind of normalization, etc. In the third block features needed are extracted. This step is an important step as the correct features need to be extracted and the optimal way. A vector of numbers or an image with particular properties is used to create a template. A template is a synthesis of all the characteristics extracted from the source, in the optimal size to allow for adequate identifiability. 3.1 Biometric Collection Biometrics are typically collected using a device called a sensor. These sen- sors are used to acquire the data needed for recognition and to convert the data to a digital form. The quality of the sensor used has a significant impact on the recognition results. Example “sensors”could be digital cameras (for face recognition) or a telephone (for voice recognition). 11
  • 13. 3.2 Biometric Templates A biometric template is a digital representation of an individuals distinct characteristics, representing information extracted from a biometric sample. Biometric templates are what are actually compared in a biometric recog- nition system. Templates can vary between biometric modalities as well as vendors. Not all biometric devices are template based. For example, voice recognition is based on models. The difference between templates and models is beyond the scope of this paper. 3.3 Biometrics Identification Schemes There are several types of biometric identification schemes: 1. Face - the analysis of facial characteristics. 2. Fingerprint - the analysis of an individuals unique fingerprints. 3. Hand geometry - the analysis of the shape of the hand and the length of the fingers. 4. Retina - the analysis of the capillary vessels located at the back of the eye. 5. Iris - the analysis of the colored ring that surrounds the eyes pupil. 6. Signature - the analysis of the way a person signs his name. 7. Vein - the analysis of pattern of veins in the back of the hand and the wrist. 8. Voice - the analysis of the tone, pitch, cadence and frequency of a persons voice. 3.4 Comparison of Various Biometric Tech- nologies It is possible to understand if a human characteristic can be used for biomet- rics in terms of the following parameters: 1. Uniqueness - is how well the biometric separates individually from another. 12
  • 14. 2. Permanence - measures how well a biometric resist aging. 3. Collectability - eases of acquisition for measurement. 4. Performance - accuracy, speed, and robustness of technology used. 5. Acceptability - degree of approval of a technology. 6. Circumvention - eases of use of a substitute. 3.5 Biometric Modalities Different applications and environments have different constraints. For in- stance, adequate fingerprint samples require user cooperation; whereas, a face image can be Captured by a surveillance camera. Furthermore, Finger- prints are not available for many of the suspects on Watch lists. There are also multiple biometric modalities for technical and financial reasons. Many scientists become interested in developing a system based on their own re- search. Upon a successful implementation, venture capitalist, interested in the implementation of such a system, commercialize a product. Therefore, wide varieties of modalities are being researched and are available on the market. 3.5.1 Fingerprint The patterns of friction ridges and valleys on an individual’s fingertips are unique to that individual. For decades, law enforcement has been classify- ing and determining identity by matching key points of ridge endings and bifurcations. Fingerprints are unique for each finger of a person including identical twins. One of the most commercially available biometric technolo- gies, fingerprint recognition devices for desktop and laptop access are now widely available from many different vendors at a low cost. With these de- vices, users no longer need to type passwords - instead, only a touch provides instant access. Fingerprint systems can also be used in identification mode. Several states check fingerprints for new applicants to social services benefits to ensure recipients do not fraudulently obtain benefits under fake names. New York State has over 900,000 people enrolled in such a system. Advantages: • Subjects have multiple fingers. 13
  • 15. • Easy to use, with some training • Some systems require little space. • Large amounts of existing data to allow background and/or watch list checks. • Has proven effective in many large-scale systems over years of use. • Fingerprints are unique to each finger of each individual and the ridge arrangement remains permanent during one’s lifetime. Disadvantages: • Public Perceptions. • Privacy concerns of criminal implications. • Health or societal concerns with touching a sensor used by countless individuals. 3.5.2 Face Image The identification of a person by their facial image can be done in a number of different ways such as by capturing an image of the face in the visible spectrum using an inexpensive camera or by using the infrared patterns of facial heat emission. Facial recognition in visible light typically model key features from the central portion of a facial image. Using a wide assortment of cameras, the visible light systems extract features from the captured im- ages that do not change over time while avoiding superficial features such as facial expressions or hair. Several approaches to modeling facial images in the visible spectrum are Principal Component Analysis, Local Feature Anal- ysis, neural networks, elastic graph theory, and multi-resolution analysis. Some of the challenges of facial recognition in the visual spectrum include reducing the impact of variable lighting and detecting a mask or photograph. Some facial recognition systems may require a stationary or posed user in order to capture the image, though many systems use a real-time process to detect a person’s head and locate the face automatically. Major benefits of facial recognition are that it is non-intrusive, hands-free, continuous and accepted by most users. 14
  • 16. Advantages: • No contact required. • Commonly available sensors (cameras). • Large amounts of existing data to allow background and/or watch list checks. • Easy for humans to verify results. Disadvantages: • Face can be obstructed by hair, glasses, hats, scarves etc. • Sensitive to changes in lighting, expression, and poses faces changeover time. • Propensity for users to provide poor-quality video images yet to expect accurate results. 3.5.3 Hand Geometry These methods of personal authentication are well established. Hand recog- nition has been available for over twenty years. To achieve personal authen- tication, a system may measure either physical characteristics of the fingers or the hands. These include length, width, thickness and surface area of the hand. One interesting characteristic is that some systems require a small biometric sample (a few bytes). Hand geometry has gained acceptance in a range of applications. It can frequently be found in physical access control in commercial and residential applications, in time and attendance systems and in general personal authentication applications. Advantages: • Easy to capture. • Believed to be a highly stable pattern over the adult lifespan. Disadvantages: • Use requires some training. • Not sufficiently distinctive for identification over large Databases. • Usually used for verification of a claimed enrollment identity. • System requires a large amount of physical space. 15
  • 17. 3.5.4 Speech/voice Speech recognition has a history dating back some four decades, where the output of several analog filters was averaged over time for matching. Speech recognition uses the acoustic features of speech that have been found to differ between individuals. These acoustic patterns reflect both anatomy (e.g., size and shape of the throat and mouth) and learned behavioral patterns (e.g., voice pitch, speaking style). This incorporation of learned patterns into the voice templates (the latter called “voiceprints”) has earned speaker recogni- tion its classification as a “behavioral biometric”. Speech recognition systems employ three styles of spoken input: text-dependent, text-prompted and text independent. Most speaker verification applications use text-dependent in- put, which involves selection and enrollment of one or more voice passwords. Text-prompted input is used whenever there is concern of imposters. The various technologies used to process and store voiceprints includes hidden Markov models, pattern matching algorithms, neural networks, matrix repre- sentation and decision trees. Some systems also use “anti-speaker”techniques, such as cohort models, and world models. Ambient noise levels can impede both collection of the initial and subsequent voice samples. Performance degradation can result from changes in behavioral attributes of the voice and from enrollment using one telephone and verification on another telephone. Voice changes due to aging also need to be addressed by recognition systems. Many companies market speaker recognition engines, often as part of large voice processing, control and switching systems. Capture of the biometric is seen as non-invasive. The technology needs little additional hardware by using existing microphones and voice-transmission technology allowing recog- nition over long distances via ordinary telephones (wire line or wireless). Advantages: • Public Acceptance. • No Contact Required. • Commonly Available Sensors (telephones & microphones). Disadvantages: • Difficult to control sensor and channel variances that significantly im- pact capabilities. • Not sufficiently distinctive for identification over large databases. 16
  • 18. 3.5.5 Iris This recognition method uses the iris of the eye which is the colored area that surrounds the pupil. Iris patterns are thought unique. The iris patterns are obtained through a video-based image acquisition system. Iris scanning de- vices have been used in personal authentication applications for several years. Systems based on iris recognition have substantially decreased in price and this trend is expected to continue. The technology works well in both veri- fication and identification modes. Current systems can be used even in the presence of eyeglasses and contact lenses. The technology is not intrusive. It does not require physical contact with a scanner. Iris recognition has been demonstrated to work with individuals from different ethnic groups and na- tionalities. Advantages: • No contact Required. • Protected internal organ, less prone to injury. • Believed to be highly stable over lifetime. Disadvantages: • Difficult to capture for some individuals. • Easily obscured by eyelashes, eyelids, lens and reflections from the cornea. • Public myths and fears related to scanning the eye with a light source. • Acquisition of an iris image requires more training and attentiveness than most biometrics. • Lack of existing data ability to use for background or watch list checks. • Cannot be verified by a human. 3.5.6 Signature Verification This technology uses the dynamic analysis of a signature to authenticate a person. The technology is based on measuring speed, pressure and angle used by the person when a signature is produced. One focus for this technology has been e-business applications and other applications where signature is an accepted method of personal authentication. 17
  • 19. Chapter 4 Where to use Biometrics? Biometric use involves controlling access to physical locations (laboratories, buildings etc.) Biometrics can be used to determine whether or not a person is already in database such as for social service or national id applications. Biometrics can be used in environments where recognition of an individual is required. Applications vary and range from logical access to a personal computer to physical access of a secured laboratory. They can be used in a variety of collection environments as identification systems. Biometrics are also used for accountability applications such as recording the biometric identities of individuals. Wireless Biometrics: As biometrics systems improve, become smaller and require less power for operation, the potential to integrate into new application grows. The ability to operate the biometrics verification solution from battery supply is unprecedented. Previously, biometrics have been used in combination with personal computers and based on a stringent platform to maintain reasonable performance. However, as the technology for fingerprint recognition is being miniaturized and streamlined for performance, new avenues of application can be found when technologies are integrated together in small, simple and stand-alone packaging. Wireless biometrics will consist of both the hardware and software for the fingerprint scanning devices that will be embedded in wireless handheld devices. The solution will come as a bundle of a range of validation, transaction management and content protection services based on the devices. 18
  • 20. Tele-Biometrics: Tele-biometrics applies biometrics to telecommunications and telecommu- nications to remote biometric sensing. With the emergence of multimodal biometrics systems gathering data from different sensors and contexts, Inter- national Standards that support systems performing biometric enrollment and verification or identification have begun to focus on human physiological thresholds as constraints and frameworks for “plug and play”tele-biometric networks. Attending to these wetware protocols has become particularly ur- gent in the context of a recent study suggesting possible pathological effects from RFID transponders implanted in dogs. 4.1 Biometric Devices: • Optical Fingerprint Scanner - Our biometric hamster is the next generation model of popular and versatile biometric fingerprint readers. Packaged in a comfortable, ergonomic design, this biometric scanner features the industry’s most rugged and advanced optical sensor using patented SEIR fingerprint biometric technology. • Optic-Mouse - Optic-Mouse is an innovative optical tracking mouse that can operate on almost any surface with exceptional response, it features the industry’s most rugged and advanced optical sensor using patented SEIR fingerprint biometric technology. • iGuard - Integrated Access Control and Time Attendance Sys- tem - iGuard is a complete solution combining a access control system and time attendance system. It utilizes patented embedded web server technology combined with biometrics and smart card authentication. This is the world sonly available system that has achieved advanced op- erability using world-renowned TCP/IP networking protocol without having to compromise on security. • Personal Fingerprint Safes - Biometric personal safes are revolu- tionary locking storage cases that open with just the touch of your finger. These products are designed as “access denial”secure storage for medications, jewelry, weapons, documents, and other valuable or potentially harmful items. • Biometric Fingerprint Door Locks - Your fingerprint is the key with our revolutionary fingerprint door lock. This amazing new prod- 19
  • 21. uct replaces keyed locking mechanisms with a fingerprint sensor that actually recognizes who is and who is not authorized to enter. • Biometric Versus Forensic - While both biometrics and forensic involves human recognition, biometrics is typically applied using au- tomated techniques to prevent situation application such as gaining access to sensitive information or to a secured facility. Forensic appli- cations typically occur after a crime has occurred, and may not use fully automated methods. Forensic methods are often used to assist in the legal process. Forensic usually requires days of processing and are held to much higher accuracy requirements. 4.2 Biometric Applications • Biometric Time Clocks - Which are being increasingly used in var- ious organizations to control employee timekeeping. • Biometric safes and biometric locks - Provides security to the homeowners. • Biometric access control systems - Providing strong security at entrances. Biometric systems are also developed for securing access to PC’s and providing single logon facilities. • Wireless biometrics - for high end security and providing safer trans- actions from wireless devices like PDA’s, etc. • Identifying DNA Patterns - of biometrics technology in identifying DNA patterns for identifying criminals, etc. • Biometrics airport security - devices are also deployed at some of the worlds famous airports to enhance the security standards. 4.3 Biometric Security A concern is how a person’s biometric, once collected, can be protected. Aus- tralia has therefore introduced a Biometrics Institute Privacy Code Biomet- rics Institute in order to protect consumer personal data beyond the current protections offered by the Australian Privacy Act. 20
  • 22. Sociological Concerns: As technology advances, and time goes on, more private companies and public utilities may use biometrics for safe, accurate identification. These advances are likely to raise concerns such as: • Physical - Some believe this technology can cause physical harm to an individual using the methods or that instruments used are unsanitary. For example, there are concerns that retina scanners might not always be clean. • Personal Information - There are concerns whether our personal in- formation taken through biometric methods can be misused, tampered with or sold, e.g. by criminals stealing, rearranging or copying the bio- metric data. Also, the data obtained using biometrics can be used in unauthorized ways without the individual’s consent. Danger to owners of secured items: When thieves cannot get access to secure properties, there is a chance that person secured items the thieves will stalk and assault the property owner to gain access. If the item is secured with a biometric device, the damage to the owner could be irreversible, and potentially cost more than the secured property. In 2005, Malaysian car thieves cut off the finger of a Mercedes-Benz S-Class owner when attempting to steal the car. Cancelable Biometrics: Physical features, such as face, fingerprint, iris, retina, hand, or behav- ioral features, such as signature, voice, gait, must fulfill a certain criterion to qualify for use in recognition. They must be unique, universal, accept- able, collectable and convenient to the person, in addition, to reliability at recognition, performance and circumvention. However, most importantly, permanence is a key feature for biometrics. They must retain all the above features in particular the uniqueness unchanged, or acceptably changed, over the lifetime of the individual. On the other hand, this fundamental feature has brought biometrics to challenge a new risk. If biometric data is obtained, for example compromised from a database, by unauthorized users, the gen- uine owner will lose control over them forever and lose his/her identity. 21
  • 23. Chapter 5 Security Threats for Mobile Platforms The usage of the mobile phone over the last few years has made fundamental changes in our daily life. Mobile devices, namely Personal Digital Assistants (PDAs) and smart phones are containing ever more personal information, including address books, schedules as well as payment information. Smart phones or mobile phones with advanced capabilities like those of personal computers (PCs) are appearing in more peoples pockets, purses, and brief- cases. Smart phones popularity and relatively lack security have made them attractive targets for attackers. Mobile phones are becoming more and more valuable as targets for attack. People are using smart phones for an increasing number of activities and often store sensitive data, such as email, calendars, contact information and password on the devices. Mobile applications for social networking keep a wealth of personal information. 5.1 Vulnerablity A weakness that is inherent in every network and device. This includes routers, switches, desktops, servers and even security devices themselves. 5.2 Threats People eager, willing and qualified to take advantage of each security weak- ness and they continually search for new exploits and weaknesses. 22
  • 24. 5.3 Attacks Threats use a variety of tools, scripts and programs to launch attacks against networks and network devices. Typically the network devices under attack are the endpoints such as servers and desktops. Table below shows the various attacks on mobile devices. Attacks Causes Attack Type Mobile Security (Features) Affects Mobility Lost or Authentication, theft device Confidentiality Limited resources DoS (Denial of Service) Data Integrity, Confidentiality, Availability Strong Connectivity Viruses or worms Data Integrity, Requirement (malware) Confidentiality and Charging Table 5.1: Various Attacks on Mobile Devices Several major security issues loom over the use of such devices, including • Mobile devices are often stolen or missing, due to their small size. • The contents in the mobile devices are unencrypted or encrypted under a flawed protocol. • Mobile devices are pron to middle-man attack or viruses attack from wireless connection. • User authentication is weak or disabled or in a common default mode, the authentication mechanism is single static password authentication can be circumvented easily. 23
  • 25. Chapter 6 Biometrics Performance Evaluation Biometrics does not operate like passwords, where the correct input of the secret knowledge can assure access to the system with 100provide a sample, but several factors may still cause them to be rejected by the system. These factors might be environmental or related to the underlying uniqueness of the characteristics involved. This might not only lead to rejecting an authorized user but also in accepting an impostor. The quality metrics used to evaluate the performance of the biometric system are as follows: • False Acceptance Rate (FAR) - which represents the probability of an impostor getting accepted by the system (sometimes referred to as the Impostor Pass Rate). • False Rejection Rate (FRR) - which represents the probability of falsely rejecting an authorized user (sometimes referred to as the False Alarm Rate). • Failure to Enroll Rate (FTE) - which refers to situation where the sample is not able to provide enough information to create a template. That can be due to noise from the capture or a lack of features from the user, for example burned fingers. • Failure to Acquire Rate (FTA) - which refers to the situation where the system is unable to acquire a sample from the user. 24
  • 26. Chapter 7 Future Outlook According to most experts, the future of biometrics is dependent upon two critical areas: Standardization and the use of Hybrid Technologies. Standardization: Currently, the biometrics industry is very fragmented, with more than 150 companies with their own proprietary systems and methodologies. Stan- dards have only recently been established in order to provide direction for the development of a common interface that will allow for shared biometric tem- plates. The BioAPI standard created by the BioAPI Consortium, a group of more than 60 vendors and government agencies, defines a common structure for interfacing with biometrics. Yet, competitive forces remain as technol- ogy giants like Microsoft have abandoned the consortium and the BioAPI standard in order to develop their own proprietary software standards. The development and acceptance of a primary standard is critical for the growth and applicability of the biometrics industry. Only after the technological standard is more established can systems integrate and interact efficiently. Hybrid Technologies: One of the critical concerns with the use of biometric technologies is that of privacy and security of stored personal biometric data. To have personal data stored in a centralized database leaves the information potentially open to theft or compromise. The concept of combining smart card or public key infrastructures with biometric readers where the biometric template is stored on an individually controlled key has been suggested as a solution for the privacy concern and is considered by some critical to the advancement of biometric applications. Biometrics is a powerful combination of science and 25
  • 27. technology that can be used to protect and secure our most valuable infor- mation and property. The future holds no limits for this industry as more applications are found. Further, the technology itself continues to improve in terms of application and accuracy. From the application of total body scan- ning for highest security areas to speed and accuracy of identification when shopping on-line, the applications are boundless. Imagine a world where in- terstate air travel is allowed automatically via a full body scan that not only verifies identity but simultaneously searches for insecure or illegal parapher- nalia. Where access to one is bank or credit accounts is only granted after identification via iris or retina scan. Where a shopping trip is made possible by a vehicle that operates only with biometric verification of ownership and payment is made via a fingerprint scan that links directly to one is credit account. In the future, we will live in a faster paced, more secure world where verification of one is identity is critical for daily activities. While some might argue that privacy and personal “freedom”are sacrificed with this level of control, most believe that it is the necessary price for a secure world envi- ronment. 26
  • 28. Chapter 8 References 1. M.Sujithra, Dr. G.Padmavathi, “Mobile Device Security-A survey on Mobile Device Threats, Vulnerabilities and their Defensive Mech- anism,”International Journal of Computer Applications (IJCA), Vol. 56, No. 14, 2012. 2. Anurag Kumar Jain, DevendraShanbhag, “Addressing Security and Risks in Mobile Applications,”2012. 3. Roberta Cozza, “Forecast: Mobile Communications Devices by Open Operating System, Worldwide,”Gartner, 2011. 4. M.Sujithra, Dr. G.Padmavathi, “Biometrics for Low Power Mobile Devices,”International Conference on Mathematical Modelling and Ap- plied Soft Computing, Vol. 2, 2012. 5. Paul Ruggiero and Jon Foote, “Cyber Threats to Mobile,”Produced for US-CERT, a government organization, Carnegie Mellon University - US, 2011. 6. C.R. Mulliner, “Security of smart phones,”Masters thesis submitted to University of California, Santa Barbara, 2006. 7. M.Sujithra, Dr. G.Padmavathi, “Biometric System Penetration in Re- source Constrained Mobile Device,”International Journal on Bioinfor- matics & Biosciences (IJBB) Vol. 3, No. 1, March 2013. 8. Anil K. Jain, Arun Ross and Salil Prabhakar, “An Introduction to Biometric Recognition,”IEEE Transactions on Circuits and Systems for Video Technologies, Vol. 14, No. 1, 2004. 27