Cancellable biometrics and annotations on BioHash

Research output: Contribution to journalArticle

112 Citations (Scopus)

Abstract

Lately, the once powerful one-factor authentication which is based solely on either password, token or biometric approach, appears to be insufficient in addressing the challenges of identity frauds. For example, the sole biometric approach suffers from the privacy invasion and non-revocable issues. Passwords and tokens are easily forgotten and lost. To address these issues, the notion of cancellable biometrics was introduced to denote biometric templates that can be cancelled and replaced with the inclusion of another independent authentication factor. BioHash is a form of cancellable biometrics which mixes a set of user-specific random vectors with biometric features. In verification setting, BioHash is able to deliver extremely low error rates as compared to the sole biometric approach when a genuine token is used. However, this raises the possibility of two identity theft scenarios: (i) stolen-biometrics, in which an impostor possesses intercepted biometric data of sufficient high quality to be considered genuine and (ii) stolen-token, in which an impostor has access to the genuine token and used by the impostor to claim as the genuine user. We found that the recognition rate for the latter case is poorer. In this paper, the quantised random projection ensemble based on the Johnson-Lindenstrauss Lemma is used to establish the mathematical foundation of BioHash. Based on this model, we elucidate the characteristics of BioHash in pattern recognition as well as security view points and propose new methods to rectify the stolen-token problem.

Original languageEnglish
Pages (from-to)2034-2044
Number of pages11
JournalPattern Recognition
Volume41
Issue number6
DOIs
Publication statusPublished - 2008 Jun 1

Fingerprint

Biometrics
Authentication
Pattern recognition

All Science Journal Classification (ASJC) codes

  • Software
  • Signal Processing
  • Computer Vision and Pattern Recognition
  • Artificial Intelligence

Cite this

@article{44dfd97500e84c2899af41c6b750ac60,
title = "Cancellable biometrics and annotations on BioHash",
abstract = "Lately, the once powerful one-factor authentication which is based solely on either password, token or biometric approach, appears to be insufficient in addressing the challenges of identity frauds. For example, the sole biometric approach suffers from the privacy invasion and non-revocable issues. Passwords and tokens are easily forgotten and lost. To address these issues, the notion of cancellable biometrics was introduced to denote biometric templates that can be cancelled and replaced with the inclusion of another independent authentication factor. BioHash is a form of cancellable biometrics which mixes a set of user-specific random vectors with biometric features. In verification setting, BioHash is able to deliver extremely low error rates as compared to the sole biometric approach when a genuine token is used. However, this raises the possibility of two identity theft scenarios: (i) stolen-biometrics, in which an impostor possesses intercepted biometric data of sufficient high quality to be considered genuine and (ii) stolen-token, in which an impostor has access to the genuine token and used by the impostor to claim as the genuine user. We found that the recognition rate for the latter case is poorer. In this paper, the quantised random projection ensemble based on the Johnson-Lindenstrauss Lemma is used to establish the mathematical foundation of BioHash. Based on this model, we elucidate the characteristics of BioHash in pattern recognition as well as security view points and propose new methods to rectify the stolen-token problem.",
author = "Teoh, {Andrew B.J.} and Kuan, {Yip Wai} and Sangyoun Lee",
year = "2008",
month = "6",
day = "1",
doi = "10.1016/j.patcog.2007.12.002",
language = "English",
volume = "41",
pages = "2034--2044",
journal = "Pattern Recognition",
issn = "0031-3203",
publisher = "Elsevier Limited",
number = "6",

}

Cancellable biometrics and annotations on BioHash. / Teoh, Andrew B.J.; Kuan, Yip Wai; Lee, Sangyoun.

In: Pattern Recognition, Vol. 41, No. 6, 01.06.2008, p. 2034-2044.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Cancellable biometrics and annotations on BioHash

AU - Teoh, Andrew B.J.

AU - Kuan, Yip Wai

AU - Lee, Sangyoun

PY - 2008/6/1

Y1 - 2008/6/1

N2 - Lately, the once powerful one-factor authentication which is based solely on either password, token or biometric approach, appears to be insufficient in addressing the challenges of identity frauds. For example, the sole biometric approach suffers from the privacy invasion and non-revocable issues. Passwords and tokens are easily forgotten and lost. To address these issues, the notion of cancellable biometrics was introduced to denote biometric templates that can be cancelled and replaced with the inclusion of another independent authentication factor. BioHash is a form of cancellable biometrics which mixes a set of user-specific random vectors with biometric features. In verification setting, BioHash is able to deliver extremely low error rates as compared to the sole biometric approach when a genuine token is used. However, this raises the possibility of two identity theft scenarios: (i) stolen-biometrics, in which an impostor possesses intercepted biometric data of sufficient high quality to be considered genuine and (ii) stolen-token, in which an impostor has access to the genuine token and used by the impostor to claim as the genuine user. We found that the recognition rate for the latter case is poorer. In this paper, the quantised random projection ensemble based on the Johnson-Lindenstrauss Lemma is used to establish the mathematical foundation of BioHash. Based on this model, we elucidate the characteristics of BioHash in pattern recognition as well as security view points and propose new methods to rectify the stolen-token problem.

AB - Lately, the once powerful one-factor authentication which is based solely on either password, token or biometric approach, appears to be insufficient in addressing the challenges of identity frauds. For example, the sole biometric approach suffers from the privacy invasion and non-revocable issues. Passwords and tokens are easily forgotten and lost. To address these issues, the notion of cancellable biometrics was introduced to denote biometric templates that can be cancelled and replaced with the inclusion of another independent authentication factor. BioHash is a form of cancellable biometrics which mixes a set of user-specific random vectors with biometric features. In verification setting, BioHash is able to deliver extremely low error rates as compared to the sole biometric approach when a genuine token is used. However, this raises the possibility of two identity theft scenarios: (i) stolen-biometrics, in which an impostor possesses intercepted biometric data of sufficient high quality to be considered genuine and (ii) stolen-token, in which an impostor has access to the genuine token and used by the impostor to claim as the genuine user. We found that the recognition rate for the latter case is poorer. In this paper, the quantised random projection ensemble based on the Johnson-Lindenstrauss Lemma is used to establish the mathematical foundation of BioHash. Based on this model, we elucidate the characteristics of BioHash in pattern recognition as well as security view points and propose new methods to rectify the stolen-token problem.

UR - http://www.scopus.com/inward/record.url?scp=38949203738&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38949203738&partnerID=8YFLogxK

U2 - 10.1016/j.patcog.2007.12.002

DO - 10.1016/j.patcog.2007.12.002

M3 - Article

AN - SCOPUS:38949203738

VL - 41

SP - 2034

EP - 2044

JO - Pattern Recognition

JF - Pattern Recognition

SN - 0031-3203

IS - 6

ER -