Scheduled System Maintenance on May 29th, 2015:
IEEE Xplore will be upgraded between 11:00 AM and 10:00 PM EDT. During this time there may be intermittent impact on performance. We apologize for any inconvenience.
By Topic

On security of multi-factor biometric authentication

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Al-Assam, H. ; Dept. of Appl. Comput., Univ. of Buckingham, Buckingham, UK ; Sellahewa, H. ; Jassim, S.

This paper focuses on security and accuracy of multi-factor biometric authentication schemes that are based on applying User-Based Transformations (UBTs) on biometric features. Typically, UBTs employ transformation keys generated from passwords/PINs or retrieved from a token. In this paper, we argue that the effect of compromised transformation keys on authentication accuracy has not been tested rigorously, and that the widely reported claim in the literature that in the case of stolen keys, accuracy drops but remains close to the accuracy of biometric only system is based on false assumptions. We show that multi-factor authentication systems setup to operate at a zero or near zero EER can be undermined in the event of keys being compromised where the False Acceptance Rate reaches unacceptable levels. This research also demonstrates by experiments on iris, fingerprint, and face biometrics that probabilities of impostors with stolen keys being falsely accepted are 21%, 56%, and 66% respectively.

Published in:

Internet Technology and Secured Transactions (ICITST), 2010 International Conference for

Date of Conference:

8-11 Nov. 2010