For the purpose of security and other reasons electronic devices, systems, and services may be protected by one or more authentication protocols such as a password authentication protocol. In an example password authentication protocol, an individual may supply a username and password to a service provider (e.g., his or her email provider). The service provider may store this information in association with the individual's account. When the individual wishes to access the account, he/she may log in to the service by providing his/her user name and password through a relevant portal such as a website or other application.
Although password authentication protocols are useful, they are becoming increasingly cumbersome as the number of user accounts and the need to use secure (e.g. complex and/or hard to remember) passwords increases. Such protocols also frequently require the storage of a username and password combination on a third party system such as an authentication server. Because authentication servers often store copious amounts of user account information, they may be considered a prime target for attack by malicious software and/or a hacker. If either or both of those entities successfully attack and gain access to the authentication server, the usernames and passwords stored in the server may be compromised.
Biometric authentication protocols have been considered as an alternative to password authentication protocols for user identity verification. Although useful, existing biometric authentication protocols may require users to provide reference templates including samples of their biometric information to a remote authentication agent such as an authentication server operated by an enterprise or third party authentication service. This may raise the same concerns as some password authentication protocols, in that a user's biometric reference templates may be compromised by a hacker or malicious software targeting the authentication server.
In addition, when a user provides a biometric reference template to a service provider, he/she may lose some or all control over that template and the information contained therein. Indeed, once reference biometric information is provided to a service provider, it may be difficult to for a user to revoke or otherwise delete that information from the service provider's systems. This may give rise to privacy and/or other concerns, particularly as the biometric information in a reference template may be considered personal private information of the user.
Local biometric authentication protocols have also been considered an option to password authentication protocols. In an example local biometric authentication protocol, authentication is performed by a local (client) device based on biometric reference templates stored in its memory, rather than on a centralized authentication server operated by a service provider. In such instances, the local device may attempt to verify user identity by comparing biometric test information obtained from the user with sensors available to the local device, and comparing the biometric test information against the biometric reference templates stored in the memory of the local device.
While local biometric authentication protocols are useful, such systems may still require substantially permanent storage of biometric reference templates in the client device. As a result, such systems may suffer from the same privacy concerns as a biometric authentication protocol that leverages a remote authentication server. These privacy concerns may be elevated in instances where the device performing the authentication may be easily lost and/or shared amongst multiple users, such as may be the case with mobile or other electronic devices that may be rented. Moreover, a client side biometric authentication protocol may not be capable of identifying a user unless the user has previously provided a biometric reference template to the client device performing the protocol.
Although the following detailed description will proceed with reference being made to illustrative embodiments, many alternatives, modifications, and variations thereof will be apparent to those skilled in the art.