Authentication is the verification of a claim about the identity of a person or a system. The information about human physiological and behavioral traits, collectively called biometric information or simply biometrics, can be used to identify a particular individual with a high degree of certainty and therefore can authenticate this individual by measuring, analyzing, and using these traits. Well-known types of biometrics include photographs, fingerprints, palm prints, iris scans, and blood vessel scans. A great variety of specific devices are used to extract and collect biometric information which are referred to hereinafter as biometric scanners. Despite all advantages of using biometrics over using other methods for authentication of people, the biometric information of an individual can have significant weaknesses. The biometric information has a low level of security in that it can be counterfeited. The biometric in formation once compromised is not easily changeable or replaceable. Another problem is that biometric information is inexact and time varying, “noisy” (e.g., it is not like a password or a PIN code) as it cannot be reproduced exactly from one measurement to another, and thus it can be matched only approximately when used in conjunction with biometric scanners. All these weaknesses and problems imperil the confidence in the reliable use of biometrics in everyday life.
One of the most widely used biometrics is the fingerprint—it has been used for identifying individuals for over a century. The surface of the skin of a human fingertip consists of a series of ridges and valleys that form a unique fingerprint pattern. The fingerprint patterns are highly distinct, they develop early in life, and their details are relatively permanent over time. In the last several decades, extensive research in algorithms for identification based on fingerprint patterns has led to the development of automated biometric systems using fingerprints with various applications including law enforcement, border control, enterprise access and access to computers and other portable devices. Although fingerprint patterns change little over time, changes in the environment (e.g., humidity and temperature changes), cuts and bruises, and changes due to aging pose challenges to using fingerprint patterns in conjunction with scanning devices for identifying individuals. Similar problems exist when using other biometric information in conjunction with scanners for identifying individuals.
Using biometric information for identifying individuals involves the steps of biometric enrolment and biometric verification. For example, in the case of fingerprint patterns, a typical biometric enrolment requires acquiring a fingerprint image with a fingerprint scanner, extracting from the fingerprint image information that is sufficient to identify the user, and storing the extracted information as template biometric information for future comparison with subsequently provided fingerprint images. Several, typically three, images are acquired from the same fingertip for biometric enrolment. A typical biometric verification involves acquiring another subsequent image of the fingertip and extracting from that image information query biometric information which is then compared with the template biometric information. If the compared information is sufficiently similar, the result is deemed to be a biometric match. In this case, the user's identity is verified positively and the user is successfully authenticated. If the compared information is not sufficiently similar, the result is deemed a biometric on-match, the user's identity is not verified, and the biometric authentication fails.
One proposed way of improving or enhancing the security of the systems that use biometric information is by using digital watermarking—embedding information into digital signals that can be used, for example, to identify the signal owner and to detect tampering with the signal. The digital water mark can be embedded in the signal domain, in a transform domain, or added as a separate signal. If the embedded information is unique for every particular originator (e.g., in the case of an image, the camera or the scanner used to acquire the image), the digital watermarking can be used to establish authenticity of the digital signal by methods well known in the prior art. However, robust digital watermarking, i.e., one that cannot be easily detected, removed, or copied, requires computational power that is typically not available in biometric scanners and, generally, comes at high additional cost. In order to ensure the uniqueness of the originator (e.g., the camera or scanner), the originator also needs an intrinsic, inherent source of randomness.
To solve the problem of associating a unique number with a particular system or device, it has been proposed to store the number in a flash memory or in a mask Read Only Memory (ROM). The major disadvantages of this proposal are the relative high added cost, the man-made randomness of the number, which number is usually generated during device manufacturing, and the ability to record and track this number by third parties. There have also been proposals to introduce randomness by exploiting the variability and randomness created by mismatch and other physical phenomena in electronic devices or by using physically unclonable functions (PUF) that contain physical components with sources of randomness. Such randomness can be explicitly introduced (by the system designer) or intrinsically present (e.g., signal propagation delays within batches of integrated circuits). However, all of these proposed methods and systems come at additional design, manufacturing, and/or material cost.
The prior art teaches methods for identification of digital cameras based on the sensor pattern noise: fixed pattern noise and photo-response non-uniformity. However, these methods are not suited to be used for biometric authentication using fingerprints because the methods require many (in the order of tens to one hundred) images, taken under special conditions and with specific texture. The prior art methods also use computationally intensive signal processing with many underlying assumptions about the statistical properties of the sensor pattern noise. Attempts to apply these methods for authentication of optical fingerprint scanners have been made in laboratory studies without any real success and they are insufficiently precise when applied to capacitive fingerprint scanners, because the methods implicitly assume acquisition models that are specific for the digital cameras but are very different from the acquisition process of capacitive fingerprint scanners. Attempts to apply these methods to fingerprint scanners have been made, which only demonstrated the unsuitability of these methods for authentication (and identification) of capacitive fingerprint scanners, and in particular their unsuitability for systems with limited computational power. The prior art also teaches about distinguishing among different types and models of digital cameras based on their processing artifacts (e.g., their color filter array interpolation algorithms), which is suited for camera classification (i.e., determining the brand or model of a particular camera), but not for camera identification (i.e., which particular camera has acquired a particular image).
Aside from the high cost associated with the above described security proposals, another disadvantage is that they cannot be used in biometric scanners that have already been manufactured and placed in service.