Biometrics relates to measuring and analyzing features of the human body such as fingerprints, retina vein patterns, irises, voice patterns, facial structure, and hand/finger measurements for either authentication (i.e., one-to-one verification—“Am I who I claim I am?”), or identification (i.e., one-from-many identification—“Who am I?”) purposes.
A particular use of biometric authentication is to provide a more secure identity authentication, compared with, for example, access badges (which can be lost or stolen) or pass codes (which can be used by someone other than the authorized individual).
Generally, biometric systems include capture devices to acquire biometric information, software algorithms for effective authentication/identification, and databases that store reference biometric data for comparison.
Biometric data is generated first by a step of enrollment in which a biometric characteristic, such as a fingerprint, is captured by an appropriate sensor, such as a fingerprint scanner. The captured information is then mathematically transformed into a numerical model called a reference template. The mathematical transformation is conventional in the art, specified in, for example, American National Standard for Information Technology—“Finger Minutiae Format for Data Interchange”: ANSI INCITS 378-2004 and its revisions. Thereafter, one or more reference templates are stored in a conventional computer database as data files. The reference templates are sometimes known in the art as “gallery” templates. For the sake of simplicity in the present application, they will be referred to herein simply as reference templates.
For authentication (i.e., proof of identity), an individual presents his biometric characteristic by way of an appropriate detector or reader, such as a fingerprint scanner, palm scanner, retinal scanner, or a camera (for taking a facial image, for example). The detected biometric characteristic is then mathematically transformed into an input template (sometimes known in the art as a “probe” template) using the same transformation for creating the reference template, thereby creating an input template that can be compared with a respective stored reference template to confirm or reject the identity of the individual. The process of identification is similar, but the input template instead is compared against a plurality of stored reference templates to try to find a match.
To date, secure biometric authentication systems are based on client-server network arrangements, such as the conventional arrangement shown in FIG. 1.
With reference to FIG. 1, the biometric reference templates 110 are stored on or operably associated with (such as by way of a conventional database) one or more servers 100 remote from the individuals to whom the templates correspond. The user U (on the client side) has a smart device 102, such as a smart phone or computer, which includes an integrated biometric reader, such as a fingerprint scanner. The user U authenticates his identity by swiping the appropriate fingertip 104 across the scanner so that the fingerprint is read. The smart device 102 then transmits an authentication request 106 (including encrypted information corresponding to the fingerprint scan) via a communication network 108 to the remote server 100 where the corresponding reference template 110 is operably stored. A comparison between the fingerprint scan, converted into an input template, and the relevant reference template is made on the server side, and an authentication success/failure response 112 is returned to the client side via the network 108.
However, this conventional arrangement has some important disadvantages with respect to data privacy and network performance.
Ultimately, biometric information is personal information about an identifiable individual. As the use of biometric authentication increases, the manner in which the information is used and retained raises privacy concerns. Indeed, retention of biometric templates on third-party servers outside of the control of the concerned individual raises the possibility of, for example, tracking that individual's location and activity without the individual being aware, particularly if there is not a high degree of trust between the individual and the third party controlling the server.
In addition to the privacy issues mentioned above, the conventional arrangement of FIG. 1 generates a high data transmission load because of the large amount of traffic, usually consisting of large-sized transmissions of encrypted biometric data, directed to the remote server (where the reference biometric templates are stored). The arrangement of FIG. 1 is also not very scalable as a function of the number of client-side users.