Prior to granting a user access to a resource, contemporary authentication systems often require the user to manually provide their credentials by typing a password on a keypad or scanning a physical security token (e.g., swiping a keycard). More recently, “hand-free” authentication systems have been introduced, which allow the user to provide his or her credentials with minimal input. Some of these hands-free authentication systems controls access to a resource via biometric means. In this regard, an individual could present, for authenticating oneself to an access device of the system, biometric data that is derived from one or more physical characteristics innate to the individual (e.g., a photo of the face, a retinal scan, a fingerprint, a voice print). Thus, an individual would not need to remember passwords, provide answers to security questions, or keep a physical security token.
However, existing biometrics-based authentication systems are not without problems. For instance, such systems can be slow or cumbersome to use. In other cases, users may raise privacy concerns when asked to provide biometric information. Furthermore, biometric data may be vulnerable to theft and abuse by various bad actors. For example, while the vast majority of access devices may be trustworthy, it is possible to encounter an access device that has been hacked or otherwise compromised.
Embodiments of the present invention address these problems and other problems individually and collectively.