1. Field of the Invention
The present invention relates generally to the field of biometrics based identification, and more particularly to a biometrics template matching method, a biometrics based identification method, device and system, as well as a portable data carrier with processor and a secured electronic system.
2. Description of the Related Art
There is an increasing need for univocally identifying a person before granting or refusing access to a secured environment, e.g. for securing access to sensitive data or applications in computers and computer networks, for securing access to restricted areas, for securing transactions, for digitally signing electronic documents and so on.
Identification through use of biometrics (“what you are”), i.e. of physical or behavioural characteristics that are permanent and univocal to each individual, has become widespread because of its higher resistance to fraud attempts than identification through a token (“what you have”) or a password or similar (“what you know”). Biometric characteristics comprise i.a. fingerprints, iris or retina, hand or face geometry, speech, signature, writing and typewriting.
The following discussion will be focused on fingerprints. It is however understood that the underlying principles of the invention can also be applied to other biometric characteristics, particularly geometric characteristics such as iris, retina, hand and face geometry.
To make use of fingerprints for identification, a reference image of the fingerprint of a person is initially taken, and a so-called enrolment template of a few representative features thereof, called minutiae, is stored for later comparison or matching with so-called candidate templates from fingerprints each time detected from the purported person.
To increase safety against the enrolment template being copied for fraudulent use, instead of maintaining a central database of fingerprints from registered users of a secured environment, the enrolment template can be stored in a portable data carrier.
A user to be identified thus needs to present both the portable data carrier and his/her finger to an identification device, thus embodying a two factor identification.
In “Match-On-Card” biometrics based identification systems, the comparison between enrolment template and candidate template is performed by the portable data carrier itself, in the form of a smart card with microprocessor. This further enhances the resistance of the identification system, in that there is no need for the enrolment template to be released by the smart card.
WO 03/007125 discloses a device for securely communicating with a server, comprising a biometric sensor, a processor, and a smart card comprising matching logic and a secure data storage module containing stored biometric data and sensitive data such as an encryption key. A biometric sample from the sensor is compared with the stored biometric data by the smart card matching logic. If they match, the processor accedes the sensitive data from the smart card and communicates with the server using the sensitive data. WO 03/007125 generally relies on known matching methods, such as statistical methods, piecewise linear classifiers, and rule-based methods.
The biometric characteristics are complex and thus represented by large electronic representations (images, voice signals etc.), and their detection, though preserving the uniqueness of the biometric characteristic itself, is subject to changes and errors. For example, in the case of fingerprints, a same user's finger will hardly ever be pressed exactly in the same position on the biometric detector. Consequently, two biometric templates taken from two detections of a same user's finger may not contain the same minutiae, and the minutiae present in both templates may differ in position and orientation. Known matching methods then typically involve a rotation and translation of one template with respect to the other, in an attempt to superimpose the templates as if they were taken from fingers in a same position. Such alignment step is followed by a comparison of pairs of minutiae from the two templates. Biometric template matching thus generally requires a great deal of memory and computational resources to carry out the alignment step.
M. Osborne and N. K. Ratha, in “A JC-BioAPI Compliant Smart Card with Biometrics for Secure Access Control”, J. Kittler and M. S. Nixon (Eds.): AVBPA 2203, LNCS 2688, pp. 903-910, 2003, disclose a fingerprint-based match-on-card application. The document recognises that a matching algorithm run on a smart card faces significant constraints because of the restricted resources of the smart card, especially the non-availability of floating point coprocessors. Accordingly, the matching algorithm should only use limited amounts of dynamic memory and as few computational cycles as possible, and the biometric feature extraction should be performed outside of the smart card. According to the document, the JavaCard-BioAPI standard developed by the Java Card Forum allows securely enrolling a reference biometrics on the card, and later performing a candidate biometrics validation without exposing the reference data outside of the card. The actual matching algorithm is left to independent development in the industry.
Y. Gil et al., in “Fingerprint Verification System Involving Smart Card”, P. J. Lee and C. H. Lim (Eds.): ICISC 2002, LNCS 2587, pp. 510-524, 2003, disclose a match-on-card system using a multi-resolution accumulator array designed to meet the processing power and memory space specification of the smart cards. The system of the document involves, at the verification phase: an image preprocessing step wherein the fingerprint image is refined against the image distortion obtained from a sensor; a minutiae extraction step wherein a template file is created, including the position, direction and type of some of the minutiae; and a minutiae matching step wherein the input fingerprint is compared with the enrolled fingerprint. The minutiae matching step comprises an alignment stage wherein transformations such as translation and rotation between two fingerprints are estimated, and two minutiae are aligned according to the estimated parameters; and a matching stage wherein two minutiae are compared based on their position, direction and type, and a matching score is computed. In the alignment stage, a discretized transformation comprising a rotation and a translation from each minutia of an input fingerprint image into each minutia of an enrolled fingerprint image is found, and the occurrences of each transformation are counted. In order to reduce the memory space requirements of the algorithm to allow implementation in a smart card, the document proposes to reiterate the alignment stage from a coarser resolution to finer resolution(s) of the transformation space, centred around the most accumulated transformation of the preceding iteration. This is done at the expenses of a greater number of instructions being performed, i.e. at the expenses of a longer execution time. Furthermore, the search for the transformation requires trigonometric functions, that are not available in standard smart cards.