Biometrics and Internet Security Research Group | dasec
MBASSy – Modular Biometric Authentication Service System
MBASSy (Modular Biometric Authentication Service System)
Since the introduction of the iPhone, the number of smartphone users is steadily increasing. Because a variety of personal or business data is stored on smartphones, an increased need for information protection arises compared to traditional mobile phones. Current authentication solutions on these devices use knowledge-based methods, where the PIN is the dominant approach. Since passwords and PINs are often forgotten, and the input is perceived as disturbing, the research and development of user-friendly authentication solutions is an important task.
The aim of this project is to develop a modular authentication framework for mobile devices, which can be used for the development and testing of biometric techniques. A first version is available for the android operating system and was extended by biometric modules developed by students, graduate students and companies. Examples of such modules include gait, fingerphoto and speaker recognition. Future versions will adhere to the BioAPI ISO standard.
This module is implemented as a background module, meaning that the authentication can be performed without user interaction. It is based on machine learning algorithms and uses the built-in accelerometer in smartphones to obtain biometric samples.
Each enrolment process requires a user to walk for five minutes without stopping. In these five minutes, the module collects samples from the built-in accelerometer, performs preprocessing on the data and trains a k-nearest neighbour (kNN) algorithm. Training the kNN-algorithm also requires the presence of impostor data. The computed reference template is finally stored in the database.
As soon as the screen of a smartphone goes to sleep, the module is notified by the authentication system and starts to collect samples for 30 seconds. After the collection stops, the kNN reference template in the database is used to classify the data. The classification result is stored locally. The data collection and classification are performed iteratively. After activating the screen, the module receives an authentication request from MBASSy and responds with the most current classification result. A balanced decision has to be made regarding the validity timespan of classification results, depending on the application scenario.
This module uses the built-in smartphone camera for fingerphoto recognition. In order to capture suitable photos, the preview picture is evaluated with algorithms for finger detection and quality assurance. A photo is automatically taken when the preview picture fulfills all criteria for fingerphoto recognition. The final fingerphoto is checked again to ensure a minimum quality of the captured photo. Feedback on the results of the algorithms are continuously displayed on the graphical user interface.
To enhance the recognition rates several preprocessing steps are applied to the successfully captured fingerphotos. Minutiae are extracted by an open source minutiae extractor and a template is generated from the preprocessed fingerphotos. A template comparator based on identification of minutiae-pairs is implemented to compare the reference and probe templates for authentication. The autentication result is based on the number of identified minutiae-pairs and a threshold.