A Survey on Biometric Authentication: Toward Secure and Privacy-Preserving Identification

Abstract

In order to overcome the difficulty of password management and improve the usability of authentication systems, biometric authentication has been widely studied and has attracted special attention in both academia and industry. Many biometric authentication systems have been researched and developed, especially for mobile devices. However, the existing biometric authentication systems still have defects. Some biological features have not been deeply investigated. The existing systems could be vulnerable to attacks, such as replay attack and suffer from user privacy intrusion, which seriously hinder their wide acceptance by end users. The literature still lacks a thorough review on the recent advances of biometric authentication for the purpose of secure and privacy-preserving identification. In this paper, we classify and thoroughly review the existing biometric authentication systems by focusing on the security and privacy solutions. We analyze the threats of biometric authentication and propose a number of criteria with regard to secure and privacy-preserving authentication. We further review the existing works of biometric authentication by analyzing their differences and summarizing the advantages and disadvantages of each based on the proposed criteria. In particular, we discuss the problems of aliveness detection and privacy protection in biometric authentication. Based on our survey, we figure out a number of open research issues and further specify a number of significant research directions that are worth special efforts in future research.