Multi-Biometric Template Protection: Issues and Challenges

Abstract

The term biometrics refers to “automated recognition of individuals based on their behavioral and biological characteristics” (ISO/IEC JTC1 SC37). Several physiological (static) as well as behavioral (non-static) biometric characteristics have been exploited (Jain, Flynn & Ross, 2008) such as fingerprints, iris, face, hand, voice, gait, keystroke dynamics, etc., depending on distinct types of applications (see Figure 1). Biometric traits are acquired applying adequate sensors and distinctive feature extractors are utilized in order to generate a biometric template (reference data) in the enrollment process. During verification (authentication process) or identification (identification can be handled as a sequence of biometric comparisons against the enrollment records in a reference databse) the system processes another biometric measurement from which an according template is extracted and compared against the stored template(s) yielding acceptance/ rejection or hit/ no-hit, respectively. The presented work is motivated by very recent advances in the fields of multi-biometric recognition (Ross et al., 2006) and biometric template protection (Rathgeb & Uhl, 2011). Automatic recognition systems based on a single biometric indicator often have to contend with unacceptable error rates (Ross & Jain, 2003). Multi-biometric systems have improved the accuracy and reliability of biometric systems (Ross et al., 2006). Biometric vendors are already deploying multi-biometric systems (e.g. fingerprint and finger vein by SAFRAN Morpho1) and multi-biometric recognition is performed on large-scale datasets (e.g. within the Aadhaar project (Unique Identification Authority of India, 2012) by the Unique Identification Authority of India (UIDAI)). However, security of multi-biometric templates is especially crucial as they contain information regarding multiple traits of the same subject (Nagar et al., 2012). The leakage of any kind of template information to unauthorized individuals constitutes serious security and privacy risks, e.g. permanent tracking of subjects without consent (Ratha et al., 2001) or reconstruction of original biometric traits (e.g. fingerprints (Cappelli et al., 2007) or iris textures (Venugopalan & Savvides, 2011)) might become a realistic threat. Therefore, biometric template protection technologies have been developed in order to protect privacy and integrity of stored biometric data. However, so far, template protection schemes which provide provable security/ privacy, and achieve practical recognition rates have remained elusive, even on small datasets. This bookchapter provides a comprehensive overview of