Secure Operation of Biometric Authentication Based on User’s Viewpoint

Abstract

In recent years, biometrics authentication systems have been spreading in response to increased demands for convenience and safety. In worldwide, a fingerprint authentication system is scheduled to be installed in 2021, and mobile device shipments are expected to exceed 1 billion units. Biometric authentication maintains a high level of security while enabling instantaneous authentication without users having to physically carry something (e.g., a key) or memorize a password. It is being utilized in a variety of fields (smartphones, FinTech, etc.) due to this ease of use. The security aspects of biometric authentication are also being upgraded in terms of hardware as various companies make efforts in this direction. However, biometrics authentication is not sufficient from the viewpoint of the user side. Since biometric authentication uses advanced personal information as a key, there is a serious problem in that the key can’t be reset if it leaks out. In this paper, on the basis of the user side viewpoint, we propose a secure operation model for biometric authentication that features cooperation between an Identity Provider (IDP) and hashing of biological information. Results of desk simulation assuming a specific service environment demonstrated the effectiveness of the proposed model.