This seminar will look at fingerprint recognition, facial thermography and DNA, assessing their use in security applications and how they compare against one another for particular security protocols and authentication mechanisms. We also discuss current uses for these Biometrics and suggest a 'multi-modal' Biometric to counteract security threats. In particular, we will look at how an intruder would go about achieving success via identity theft for each Biometric and strategies that can prevent this from happening.
Individuals must first register their form of identity with the system by means of capturing a raw biometric to be used in the system. This process is called Enrolment and is composed of three distinct phases: Capture, Process and Enrol .
Once Enrolment is complete, the system can authenticate individuals by means of using the stored template. Authentication is the process whereby a new biometric sample is captured by the individual who is authenticating with the system and compared to the registered (enrolled) biometric template. There are two forms of Authentication: Verification and Identification.
Identification performs the process of identifying an individual from their biometric features. Identification asks the question "Who are you?"
Verification involves matching the captured biometric sample against the enrolled template that is stored and requires the user to assert a specific claim of identity such as a user name / unique key. Verification asks the question "Are you who you say you are?"
The success of a system in performing verification is measured using the metrics below. Successful systems will have high True Positive and True Negative values, a poor system will have high False Positive and False Negative values. Each metric is defined as follows:
A diagram illustrating the process of Enrollment and Authentication is shown below:
It can be seen from the figures below that fingerprint is the most common Biometric, occupying 48.8% of the market. In addition to this, there is an increasing amount of market expenditure for Biometrics, particularly for 2003 onwards.
The flow of amniotic fluids in the womb influences the fingerprint patterns, when the foetus is 9 months old, the fingerprints are fully formed and do not change in the future .
Fingerprints were first used in ancient civilisations as a form of signature. From the 19th century fingerprints were commonly used for identifying criminals from latent fingerprints left at the scene of the crime, as it is used now in forensics .
The NEC Group in Japan were the first company to develop an Automated Fingerprint Identification System (AFIS) in 1971, which consisted of scanning in the cards with ink fingerprints on them, converting them in to templates, storing them in a database and also the ability to match the fingerprint if it is already in the database. This system was adopted by the FBI and many law enforcement agencies around the world; the systems in place now are still very similar to the original system built by the NEC group .
Biometric authentication makes use of a fingerprint to obtain a digital image of the user's fingerprint as opposed to the AFIS method of scanning in ink fingerprints. There are a range of commercially available scanners that can be used; the quality of image obtained depends on the hardware.
The user places a finger on the scanner; the image is then encrypted and sent to the host computer where the processing takes place. The image is formed of dark lines (ridges) and lighter lines (valleys). The methodology that most matching algorithms are based on is minutiae matching. Minutiae are particular features of the lines on the fingerprint. The most commonly used ones are bifurcation, where the ridge forks to take two different paths and ridge endings, where the ridge begins or ends.
For the computer to be able to identify minutiae, the image must undergo some pre-processing first. Most images from a fingerprint scanner are in grey scale, this makes it difficult to distinguish between ridges and valleys. Therefore the image is converted in to a binary image. This is done by calculating the average pixel colour value over small areas of the image (typically an area is 8x8 pixels), any pixel with a value higher than the average colour value is converted to black, anything below is converted to white.
Noise reduction then takes place to reduce interference. Finally the image is thinned so that the ridge lines are only one pixel thick.
Thinning enables the computer to identify ridge endings and bifurcation by pixel transition counting. This method involves counting how many transitions from black to white are made when traversing round the surrounding pixels of the candidate minutia. If a candidate minutia is truly is a ridge ending then there will only be one transition, if it is a bifurcation there will be 3 transitions. The diagram below shows a candidate for a ridge ending; starting from square 1 and moving clockwise, the pixels are all white until square 7, where there is transition from black to white from square 7 to 8. As there is only one transition, the candidate is accepted as being a ridge ending.
The detected minutiae are stored on a template at their relative coordinates (see below). The lines next to the minutiae represent the direction in which the line is travelling. This template is stored in a database if enrolling the user. If trying to authenticate the user, the template is then compared to templates already in the database. A predefined threshold is set; if the number of matching minutiae is greater than the threshold value it is deemed a match.
Obtaining a fingerprint via a scanner is non-invasive. It is very hard to forge a fingerprint (on possible method is detailed later on in the handout). It is not possible to re-construct the original fingerprint from the template i.e. identify theft is not possible through this way.
Replay attacks are hard to implement as the scanner and host computer use various methodologies to combat it. Encrypted messages are sent between the scanner and host using public/private keys. The host computer issues uses time stamps / challenge response to ensure messages are not being diverted or replayed .
The reliability of fingerprint authentication is good, false rejection rates are typically below 0.1%, false acceptance rates are typically below 0.01%. These rates vary depending on the scanner and the matching algorithm used.
Fingerprint authentication is a very similar methodology to passwords; businesses may not see the advantage of them. Although it is time consuming, it is possible to fool some scanners with fake fingers. Scars, bruises and dry skin affect the quality of the image obtained; bad quality images will be rejected by the host computer. Roughly 7% of the world's population can not give a fingerprint sample due to dry skin. However, improvements in fingerprint scanning hardware should be able to combat this problem in the future .
The system is only as secure as the security level at the time of enrolment; an attacker may impersonate a valid user and enrol their own fingerprint as that of the valid user, hence gaining access to the system and denying access to an authorised user.
It may be possible to remove the scanning device and interface directly with the chip in the scanner using a computer. An image file a fingerprint could then be sent via the chip, the image would then be encrypted with the right key. However it would be possible to make the hardware tamper resistant.
There are 3 main facial recognition systems in use today, 2D, 3D and thermal imaging systems. The systems can be combined to produce more accurate authentication applications or used separately for different purposes.
2D systems detect user's facial features and use these as patterns, for example, the distance between the eyes, or the width of the user's nose.
3D systems create a model of the users face and matching is conducted between the subjects bone and facial structure.
Infrared imaging can also be used to detect differing temperature regions of the face, for example the eyes are very warm areas whereas the nose is a very cold area. These differences can be used to identify and authenticate a user.
A conventional camera is used to capture an image of the subject for 2D facial recognition, features are then marked out using a process based on eigenfeatures and are then stored as a template .
The eigenfeature process is performed by overlaying a generic template of human facial features onto the image, where areas of colour intensity line up the features are marked. The generic template is AI and is trained to different facial structures; because of this it can adapt to extract features from different facial expressions .
An Infrared camera is used to capture an image of the temperature of the subjects face. Edge following algorithms can then be used to define regions of similar temperature. These can be used to build up a polygon representation of the face to use as the template.
A laser camera is rotated around the subjects face to build up a complete image of the subject. The model is created using a process called octree modelling :
A new approach by Siemens  is to shine many focused horizontal bands of colour at the subjects face. The angle of the deviation of the bands from the horizontal give the information required to build the 3D model.
A set of features are stored as vectors where
The Euclidean distance is computed between the features for 2 sets giving an indication of how similar the sets of features are . A sum is made over the squared difference between all the features, the square root of which is used to give an overall variation between the two sets.
This is compared to a threshold, if it is below the threshold the two subjects are said to match, otherwise they are different subjects.
Depth maps are used to determine if two 3D models are the same or not .
For low security identification no co-operation is needed as the camera can be placed like a CCTV camera, this will allow covert monitoring.
Re-enrolment is not needed under normal operation as facial features do not change with age ; they are subject to intentional disfigurement of course.
When combining 3D modelling with thermograms a truly unique pattern is created that is totally unique, unlike DNA for example where identical twins share the same DNA .
An advantage over fingerprints is the number of reference points used to build up the model / template. A 3D thermogram includes over 19,000 points whereas a fingerprint template will have around 80 .
Thermogram images are drastically affected by alcohol levels as this dehydrates the body which leads to an overall increase in the temperature level.
As a 3D model is comprised of over 19,000 points is it a very realistic portrait which easily identifies the subject in question. What effects will the Data Protection Act have over the storage of the models (fingerprint templates do not constitute personal data).
The cost of extremely accurate facial authentication systems is high especially if combining different types of cameras. This cost can be prohibitive.
When using the technology for high security verification the techniques are extremely susceptible to light and camera distance changes and controlled rooms are needed, which prevents covert analysis.
DNA has not been considered as a form of Biometric until recently. It dictates how we look and develop; it serves as a full set of building blocks / 'blueprints' for each person and is as unique as a fingerprint. DNA is short for Deoxyribonucleic Acid .
With sufficient amounts of technical equipment and specialist knowledge, it is possible to look at the molecular structure of two people and tell exactly how they differ from one another. Humans share 99.9% of DNA ; it is the 0.1% which DNA sequencing / analysis looks at. It is estimated that 1 in every 1,200 to 1,500 bases differ between individuals .
DNA is a large molecule, whose shape resembles a 'double helix' which conceptually looks very much like a ladder twisted into a spiral. Each molecule consists of a string of nucleotides; each nucleotide has three components: a sugar molecule, a phosphate molecule and a nitrogenous base .
The use of DNA in biometric applications focuses on the nitrogenous bases which are referred to as 'bases' for short. There are four distinct bases:
Each base combines with its counterpart to form a base pair: Adenine pairs with Thymine and Cytosine with Guanine. DNA is measured in a unit called nt (nucleotides).
Over 90% of the variation between individuals' DNA comes from SNPs (Single Nucleotide Polymorphisms) which are the mutation of a single base within a DNA molecule, changing the complete structure of the individual . The diagram shown below illustrates the structure of a DNA molecule and the base pairings that take place between nucleotides.
Enrolment requires the involvement of specialist knowledge, such as lab technicians that have a good experience and handling of DNA.
To start with, the sample that is extracted must be at least 5KB in size. This equates to 625 base pairs that are required to encode one stand of DNA (one base is represented as two bits; there are four possible bases that are to be presented) .
Lab specialists 'prime' the DNA by placing it into a test tube and splitting it into its two separate counter parts using restriction enzymes. The diagrams below illustrate a DNA molecule and when it has been split into its constituent components.
The DNA must be the correct concentration - if it is too strong, distilled water is used to dilute it. If it is too weak then more DNA is added or replicated using replication software. Temperature is an important factor in maintaining the integrity and structure of the DNA. If the temperature is too high, excess bases may separate from their strands and cloud the solution of DNA, thereby corrupting the sample.
The DNA is sequenced using a technique known as Electrophoresis. The molecule is separated into its two constituent strands and placed at one end of a gelatine-like gel, prepared in advance using complex procedures. Electrodes are placed at either end of the gel and a current passed through the gel, causing bases in the DNA to move through the gel. This creates 'bands'; the position and strength of each band depends entirely on the size of the base within the DNA. The larger the sample, the more difficult it will be to move through the gel; strands that are the same size will move to the same position in the gel. Only 200-300 bases can be represented on one gel piece; multiple gels are used and the whole process is repeated for the whole DNA strand .
The sequence obtained is separated into four distinct batches and analysed using a machine known as an 'Assembler'. A lab technician pours the gel containing the sequence into two glass plates which are two hundredths of a millimetre apart. A chemically modified base is then added to each batch and the chains of bases are fixed upon the addition of the chemically modified base .
Once the bases have been colour coded using the dye, the assembler loads the DNA into 96 lanes that are typically 3 or 4 meters long and 30cm in width and then reads the order of bases at the positions that they are present in the gel. When bases move through the gel and appear at the other end, the dye emits a fluorescent colour when scanned by a laser .
Sequencing software matches the colour exhibited to its corresponding base and forms a binary representation of the DNA strand. The diagrams below illustrate how the sequencing software assigns bit sequences to each base.
Each sequence generated by the sequencer is known as a "read". Recursive bit sequences are known as "repeat-induced" and are removed by the Sequencer, leaving bit sequences that are unique to the individual.
Assemblers require up to a thousand times more RAM than general purpose computers due to the exponential number of sequence combinations and the huge number of comparisons required to keep track of sequence matches .
Matching involves repeating the enrolment process to obtain a test sequence to compare against the stored template. Bit sequences are compared between the test sequence and the template: if all bit sequences match then the individual is authenticated; if the bit sequences do not match the individual is rejected.
The best systems at present take ten minutes to perform sequencing and matching for DNA samples, but this is not seen as 'real-time'; other forms of verification such as fingerprint can instantly verify individuals. DeCypher  is currently the world's fastest sequencer and assembler.
DNA is easy to represent in binary format; four digits are used to encode each base, allowing the matching process to be done quickly and efficiently.
It is seen as the most complex biometric due to the complexity of the sequencing and matching processes. People tend to think that DNA is the most secure technology and this would be true if it were only to be used for high security applications.
It is extremely hard to forge or imitate as it proves difficult to extract good samples that are likely to match the template stored for the individual in the system.
DNA has been used by government sources to confirm the identity of particular individuals, an example of such as use is for the identification of Saddam Hussain after the war in Iraq earlier this year. To authenticate such an individual on a large scale and prove their identity to the whole world requires a reliable biometric.
Information used in other Biometric systems is analogue; there is no chance of verification achieving true recall and accuracy with other Biometric technologies. DNA is digital, increasing the accuracy and allowing true recall to be gained for the process of authentication .
Enrollment is highly intrusive; it requires a sample of blood from the individual that is to be registered with the system and more than one sample may need to be taken if the process needs to be repeated many times.
To perform Enrollment requires specialist knowledge and equipment; both are expensive to acquire. As a result of this, the only situation in which DNA would be cost-effective is in high security applications, such as defence and national security.
Recent advancements in science such as cloning and the near-completion of the Human Genome sequencing project means that the concept of 'uniqueness' for DNA could be obliterated. Identical twins share the same DNA; hence this biometric would not be able to distinguish any points for authentication for identical twins.
At present, there is not enough computational power to perform DNA sequencing in 'real-time' due to the vast amount of memory and processing power required during the sequencing phase .
Universality: How common the biometric is in the population?
Uniqueness:Is each biometric unique to one person?
Complexity: How hard is it to obtain and process a sample?
Acceptability:How willing would the general public be to use it?
Processing Requirements: Is the method computationally expensive?
Memory Requirements: How much storage is needed for the biometric data?
Cost: How costly would it be to implement the biometric system?
Tsutomo Matsumoto, a Japanese cryptographer, successfully managed to fool some fingerprint scanners by using a gelatine finger. The following methodology was used :
A latent fingerprint was lifted using common place forensic techniques (powder was brushed on to the fingerprint and an adhesive clear sheet is placed over the print and lifted off), the print on the adhesive is then hardened using cyanoacrylate fumes. A picture of the print can then be taken using a digital camera and printed out on to acetate. The acetate is then laid over a metal plate (Matsumoto used a copper PCB) and etched on manually. A gelatinous substance, shaped like a finger, is then pressed in to the plate. Once set, the "finger" can be tested on a fingerprint scanner. However, many modern fingerprint scanners also check for temperature (although leaving a finger on the scanner causes the ship to heat up and give anomalous readings) or pulse or the frequency and intensity of the light reflected back by the finger. For these kinds of scanners the methodology above would not be sufficient to fool them.
To fool a verification based system, a malicious user wearing a latex face mask seems the most likely way to fool the system.
2D and 3D systems can be fooled by this approach as they only check the appearance of the user and nothing else, obviously though sophisticated face masks or surgery are needed
However, adding thermal imaging makes this attack infeasible as the latex mask will heat up the user as the skin will not be able to perform its normal heat reduction functions effectively. To try and combat this by trying to replicate the temperature regions of the face is unrealistic as it is near-impossible to achieve using mechanical devices and them staying within the size limit of the face.
It is possible to manually synthesise DNA; there are many web pages which illustrate how to do this . Obtaining a sample from an individual without their knowledge, through hair, skin or saliva can be easy to achieve.
Sequencing can be manually performed, by attaching a radioactive label to the bases in the DNA and performing an X-ray to make band positions visible in the gel used for electrophoresis. By analysing the rows and columns for each band, one can determine the sequence used for Enrollment. However, the process of manually sequencing DNA is extremely error-prone and takes a large amount of time (up to one year if many sequences are used as a biometric) .
DNA used to carry out an attack on the system must be of the correct temperature and concentration. The slightest change in either of these factors can corrupt the sample; in addition to this, it is easy to contaminate the DNA during electrophoresis by either using too many restriction enzymes to snippet strands or adding too much radioactive material .
If a successful sample is generated then the probability that the first sample generated will match the template stored is extremely low; there are many possible sequences that could form part of the template. The attacker would have to ensure that they use the correct binary encoding to translate the sequences of bases into binary form. The number of possible sequence combinations will be exponential in size and it would take an extremely long time to traverse through every sequence and match it against the stored template.
Fingerprint authentication is becoming more widespread for controlled computer access at home and in business. USB fingerprint scanners and commercially available software is suitable for both uses.
DigitalPersona has developed it's U.are.U fingerprint authentication range with Microsoft, so this range of products can be totally integrated with Windows XP and other Microsoft products, this ranges from the windows log on box to logging in to hotmail by providing a fingerprint. Additional functionality includes the ability to encrypt and decrypt files using the fingerprint to authenticate the user.
With the increase in mobile device users and mobile device theft, people are becoming more security conscious. Fingerprint authentication has already been integrated in to PCI cards for use with laptops, a range of PDA's and is being extended to mobile phones (e.g. by DoCoMo, Sagem and Fujitsu).
Facial analysis has two different roles to play in current applications, identification and verification:
When used for identification purposes, the systems can be used for detecting 'undesirables' such as for general airport security or monitoring people who attend sports events.
When used for verification, the systems can allow or deny access to resources, to replace other verification systems. There are many companies who have developed commercial systems, especially for customs control in airports.
Currently, there are databanks and reserves in the United States, such as the GenBank and MegaBases at Johns Hopkins University that are used to determine the identity of individuals for forensic purposes.
Current uses of DNA as a biometric include a genetic fingerprint obtained from hair, blood and cell samples, used to form part of the next generation of ID cards in China. At present the Chinese government is investing 182 million in the expansion of a national database which will contain in excess of two million profiles .
NTT DATA have produced two devices that incorporate DNA as a biometric: the Commodity ID System and the Smart Card with Registered Seal. Both products use a secret key for use in personal recognition systems .
The Commodity ID System looks at providing authenticity for legal documents that are easy to forge at the moment and products that are easy to imitate in all industries. The system approaches this problem through a combination of two steps:
For legal documents, DNA can be dissolved and mixed with ink that is used to print the document in question and a match query executed to see whether the ink used matches that of the template. However, this condition only holds if no one has stolen the ink and replicated it already, thereby rendering this process useless.
A Smart Card with Registered Seal  is to be released in accordance with the Electronic Signature Law in China, whereby an electronic registered seal function will prevent identity theft through the use of public and private encrypted keys based on the person's DNA-ID. The person registers their public key derived from their DNA with the certification agency; digital signing is then performed using the private key and authentication takes place on the card using the public key and private key. To make the card more secure, a barcode containing DNA is affixed onto the card, similar to the barcode used in the Commodity ID System.
Some of the shortcomings of biometric authentication have been discussed; a solution to making a more reliable authentication system would be to combine different biometric systems. For instance, providing security at an airport requires a high level of security especially at customs where passport checks take place; this would require centralised databases of users and their biometric templates.
Facial recognition and DNA authentication could take place. This is a future scenario, where it would be possible to perform DNA sequencing in real time. 3D facial recognition could be used to identify the traveller and a DNA sample could be tested for a match with the template stored in the user's passport which would then verify that the user is really who they claim to be. In cases where DNA sequencing is not possible, the traveller's fingerprint can be compared to the template stored in the passport.
There is ongoing research into how best to apply biometrics to airport security due to the US governments demand that all travellers wishing to enter the US must have some form of biometric information in their passport .
 Hogan, M. (2003), "Are you who you claim to be ?", National Institute of Standards and Technology, International Standards Organisation.
 "Biometrics: The Anatomy Lesson", findBIOMETRICS.com
 "The Technology", 3DBiometrics, Inc.
 Maltoni, D. et al, (2003), Handbook of Fingerprint Recognition, Springer-Verlag, New York
 Hoshino, Y. et al (1993), "Fingerprint Identification", Image processing : processors and applications to radars and fingerprints, Gordon and Breach Science Publishers.
 Pentland, A., Moghaddam, B., Starner, T. (1994), "View-Based and Modular Eigenspaces for Face Recognition", IEEE Conference on Computer Vision & Pattern Recognition.
 Intelligent Systems Lab, Rensselaer Polytechnic Institute
 Thermal imager FLIR infrared camera resources
 Siemens, "3D Facial Recognition"
 Mitchell, T. M. (1997), Machine Learning, McGraw-Hill International Editions, p 232.
 Beumier, C., Acheroy, M. (1998), "Automatic Face Authentication from 3D surface", Royal Military Academy, Signal & Image Centre
 Lawlor, M., (1997), "Thermal Pattern Recognition System Faces Security Challenges Head On", SIGNAL Magazine
 "DNA Sibship Analysis", Genetrack Biolabs Canada
 DeWeerdt, S. E. What's a genome? Genome News Network
 Devitt., T (Editor) (2002), "Genetics moves on", The Why Files
 "How do we sequence DNA?", A Primer in DNA Structure and Function, University of Michigan,
 Phillips, Bridgeman, J., Ferguson-Smith, M. (2000), "The Inquiry into BSE and variant CJD in the United Kingdom", The Stationery Office
 (2002), "High performance, modular solutions for accelerated biocomputing", Time Logic
 (2001), "Development of Identification Systems Using DNA Information", Pursuing Development as Practical Biometric Identification Systems, NTT DATA Corporation,
 Matsumoto, T. (2002), "Importance of Open Discussion on Adversarial Analyses of Mobile Security Technologies - A Case Study for User Identification", Yokohama National University,
 (2004), "How to Extract DNA from Anything Living", Do try this at home, Genetic Science Learning Center at the Eccles Institute of Human Genetics, University of Utah,
 (2004), "Sample Experiments found on internet for extracting DNA Concept to Classroom: Lesson Plan Four", Educational Broadcasting Corporation
 Best, J. (2003),"Chinese ID cards to carry genetic sample", silicon.com
Babler, W.J. (1991), "Embryologic Development of Epidermal Ridges and Their Configuration", Birth Defects Original Article Series, vol. 27, no. 2
Cavoukian, A. (1999), "Consumer Biometric Applications: A Discussion Paper", Information and Privacy Commissioner, Toronto, Ontario
(2003), "Defining Sequence Analysis", DNASTAR Inc.
"Facial Feature Identification", Automated Identification and Data Capture, Western Carolina University
(1999), "Fingerprints", Forensic Medicine, University of Dundee
Liu, S., Silverman, M. (2001), "A Practical Guide to Biometric Security Technology", IT Professional, IEEE Computer Society
Ratha, N.K., Connell, J.H., & Bolle, R.M., "An Analysis of Minutiae Matching Strength", IBM Thomas J. Watson Research Center.
Straub, A. "Touching Tomorrow", The Brevard Technological Journal, Florida Today
FaceKey.com; Security and Time and Attendance Products
McCue, A. (2003), "Will ID cards contain DNA sample?", silicon.com
Viisage Solutions; Aviation Security