Biometrics researchers at the University of Buffalo have paved the way to make fingerprint authentication more reliable, even with incomplete prints.
The new research, published by Pattern Recognition last week, tackles the problems associated with most commercial fingerprint sensors. When used in the field, these sensors are typically not capable of routinely obtaining fingerprints exactly as they are originally captured. They often only acquire partial fingerprints, and even when a full print is secured, its image can differ from the original, depending on variables such as the pressure used on the device and the amount of moisture on the finger.
All of these variables pose issues for authentication, which depends on a good print match for reliable security.
"With passwords, it's always the same characters, and the user hits the right keys," said Dr. Venu Govindaraju, director of the university's Center for Unified Biometrics and Sensors (CUBS). "But with fingerprints, every time you touch the sensor, the image will be slightly different, just as no two photographs are ever exactly the same."
The highlight of Govindaraju's research is his team's quantification of the amount of a partial fingerprint that is necessary for specific levels of security.
"For the first time, we have determined the minimum surface area required for fingerprint scanning in order to achieve a level of security that is roughly comparable to the security achieved with a six-letter password," he said. "Since our matching method assumes that the fingerprint image is not complete, it allows for more robust feature matching."
The UB team developed an algorithm that allows the system to make a numerical transformation of the fingerprint image by encoding features of the print and then transforming them, Govindaraju said. Rather than requiring a full match, the system requires only a certain amount of feature matches, ensuring security without requiring multiple rescans when only a partial print is captured.
"This is one of the first implementations of what is known as a cancelable biometric, using standard feature representations, because what is being stored is not the fingerprint image itself, but a transformation of that image," Govindaraju said. "It is nearly mathematically impossible to reverse engineer it."