In recent times, security of information has been a critical issue among governments, corporations and individuals alike. The issue has made most corporations alter their strategy of information security as they are generally a target of hackers and cyber criminals. Year 2016 has already set a new record of data breaches as the year saw more than 1000 incidents of identity theft as recorded by Identity Theft Resource Center. It was a 40% increase from year 2015. Information security incidents grabbed news headlines throughout the year, resulting in total 1,093 reported incidents. Year 2017 has not been any good so far either, a ransom-ware outbreak throughout the world in the month of May and June this year left many government and private outfits paralyzed. It affected several computers and systems of multiple corporations like Spain’s FedEx, Telefónica and Deutsche Bahn. It also affected computers and equipment of UK’s National Health Services, compelling it to run some healthcare service on emergency-only basis.
Recent history has been challenging for electronic information security and the trend seems to moving uphill. The fact that there is no need to be physically present or within political borders of a country to breach the layers of data security makes it even scarier. A hacker sitting thousands of kilometers away, can access information systems, breach layers of security, copy data or just encrypt it to make you pay ransom for decryption. Threats to data security are mostly posed from cross-border locations, making it complicated for law enforcement agencies to take any actions against cyber criminals.
Data security and biometric data
Increasing numbers of data security threats equally affect biometric data as well. Since biometrics has gone all electronic and automated, where biometric features are captured, processed and stored electronically on information systems and equipments, it becomes imperative to safeguard biometric data like other important electronic data. An individual’s measurable anatomical or behavioral characteristics are called biometric identifiers. Biometric identifiers of a person become a biometric template when they are sampled by a biometric recognition system and processed by pre-defined rules and algorithms within the systems. Biometric template of a person does not contain biometric data in its original form, like facial or fingerprint image. It can rather be called a mathematical summary that is produced by processing originally captured biometric pattern. Biometric templates are binary files that are in unreadable form. These templates contain the unique characteristics of a person’s biometric information, and they are the master copies that each future data acquisition would be compared to.
Though claims are often made that biometric template of an individual is of no use since they are just digital reference of one’s biometric identifiers and cannot be reverse engineered, security of this data, however is still crucial because hacking attempts are getting more sophisticated with time, and reverse engineering of biometric templates may be possible at some point of time.
Biometric data security: where data security gets complicated
Traditionally, user name and passwords are used for user identification / authentication and implementing account security. However, due to the inadequacy of password based authentication methods, world is increasingly moving towards biometrics. This is where data security gets complicated in case of biometric data. When passwords are compromised, the service providers inform their users about the incident and suggest them to change the password. Such incidents with users’ biometric data can cause irreversible damage as passwords can be changed but not biometric identifiers of a person, so the security of biometric data becomes a very crucial matter. Data security becomes increasingly complicated when it comes to the security of biometric data. Since an individual’s biometric identifiers cannot be changed, security of biometric data shall be treated as of highest priority.
Unlike security of general electronic data, there are may be many levels biometric data of a person can be compromised. Biometric data in its processed form called biometric templates. Since biometrics of an individual is captured and processed by specific equipment, security efforts for safeguarding biometric templates start right from the biometric equipment and goes till the data storage method. Biometric systems use one way encoding to save templates from being reverse engineered i.e. reconstructing biometric pattern using the biometric template. However, risk is not limited to reconstructing biometric pattern on the basis of template.
- Accessing device storage to steal templates.
- Creating a wearable replica of user biometrics using biometric template.
- Replacing user template by an imposter’s template.
- Bypassing the compromised template to the matching module.
- User tracking by tracking his/her identification / authentication activities.
- Sniffing network communication to and fro a biometric recognition system.
A biometric template can be compromised at its storage location (in which the storage is accessed and template is stolen due to substandard storage security), so securing storage becomes the first layer of security. How template is used by frauds defines degree of harm (e.g. template may be used to reconstruct biometric pattern or creating physical replica) so encoding template the way that it renders useless for criminals, becomes the second layer of security. The template itself should be secure enough to not to be misused. Since a biometric template can leverage different storage methods, which varies from storing templates in the equipment itself to a centralize database, different methods of securing the template storage has to be employed.
Storage based strategies
In this storage method, an individual’s biometric data is stored on a portable token such as a smart card. Storing biometric data on a smart card and not on a central database server does not require it to be transmitted over the network for verification, saving biometric data from network related vulnerabilities and exposure. With biometric data on smart-card, users have a feel they are in control of their biometric data, increasing user acceptance of the systems. Along with these advantages, this storage method also poses some disadvantages. Cost of implementation for on card biometrics is high as biometric smart-card readers are required for user identification or authentication. User has to present his biometric smart-card then biometric identifiers to the reader to get his or her identity authenticated.
Centralized biometric database
A central biometric database server is used to store biometric templates in this storage strategy. This approach offers inexpensive implementation of biometric authentication and is beneficial for users who need multi-location authentication. On the other hand, this approach poses security risk of biometric data as well. Users’ biometric data is transferred over the network (usually the internet) and it opens doors for sniffing. A hacker can recreate authentication session and perform a transaction. Encryption solves this problem but storage and access rights to the encryption keys become another issue. Deciding where encryption keys will be stored and who will have access to them can be a complex matter when encryption is used.
As the old proverb goes, “never put all your eggs in one basket”, storing biometric data on individual workstations can help keep data distributed among several workstations. Distributed approach can save data in case of an incident of data breach. This approach seems better than storing data on biometric equipment itself, as workstation tower is more challenging to steal than the biometric recognition systems, owning to their size and level of exposure. On the other hand, this approach also raises security concern as personal workstations may have meager or substandard security than a central database server. Unlike centralize database approach users cannot authenticate identity from multiple locations.
Biometric recognition systems
Storing biometric data on the recognition systems offers a viable advantage of quick response during user authentication as reference template is locally stored and can be fetched quickly, unlike centralized database approach, in which the systems has to access the biometric database server on the network (typically via the internet). Storing biometric data on the equipment itself promises quick response time as the recognition system does not depend on external systems, which may be in an unknown status, along with unknown status of communication channels (the internet).
Techniques employed to protect biometric templates
Feature transformation is a group of methods that create new features (predictor variables). The methods are useful for dimension reduction when the transformed features have a descriptive power that is more easily ordered than the original features. In this case, less descriptive features can be dropped from consideration when building models.
Feature transformation methods are contrasted with the methods presented in Feature Selection, where dimension reduction is achieved by computing an optimal subset of predictive features measured in the original data. Feature transformation approach leverages a transformation function to transform the biometric template. Biometric database only store transformed template and when a match request arises, the request is also transformed using the same transformation function and the transformed probe is compared with transformed template. A random key or password is used to derive parameters of the transformation function.
This approach leverages helper data to protect a biometric template. This method is also called Helper Data Method as it uses some public information about the template. No significant information is revealed by the helper data about the original biometric template. This approach is further categorized into Key binding and Key generating approach. If the key is obtained by binding a key independent of the biometric features with the biometric template is known as Key Binding approach. If the helper data is derived only from the template and the cryptographic key is directly generated from the helper data and the query biometric features, it is called Key Generating biometric cryptosystem.
Advantages and disadvantages of biometric cryptosystem
Biometric cryptosystem offers advantages like being tolerant to intra-user variation and direct key generation being useful in cryptographic application. However, if also has some disadvantages like generation of key with high stability and entropy is difficult. It required careful attention while designing helper data as it is based on specific biometric features. Revocability and diversity is also not ensured.
Safeguarding biometric templates can be challenging in current data security scenario where threats to data is rising with every passing day. Hacking attacks are getting more and more sophisticated, intense and complex. It is true that there is nothing much that can be done with an encrypted template, but it is more important to safeguard biometric data right at storage so that templates do not get stolen in the first place. Biometrics has become increasingly popular in recent years, however, public confidence and acceptance of the this technology will depend on the ability of system designers to demonstrate that these systems are robust, have low error rates and are tamper proof.