Three Biometrics on One Smart Card, Face Recognition, Speaker Verification, and Fingerprint

Three Biometrics on One Smart Card, Face Recognition, Speaker Verification, and Fingerprint

Objective of any biometric system is to allow access only to authorized persons. Security levels in different situations are different. Giving access to people visiting a library is not as critical as giving access to a passenger walking through an immigration counter. Security has to be tight in critical areas.

Every biometric method has certain failure rate. This failure rate comprises of false acceptance rate (FAR) plus false rejection rate (FRR). Objective of any security system is to have as low FAR and FRR as possible. The best way to increase the success rate of biometric security system is to have multiple types of biometric authentication systems. If an individual has to go through multiple authentications then the probability of accepting a wrong individual and rejecting the right one would certainly be much less.

In a typical biometric system scenario, there are two stages. The first step is to register oneself as an authorized person to have the access. During this process, all the information, along with biometrics, is recorded and stored in a server. In the second stage, when a person tries to get access, again biometrics is recorded. This recorded biometrics is compared with the one on the server. If there is a match, the person is allowed entry.

However, this method of storing data on a server has two constraints. The first is that the server has to be made available on the internet so that during biometric matching it is always available. The second constraint is the security of the biometric data itself. The data stored on a server has the possibility of being hacked. If someone steals the data, they can replace fingerprint of one person with another person. Thus, any new system should overcome these problems as well.

With these design requirements in mind, we developed the ‘Intelligent Digital Passport’ system or IDP for short.

To address the high accuracy requirement, we developed the IDP with 3 biometrics namely face verification, finger print verification, and speaker identification. We developed the face verification using Eigen faces method. For fingerprint, we analyzed the minutia marks. Speaker verification was done using the Gaussian Mixture Model method. With these 3 biometric verifications, the system became virtually unbreakable.

To prevent the possibility of server hacking, we decided to eliminate the server all together. The entire authentication was going to reside on a smart card. As we carry our other cards, people would carry this access card. The problem was that we needed to put a picture of the person, the details of the fingerprint minutia marks, and some details of the speech characteristics in addition to the name of the person. The main problem was the available space on the smart card. For data storage, we had only 5.5 Kbytes available. To overcome the problem, we developed a special encryption technique. With all this, we could manage the biometric information from all three biometrics in less than 5 Kbytes space. This is how we developed a virtually non-breakable system.

Reference: Pictures of the Future, The magazine for research and innovation, Siemens, pp. 36-37, Spring, 2003.