jump to navigation

Mobile biometric authentication December 16, 2013

Posted by 8237mcraew in Security.
trackback

Biometric authentication is a rapidly emerging technology that has become widespread. Efficiency of algorithms, mobile computing power, and persistent connectivity have governments and private industry turning to mobile biometrics to speed up processing of people and goods in law enforcement, military, public transportation, border control, healthcare and commercial shipping.  These mobile biometrics range anywhere from fingerprints (see Apple iPhone 5s and finger print scanner) to voice recognition, and everywhere in between.  There are two fascinating developments in mobile biometric authentication that I would like to share with you.

First up is a unique shopping experience, or should I say Uniqul shopping experience.   Uniqul is facial recognition payment system developed in Finland.  Uniqul utilizes military grade algorithms to quickly and securely process and match facial identification points [1].  This allows participants to authenticate and pay by simply walking up to a Uniqul terminal and pressing okay.  The point of sale facial capture is checked against your account biometric data, linking credit cards you have added to your account to the purchase.   Account creation consists of going to a QPoint, complete with tablet and camera [1].  Enjoy the demo video below.

The second biometric mobile device I would like to share with you is Nymi, the wearable biometric device.  In my opinion it is a sleek integration of technology and ingenuity.  Nymi allows the user to maintain persistent identity on their person.  Nymi incorporates a more recent biometric identifier in utilizing electrocardiogram (ECG) waves for identification and authentication.  The Nymi itself is a wristband containing an ECG sensor along with a six-axis motion sensor [2].  Enrollment and authentication is setup through a separate authorized authentication device (AAD).  Development includes support for iOS and Android devices, as well as Mac and Windows personal computers.  The user establishes their biometric template through an application on their AAD.  The Nymi records ECG wave data and transmits encrypted information through a Bluetooth signal.  Once account has been created, the Nymi device will match a live ECG sample against the template.  The ECG sensor on the Nymi will continue to record ECG data until a match has been made.  Once a match has been made, the device becomes active and is able to transmit to Nymi Enabled Devices (NEDs) [2].  Taking the device off at any point clears any authentication.  An interesting aspect of the Nymi is its 3 Factor Authentication.  In order for the authentication to occur, the user must be in physical contact with Nymi device, match an ECG template (which has been proven to be reliably unique [3]), and be in the presence of their AAD [2].  This robust authentication method make Nymi authentication extremely resistant to fraud.  Please enjoy the demo video.

These two products are fascinating to me due to their creative use of biometric technology.  Of the two Uniqul is active in certain parts of the world, while Nymi is still in the development phase.  While Uniqul is effective in employing facial recognition technology, I do have concerns of privacy with it.  Uniqul is a passive identifier that records, or at the very least captures, biometric facial data from everyone that steps in front of the camera.  There is potential for abuse with this, from both the private and government sectors.  Nymi’s authentication process is extremely robust; however its use of Bluetooth technology concerns me as a point of vulnerability, even if it’s only a susceptible to intentional or unintentional interference.   I leave you with the following question:  The use of unique personal traits make biometrics an attractive choice for authentication, do you foresee a future where passwords are eliminated and replaced with biometric authentication in all aspects of life?  A more pointed question; is there a condition in which you believe biometric authentication will never gain a foothold?

[1] http://uniqul.com/

[2] http://bionym.com/resources/NymiWhitePaper.pdf

[3] Agrafioti, F., Hatzinakos, D. “ECG biometric analysis in cardiac irregularity conditions”. In Signal, Image and Video Processing. 2009.

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: