Sunday, December 18, 2011

Merge two of your fingerprints to protect your data

HAVING your password hacked is a hassle, but it is not the end of the world - after all, you can just set a new one. That's not the case with fingerprint authentication: if someone copies your digits, you're done for. Now a technique for blending two fingerprints to create a third could provide a solution.
The software works by splitting a fingerprint into two components. The first corresponds to the general pattern of ridges and the second describes the fingerprint minutiae - the distinctive features used to compare prints, such as the point at which two ridges merge. Combining one component from each print creates a new and unique print that can be used for authentication.
"This is beneficial from a privacy perspective," says Arun Ross, a computer scientist at West Virginia University in Morgantown, who developed the technique with his colleague Asem Othman. "The original fingerprint images are not stored; rather only the mixed fingerprint is stored and used for matching."
Some existing authentication systems store fingerprints using a hash function, a type of non-reversible encryption from which the original fingerprints cannot be recovered. If these systems are compromised then the owner can simply use a new hash to restore security. Ross's technique would mean users also had the power to change the stored fingerprints, giving them total control over their data.
The technique could also be used to combine fingerprints from two individuals, allowing it to work in systems that require authentication from more than one person. Ross presented the research at the Workshop on Information Forensics and Security in Foz do IguaƧu, Brazil, earlier this month.

No comments:

Post a Comment