Biometric Signature

The Biometric Signature, for the last several 
hundred years,signatures have been recognized
using thesimplest possible method: visual matching. 
If the signature in question closely matched the 
appearance of a known sample, it would be judged to
be from thesame person as the known sample. 
As we became more sophisticated about signatures
and dealing with forgeries, we started looking at
nuances of the shaping, strokes, and pressure when
possible. For example, an original signature
(one that has not been reproduced by photocopying,
 faxing, or other means) retains details such as the varied pressure applied to the 
paper whilethe signer was creating it. Using sensitive instruments, we can actually
measure the depth of the slight groove created as the pen moved across the paper.
Depending on the paper, you can also measure the speed of the pen in various
areas of the signature, depending on how the ink bleeds into the surrounding
paper because slower strokes deposit more ink, which bleeds more. Strokes
that leave the paper also tend to trail into a thin point rather than ending
abruptly. The way this happens varies from person to person.


Many of these items are fodder for biometric signature recognition, since
they can also be measured directly while the signature is collected. Wet ink
signatures can also supply other factual aspects that signatures collected
purely electronically cannot — for instance, ink composition and color, paper
absorption and bleed, and the aging characteristics of some inks. Although
these chemical and physical characteristics are interesting and useful for
authenticating signatures from historical documents or paintings, they’re not
all that helpful in authenticating a credit-card transaction.



The most basic form of signature recognition for biometrics is quite similar
to what happens in fingerprint biometrics. We call this basic form an imageonly
signing — only the image of the signature itself — to authenticate the signer.biometric signature since we are not using anything about the act ofThe method collects various characteristics of the signature from a known
signature sample (or multiple samples) and compares their characteristics to
the sample presented for verification or authentication.


Full comparison of any two signatures will almost always fail, since it’s nearly
impossible for anyone to exactly duplicate a signature. Minor variances in
paper, ink flow, pen weight, and muscle control will nearly always introduce
variations between any two signatures, even from the same person.


To deal with these variations, signature comparison algorithms use other
characteristics to help correctly identify authentic signatures. In later sections
of this chapter, we explain how movement and pressure are used to
help with this process; right now we are primarily concerned with the physical
image of the signature.


Although any two signatures from the same person may not be identical, the
relationships between the letters, the relative sizes of loops and character
spacing should match. For example, if your lowercase letter t is exactly threequarters
the height of your letter l, that ratio will generally remain constant
across all your signatures. Are the two letter ts in Littleton crossed with a single
stroke or with two? From the left or the right? Do you pause after the second t
for the cross-stroke, or wait until the end? Do you bother to dot the i or leave it
undotted? Is your i dot a speck, a line, a circle, or more comma-shaped? Each
of these characteristics, though it may differ somewhat from the sample, will
be repeated in ways that can be compared to the original and authenticated.


Letter shape is also an obvious place to look for uniformity and biometric
Signature uniqueness, but in many cases it’s behaviorally less distinct 
than other gross characteristics of the physical form of the signature.

Where You Will See Facial Recognition Biometrics

Probably the best-known use of facial biometrics was at the 2001 Super bowl in
Tampa Bay, Florida. The idea was that the Super Bowl was a high-profile target
for terrorist attacks — and if officials were to capture images of 100,000 people
as they walked through turnstiles and other checkpoints, then they could use

 facial biometrics to compare those images to a database of known criminals —

and, in the event of a positive match, arrest them before they could start doing
anything harmful.

Privacy advocates raised alarms at the idea of monitoring and identifying
100,000 private citizens without their knowledge or permission, but it turns
out that both sides kind of had the wrong idea. Privacy folks didn’t mention
that to be recognized (identified) by any biometric system, you must first be
enrolled — that is, your biometric information would already have to be
stored in the system. 99.9 percent of the people entering the stadium were
not enrolled anywhere, much less in a criminal database so their privacy was
relatively unharmed. The officials needed to remember that under those capture
conditions, you’re lucky to authenticate a known face; actual identification
is very difficult.

A live test of facial recognition at Palm Beach International Airport in 2002
failed to match volunteer employees (who had been enrolled in the system)
about 53 percent of the time. Problems cited included eyeglasses, imaging
angle, subject movement, and lighting. In a test that included 5,000 passengers
and a database of 250 photographs, the system raised false alarms about
two or three times an hour — and failed to identify anyone correctly.

Facial recognition is at its best in controlled conditions when comparing images
taken under identical conditions. Although that sounds pretty restrictive, it’s
commonly used by law enforcement to compare mug shots to pictures acquired
for this purpose — and, in some cases, to compare ID photographs from passports
or driver’s licenses to samples gathered in controlled conditions.

Understanding The Biometric Basis For Facial Imaging Biometrics

Facial-imaging biometrics are based, as you might think, on comparing information
from two digital images of faces to see whether they match. The problem is
that faces offer all sorts of challenges when you try to make direct comparisons,
so you should note the careful language in the previous sentence — “information
from two digital images” is not the same as “two digital images.”

For a good example of why we can’t just take two pictures and see whether
they’re identical, take a look at the angelic picture your sibling sent you of
your four-year-old nephew. Now, hold that picture up and suggest to your
nephew that he make the most horrible scary face he can, without using his
hands or artificial fangs. (As a side project, take a picture of this new face and
send it back to your sibling, titled “Reality.”) Do you think that these two pictures
would indicate these are even the same species when compared
directly to each other? Typical changes to facial appearance that would
throw off direct image comparison include (but are likely not limited to)

 Addition or removal of facial hair
 Body piercing
 Change in hair style
 Makeup
 Lighting changes from original image
 Different angle from original image

 Expression

 Tanning, black eyes, general pigmentation changes

Because it’s really not possible to rely on directly comparing the images pixel
by pixel, scientists have spent quite a lot of time figuring out how to represent
the essential information in a face mathematically so that they can correct
for cosmetic and imaging differences. The math is fairly intricate and not
appropriate for this book, but we include a short description of the principles
involved for the three main methods used in facial recognition.

Understanding The Biometric Basis For Fingerprints

An image of the pattern of ridges and furrows that cover our hands, feet, and fingers can be optically captured at a point in time when we’re certain of the identity of the provider, and then later compared to a new image to authenticate that user. Although fingerprints change size as we grow, the structure of the ridges and furrows doesn’t change at all over time, except for essentially mechanical alterations such as cuts or scars.

We use our hands a lot, so the possibility that our prints become marred by
damage, temporary or otherwise, is much greater than that of damage to,
say, our eyes or facial structure. Physical damage to your fingertip means it
doesn’t look the same as when you captured your print for identification —
and the system may reject your identification if it can’t exactly match one or
more of the unique characteristics.

Although — in theory, anyway — we could use any portion of our feet and
hands that have identifying characteristics, in practice the tips of each finger
or thumb are the easiest to position for imaging. They’re so easy, in fact, that
each of us leaves perfectly legible copies of our fingerprints on objects we
touch all the time — as many criminals have learned the hard way. While this
makes finger- and handprints very convenient as a biometric identification, it
also makes finger- and handprints among the best-documented (and most
generally available) biometric identifiers we have.

Fingerprint, and by extension palm-print, readers come in essentially three
forms:

Optical: These work much like a regular image scanner, where a light
source is used to illuminate the surface of the scanner area and a chargecoupled
device array collects an image of the illuminated surface.

Thermoelectric: Thermoelectric scanners use substances that electrical
properties are influenced by localized heat sources (like your finger) and
read the electrical variances in the surface to acquire an image of the
fingerprint.

Ultrasound: Ultrasound imaging of fingerprints bounces very high
frequency sound waves off the three-dimensional structures of your
fingerprint and records the 3D model acquired.

The Encoded Biometric Schemes

Classical biometric systems require access to enrolled

templates in unencoded form. This differs from traditional

computer security systems where a raw password

need never be stored. Instead, a cryptographic

hash (one-way function) of the password is stored, and

each new test password is hashed and compared with

the stored version. Since such cryptographic techniques

provide important protections, there is great incentive

to develop analogous methods for biometric

systems. Encoded biometric schemes are designed to

avoid these problems by embedding the secret code

into the template, in a way that can be decrypted only

with an image of the enrolled individual.

Since the code is bound to the biometric template, an

attacker should not be able to determine either the

enrolled biometric image or secret code, even if he

had access to the biometric software and hardware.

Such technology would enable enhanced privacy

protection, primarily against secondary use of biometric

images It would also reduce the vulnerability of

network protocols based on biometrics. Biometrically

enabled computers and mobile phones currently

must hide passwords and keys in software; biometric

encryption would protect against this vulnerability.

Another interesting application is for control of access

to digital content with the aim of preventing copyright

infringement. Biometric encryption systems are not

widely deployed; research systems still suffer from

high error rates and slow processing speed. However,

such systems offer some compelling benefits for many

applications, and research is active.

Cancelable biometric features are encoded with a distortion

scheme that varies from application to application. The concept

was developed to address the privacy and security

concerns that biometric features are not secret and

cannot be canceled. During enrollment, the input biometric

image is subjected to a known distortion controlled

by a set of parameters. The distorted biometric

sample can, in some schemes, be processed with standard

biometrics algorithms, which are unaware that

the features presented to them are distorted. During

matching, the live biometric sample must be distorted

with the same parameters, which must be security

stored. The cancelable nature of this scheme is provided

by the distortion, in that it is not the user’s

‘‘actual’’ biometric which is stored, but simply one of

an arbitrarily large number of possible permutations.

The concern with cancelable biometric features is

the security of the storage and transmission of the

distortion parameters.

Biometric cryptosystems are designed to overcome many

security issues in traditional biometric schemes by avoiding template

storage and the match stage of biometric processing.

Instead, the biometric features are bound to a secret

key that is designed to be recoverable only with a

biometric image from the enrolled individual. Clearly,

the key difficulty in the design biometric encryption

systems is the variability in the biometric image between

measurements; the presented biometric image

cannot itself be treated as a code, since it varies with

each presentation.

The earliest biometric encryption system was proposed

by Soutar et al.Enrollment creates a template

binding a secret code to the multiple sample

images. During decryption, an error correcting scheme

based on Hamming distance is used to allow for variability

in the input image. Similar schemes were

proposed for voice passwords and iris images.

A significant body of work on biometric encryption

has been done in the cryptography community,

much based on the fuzzy vault construction of Juels

and Sudan. This scheme allows a cryptographic

encoding with a variable number of un-ordered data

points, which makes it suitable for fingerprint minutiae.

Clancy et al.designed a fingerprint algorithm

that encodes the secret as the coefficients of a Galois

field polynomial. Minutiae points are encoded as

coordinate pairs, and numerous ‘‘chaff ’’ points are

added. During key release, the points closest to the

new minutiae are chosen, and the key estimated

using an error correcting scheme.

Encoded biometric schemes potentially offer some

important advantages in security and privacy, since the

template does not need to be available in unencrypted

form. However, little work has been done to study the

security of biometric encryption schemes. Uludag

et al. [21] note that most proposed biometric encryption

systems only appear to account for a ‘‘limited

amount of variability in the biometric representation.’’

They suggest that many biometric encryption systems

can be attacked simply via the FAR, by presenting

biometric samples from a representative population.

A cryptographic attack of biometric encryption was

developed by Adler, based on using any ‘‘leaked’’

information to attempt a hill-climbing of the biometric

template. Overall, while biometric encryption

offers significant promise, there is little understanding

of the practical applicability and security of these

systems.

Protecting Biometric Data

Do you trust the management of the great big MegaFudCorp to safeguard your personal information? Well, we give such companies our credit- or bank-card information all the time — so what’s the big deal with a little bit of biometric data? The difference is that you can
cancel your credit card, but your unique biometric data changes slowly (or doesn’t ever change) — and once someone has it, there’s no way to make it invalid. Although it’s easy for organizations to acquire information, it’s quite another matter to completely purge that same information.

This concept is really at the heart of several battles over biometric identification
systems proposed everywhere. From the perspective of the person or company
collecting biometric information to identify or authenticate you, it’s the same as
a password or a challenge response. (You know the typical gambit: “What’s your
mother’s maiden name?”) For you, it’s potentially a key to your finances, front
door, and medical records all rolled into one — which can never be recalled or
changed if it’s stolen. No surprise if you consider this data critical to protect —
but it would also be no surprise if MegaFudCorp didn’t consider it nearly that
critical.

Proponents of using biometrics have good arguments for why this isn’t as big a
problem as it may sound — especially for the most widely used technology, fingerprints.
Fingerprint-identification systems almost never actually store a fingerprint
in its entirety; instead, they only store a few data points that correspond
with the representation of minutiae that the system chose as best for identification
purposes. Since you don’t have the actual picture of a fingerprint, the theft
of the fingerprint data isn’t a problem, right? With fingerprints, a hash of the
print data is all that’s really required for authentication, but identification really
requires the whole print to be available since a one-to-many match can require
additional analysis. A hash function takes relatively complex information (like
your fingerprint information) and turns it into an integer (the hash) which can
be used as an index — in this case, an index into a biometric database.

Without the original fingerprint image, you couldn’t re-create a fingerprint
that would fool a human examiner for long, but theoretically you could create
a bogus print that would fool the specific system that collected the data.
Since you know what it’s looking for, that’s all you really need to re-create.

For most of the other forms of biometric information, a lot more detail is captured
and stored, but they are in turn far harder to imitate or falsify. For those
forms, though, possession of the information is the direct harm to your privacy.
There’s no good reason anyone that you haven’t shared it with should know
about the vein structure of your hand or the metal pin in your index finger

Introduction To Face Device

A face device is a system to acquire a set of digital data
samples representing a human face. As the human face
is a complex 3D object, the data can be in several
forms: a 2D image where the gray levels of the pixels
represent the projected reflectance of the face surface
under visible illumination; a 2D image where the gray
levels of the pixels represent the projected reflectance
of the face surface illuminated with an active source;
a 2D thermal image representing the heat emitted by
the face surface; 3D samples of the surface structure.

Face devices can be distinguished on the basis of
the data dimension if it is active or passive. Face
devices can be passive, i.e., based on the passive reflectance
of ambient light by the body, or active, i.e.,
associated with an energy emitter and a sensor to

capture the energy reflected by the face. The data
captured can be either in 2D or 3D form.

A face device can be based on different technologies,
depending upon the data to be captured and the
signal to be obtained. The most applied face devices
include a video camera to capture 2D images of the
face and a digitizer to sample and quantize the analog
signal generated by the camera. Different face devices
deliver different signals to be digitized into 2D or 3D
data. The data captured can be stored under different
file formats for subsequent processing.

Current face biometric systems are based on the acquisition
and processing of image data, representing a
human face. A face acquisition device is typically
a video camera capable of acquiring single images or
video streams of data, representing a face. As the face is
a 3D object, the acquired data can represent either the
2D projection of the face reflectance on the image
plane or a set of 3D samples of the face structure,
possibly with the associated reflectance. In the former
case, a conventional video camera can be used to
acquire images of face. In the latter case, a more complex
3D acquisition device must be applied.