Enhancing security and privacy in biometrics-based authentication systems
N. Ratha, J. Connell, R. Bolle
IBM Systems Journal, vol. 40, no. 3, 2001, pp. 614-634.
In recent years, there has been a significant surge in the use of biometrics for user authentication applications because biometrics-based authentication offers several advantages over knowledge and possession-based methods such as password/PIN-based systems. However, it is important that such biometrics-based authentication systems are designed to withstand different sources of attacks on the system when employed in security-critical applications, and more so in unattended remote applications such as e-commerce applications. In this paper we outline the inherent strengths of a biometrics-based authentication scheme and then discuss the security holes in these systems. Finally, we present new solutions for overcoming some of the remaining weak links in such systems.