A Biometric Security Model for Mobile Applications SORIN SOVIANY 1 , SORIN PUSCOCI 1 , VIRGINIA SANDULESCU 1 , CRISTINA SOVIANY 2 Communication Terminals and Telematics (T.C.T.) 1 National Communications Research Institute (I.N.S.C.C.) 1 Bd. Preciziei, No. 6, Bucharest 1 ROMANIA 1 Features Analytics 2 2, rue de Charleroi 1400 Nivelles 2 BELGIUM 2 sorin.soviany@inscc.ro 1 , sorin.puscoci@inscc.ro 1 , virginia.sandulescu@inscc.ro 1 , cristina.soviany@features-analytics.com 2 , http://www.inscc.ro 1 https://features-analytics.com/ 2 Abstract: - A biometric security model for mobile applications is defined. It is a low-complexity design with a security architecture including 2 biometric traits (fingerprint and iris). The fingerprint processing for feature generation is optimized on the mobile device, but the iris template optimization is performed on server. In both cases, the feature space is transformed to provide a suitable trade-off performance vs. complexity for a properly reduced dimensionality. The matching is based on a target-vs.-non-target classification in order to meet the requirements of an identification process in which only a target identity must be recognized. The target identity belongs to the mobile device owner. Key-Words: - security model, feature, data fusion, mobile application 1 Introduction The extending usage of the mobile applications is enabled by the technological advances in hardware, software and mobile networking. The mobility became a key factor for such applications design, requiring optimizations according to several constraints for processing, storage and transfer rate. A critical issue for the mobile applications is the security. The conventional data protection mechanisms are constrained in this case by the storage and processing limitations. The security issues for mobile applications are generated by the emerging of the new threats. The inappropriate usage of the mobile devices, the bugs within the new apps, the authentication issues, the client data sensitivity, the mobile communication networks vulnerabilities are a few reasons to develop innovative security solutions for mobile applications. The authentication remains one of the most important security mechanisms. For the conventional applications the multi-factor authentication is a common approach. The multi- biometric solutions (with several biometric traits) are already applied on large scale. The problem is how to use these methodologies for the mobile use- cases while ensuring at least the same performances as for the desktop apps under the specific constraints. In this paper, a biometric security model for mobile applications is defined, with design for low- complexity applications, using 2 biometric traits (fingerprint and iris). The feature space is transformed to provide a suitable trade-off performance vs. complexity for a reduced dimensionality. The matching is performed with a target-vs.-non-target classifier in order to meet the requirements of an identification process for a target identity belonging to the mobile device owner, supporting the secured access to an application service such as m-Banking or m-Health. The remainder of the paper has the following structure: Section 2-the general design of the security architecture for mobile applications; Section 3–the biometric data processing and experimental results; Section 4- conclusions. 2 The Security Architecture design for Mobile Applications 2.1 Actual technical developments As concerning the mobile devices with password- free security, there are already available smartphones including the biometric authentication. The biometric approach for the smartphone security started to be largely considered only since 2013. Sorin Soviany et al International Journal of Communications http://www.iaras.org/iaras/journals/ijoc ISSN: 2367-8887 85 Volume 3, 2018