5 October 2011 Biometric Technology Today Biometric options for mobile phone authentication There are a number of emerging options for biometric authentication via mobile phone, including fingerprint recognition via a mobile phone with a camera function, gait recognition and activity recognition. Looking first at fingerprint recognition, most of the latest mobile phones have embedded cameras and some of those have 5 megapixel– plus cameras. Many fingerprint recognition algorithms perform well on databases when the images have been collected with high resolution cameras and in highly controlled situations 1 . However recent research shows that the per- formance of a baseline system deteriorates from an Equal Error Rate (EER) around 0.02 % with very high quality images to EER of 25% from low quality images 2 . “An important question is which of the fingerprint authentication algorithms will work well with fingerprint images produced by mobile phone cameras” Research is still ongoing to improve recogni- tion performance. In applications such as fin- gerprint authentication using cameras in mobile phones and PDAs, the cameras may introduce image distortions, for example because of fish- eye lenses, and fingerprint images may exhibit a wide range of illumination conditions, as well as scale and pose variations. An important question is which of the fin- gerprint authentication algorithms will work well with fingerprint images produced by mobile phone cameras. Fingerprint reading is already being introduced and becoming accept- able on mobile phones. The Motorola Atrix mobile, released in February 2011, incorporates a fingerprint reader as an additional security feature. Users present their index fingers on both left and right hand. Additionally, research 3,4 has shown that by using low-cost webcam devices it is possible to extract fingerprint information, applying dif- ferent pre-processing and image enhancement approaches. Privacy concerns Privacy concerns over fingerprint recognition technology deployment in non-high security applications have been raised 5,6 slowing develop- ment of biometrics in the consumer market in recent years compared with the rapid develop- ment in the public sector such as border control, critical infrastructure access control, and crime There are at least two ways to alleviate these privacy concerns. Biometric template protec- tion 7,8 is one of the most promising solutions to provide both performance and privacy for biometric system users. The European Research Project Turbine 9 demonstrated a good result around both the performance and privacy of the ISO fingerprint minutiae template-based, privacy enhancement biometric solutions. For the consumer market, using customers’ own biometric sensors will also help alleviate privacy concerns. For applications requiring high security, subjects’ own biometric sensors may not be suitable for data collection unless the phone can be authenticated as a registered and ‘untampered with’ device in both software and hardware. However for the consumer market, the mobile phone is generally deemed a secure device accepted by many customers and many banking services send transaction password or PIN codes via SMS to customers’ phones. The technical challenges lie in quality con- trol around the samples captured by the phone camera, especially image processing aspects such as bias lighting conditions and an unsta- ble sample collection environment caused by handholding. In addition, most existing phone cameras are not designed for biometric use and accurate focusing will always be a challenge for fingerprint image capture. “The technical challenges lie in quality control around the samples captured by the phone camera, especially image processing aspects such as bias lighting conditions and an unstable sample collection environment caused by hand-holding” Fingerprint recognition may be an effective means of verifying the identity of the user of a mobile phone if it is made easy for the user while keeping the error rates in an accept- able and practical range. To address this issue, researchers at the Norwegian Information Security Laboratory created a fingerprint data- base using two different mobile phone cameras, the Nokia N95 and HTC Desire. An image database comprised of 25 subjects, from which fingerprint images were taken with a mobile phone camera. The database com- prised 3000 fingerprint images in total. The user initially presents his or her biometric characteristic (ie fingerprint) to the sensor equipment (the camera in a mobile phone), which captures it as a biometric sam- ple. After pre-processing this captured sample, features will be extracted from the sample. In case of fingerprint biometrics, these features would typically be minutia points. The extracted features can then be used for comparison against corresponding features stored in a database, which stores details from users who have enrolled into the system. The Neurotechnology Verifinger 6.0 Extended SDK commercial minutia extrac- tor was used for feature extraction. The SDK includes functionality to extract a set of FEATURE Mohammad Omar Derawi Mohammad Omar Derawi, Gjøvik University College Businesses and consumers are making increasing use of mobile phones to access corporate data and networks, along with products and services that may demand authentication. As personal mobile devices become more popular the user has come to expect the full range of services from the mobile Internet, as limitations around screen size and interaction capabilities have disappeared.