An approach to improve the match-on-card fingerprint authentication system security

Abstract

The combination of smart cards and biometrics results in a strong 2-factor authentication. It facilitates a trusted credential for authenticating an individual's identity through one-to-one biometric verification using the smart card token. Fingerprint Authentication Systems (FASs) embedded in smart cards are gaining massive acceptance as it offers a superior level of security when compared to the conventional Match-on-Device (MOD) and Match-on-Server (MOS) technologies. The fundamental difference between the conventional FAS authentication process and FAS using smart card process is all about the authentication location. FAS authentication using smart card token is possible through four authentication approaches. They are the Template-on-Card (TOC), Match-on-Card (MOC), Work-Sharing On-Card (WSOC), and System-on-Card (SOC). Out of these four approaches, the SOC is considered as the most secure and expensive, whereas the TOC is considered as the least secure and least expensive. The MOC scheme offers a higher level of security than the TOC scheme at an affordable cost when comparing to SOC and is thus the most practical solution available today. Although this is the case, the MOC scheme is also susceptible to the inherent security vulnerabilities associated with biometric modalities in general. The front runner of the biometric vulnerabilities being the compromise of the original finger templates. This paper focuses on this critical vulnerability aspect and conceptualizes a novel Match-on-Card Fingerprint Authentication System. The proposed system does not need to store or transfer the original fingerprint template to/from the smart card and therefore facilitates an enhanced security than the conventional MOC approach