Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Bio Metrics in Secure E-transaction

Bio Metrics in Secure E-transaction

Ratings: (0)|Views: 246|Likes:
Published by nityanarla

More info:

Published by: nityanarla on Oct 23, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less





In the present day world, onlineshopping using WAP enabled mobile phone haswidely come into use. Credit cards serve as thecurrency during e-business and e-Shopping.As technology has advanced in thenegative side also hackers and spoofers stealmisuse credit card numbers, even though thenetwork has been made secure.So, in this paper, we have proposed amulti-biometric model (
integrating voice,fingerprint and facial scanning
) that can beembedded in a mobile phone, this making e-transactions more secure. The model is very costeffective as we have tried to use the hardwarealready present in the phone.This paper uses for 
image processing 
or facial recognization andfinger print.
A biometric system is a recognitionsystem, which makes a personal identification bydetermining the authenticity of a specific physiological or behavioral characteristic possessed by the user. This method of identification is preferred over traditionalmethods involving passwords and PIN numbersfor various reasons:
The person to be identified is requiredto be physically present at the point of identification.
Identification based on biometrictechniques eliminates the need toremember a password or carry anidentity.Depending on the context on which a biometricsystem works, it can be either classified as anIdentification system or a verification(authentication) system. Identification involvesin establishing a person’s identify whereas inverification involves confirming or denying a person’s claiming identity.
A multi-biometrics system is obtained bythe integration of multiple individual biometricsmodels. A numbers of models integrating handgeometry, keystroke dynamics, face and irisrecognition system have flooded the markets inrecent years.Here we present a multimodal systemthat can be embedded in a mobile phone, whichintegrates fingerprint, voice and facial scanning.It shuts down the problem of high FalseRejection Rate of facial scanners, eliminates thefooling of fingerprint scanners and overshadowsthe disadvantage of voice recognition models.
Introduction to Biometrics:
A wide range of biometrictraits can be employed:
• Fingerprints, the most commonmechanism• Iris• Retina• Voiceprint• Hand geometry• Palm prints (vein structure analysedvia IR light)• …
Extract features of thepresented trait and matchthe result against a storedtemplate:
• Process is lossy, matches areapproximate
Two Usage Modes forBiometrics:
Mode 1: Access control:
• Only this exact person is allowed in• Primary identifier uniquely identifiessomeone– Personal ID (public value)– PIN/password (private value)• Biometric backs up the primary ID– 1:1-match biometric check weeds outthe majority of impersonators– Match only this one identified personand no-one else
Mode 2: Identification
• Inexact match used to find things – Find one of 3 million people (DHS terroristlist) from a population of 6 billion• Real-life analogy: “Was this the person whorobbed you” vs. “Find the person who robbedyou in these 25 shelves of books of mugshots”• The answer to all your terrorism problems
Mobile phones have ceased to beexclusive status of the high class and, today has become an indispensable electronic gadget in thelife of many. The main reason for their higher market penetrations in recent days is their incredible array of functions at an affordablecost. Apart from setting remainders and sendinge-mails, they are also used in
SMS messaging
Telemedicine and teleconferencingThus, these phones with wideroaming facility prove to be a really versatiledevice Nowadays, shopping through the internethas become very popular and
surely, a WAPenabled mobile phone provides the
facilities toconsumers to shop online. Credit cards continueto be an efficient tool for online moneytransactions. But, on the other hand, credit card’snumber can be stolen on its way to its destinationand can be misused by hackers. Thus, e-Businessthrough a mobile phone becomes insecure.Also, a report in www.download.com  stated that much anti-fraud Software, like those provided by ArticSoft and ISC, created a back door entry and were largely involved in dataspoofing. In addition to this, many user andcompanies were prone to the attack of manyviruses and Trojan horses.With so much of problems faced, theservice provide turned their attention towards biometrics to prevent data spoofing and to provide secure e-TransactionsThough security applications that verify a person's identity based on their physical
attributes, such as fingerprint readers or irisscanners, have been in use for some time, biometric security has only recently started toappear in mobile phones, PDAs and notebook computers where the need for miniaturizationrepresents a technological challenge.So far biometric data has been used to tie thedevice to a person to prevent it from being usedillegitimately if lost or stolen. But the IST projectSecurePhone is taking a new approach,employing physical attributes to enable the user to digitally sign audio, text or image files, providing proof of their origin and authenticity.Although existing communications infrastructure based on the GSM, GPRS and UMTS mobilesystems provides a secure means of communication, it lacks
any robust method of user identification. Text, audio and image filescan be sent by anyone to anyone with noauthentication and there are no guarantees the person you are talking to in a phoneconversation, if you've never met them before, isreally who they claim to be.The upshot is that data exchanged over mobiledevices is of limited use for legally bindingtransactions even though mobile devices, giventheir ubiquity, would be a prime candidate for carrying out e-commerce (or m-commerce),managing business processes such as signingcontracts or even in securing the exchange of data in e-healthcare and e-government systems.A digitally signed and authenticated voicerecording during a telephone conversationwould, for example, give the speaker's wordslegal value."The aim is to enable users to exchangeinformation that can't be disputed afterward.That could be a voice recording that isauthenticated to eliminate any doubt about whothe speaker is, what they actually said and provethat it has not been manipulated," Ricci explains."To achieve that it is necessary to digitally signthe data and to ensure that only the legitimateuser can perform the signing."The system developed by the SecurePhone project partners consists of two main elements.The first, an authentication module, uses biometric security applications to verify theuser's identity. That in turn gives them access tothe second module which digitally signs the datausing a Public Key Infrastructure (PKI).The system, which is designed primarily for PDA-phones but could also be used in newgeneration smart phones and WiFi-enabledPDAs, offers three methods of biometricidentification. One employs the digital camerasthat have become commonplace in mobiledevices along with a face recognition applicationto identify the user based on their facial features.Another uses voice recognition software – alsodetecting any asynchrony between speech and lipmovements - and the third verifies thehandwritten signature of the user on the device'stouch screen. The three methods are used incombination to enhance the overall levels of security and reliability, and most importantlythey require no hardware additions to mobiledevices.
Facial recognition is considered to be one of themost tedious among all scans. Further, difficultyin acquisition of face and cost of equipmentsmake it more complex.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->