Posted in | News | Sensors General

A New Highly Secure and Portable Biometric Authentication System

EPFL's Security and Cryptography Laboratory collaborated with startup Global ID to formulate an encryption method for processing biometric data taken via 3D finger vein recognition – a system that is next to impossible to forge.

(Credit: Copyright 2017 EPFL / Alain Herzog)

It is very easy to counterfeit fingerprints, and existing biometric authentication systems are not adequately secure. That is the assessment of EPFL researchers researching biometric identification through vein recognition – a system that could be mainly useful for law enforcement, hospitals, and even banks.

Together with the startup Global ID, the EPFL team has developed a lot more secure identification system that processes data more safely than existing standards and that leverages 3D vein imaging technology created by the Idiap Research Institute in Martigny, the University of Applied Sciences in Sion (HES-SO Valais-Wallis) and Global ID.

Revolutionizing ID systems

2D vein recognition technology is already used throughout the world, but the system has its flaws. With 3D analysis, the risk of counterfeits is essentially non-existent since we all have different veins.

Lambert Sonna Momo, the founder of Global ID.

When someone places their index finger on the sensor, the vein scanner identifies them.

This scanner is portable and has potential for use in a wide range of applications, from border controls and financial transaction authentication to identifying patients in hospitals. Actually, efforts are already underway in this regard at Geneva University Hospitals and the University Teaching Hospital of Yaoundé in Cameroon.

Protecting your private life

An important aspect of confirming someone’s identity using biometrics is protecting their private data, which is the challenge at the core of EPFL’s project. "Guaranteeing data security is crucial, such as when countries want to store their data abroad," says Sonna Momo. To address this issue, Serge Vaudenay's Security and Cryptography Laboratory designed a system that uses homomorphic encryption: the scanner and identification mechanisms process the data without really decrypting them, so that people's data stays confidential.

The process thus eliminates the possibility of data being stolen when a person's biometrics are being gathered and verified. For instance, the scanners currently used at airports save the biometric data directly on the device in case the data is required again. And because of the innovative communication algorithms developed at EPFL, if any data is stolen, it is instantly traced back to the device from which the data was leaked.

Applications for developing countries

The system’s robustness makes it a particularly appealing solution for developing countries.

The current systems don't take into account these countries’ specific needs – their infrastructure is sometimes lacking and weather conditions can make things difficult.

Sonna Momo.

The moderately inexpensive scanner (at about CHF 300) was tested on numerous people in Cameroon this February so as to expand the algorithms' accuracy to include all skin types.

Global ID is focused on creating a manufactured prototype for potential investors by this summer, and in the medium term, the startup company plans to offer "identification as a service" to governments and hospitals. That way, the identification system could be swiftly put into operation without an upfront investment in personnel or infrastructure.

A more secure biometric authentication system

Tell Us What You Think

Do you have a review, update or anything you would like to add to this news story?

Leave your feedback
Your comment type

While we only use edited and approved content for Azthena answers, it may on occasions provide incorrect responses. Please confirm any data provided with the related suppliers or authors. We do not provide medical advice, if you search for medical information you must always consult a medical professional before acting on any information provided.

Your questions, but not your email details will be shared with OpenAI and retained for 30 days in accordance with their privacy principles.

Please do not ask questions that use sensitive or confidential information.

Read the full Terms & Conditions.