Multi Fingerprint Biometric Verification Using XML Web Services: A Funds Transfer Case Study Oksana Bachurina and Paul A. Watters Division of Information and Communication Sciences Macquarie University NSW 2109, Australia e-mail:
[email protected] Abstract: Next-generation identity verification systems will require the ability to integrate with numerous distributed applications and services during the authentication process. This paper describes the architecture, design and prototype implementation of a real-time verification system that exposes verification methods using XML Web Services. Keywords: Biometrics, authentication, XML Web Services.
1. Introduction The objective of this project is to develop a fully functional prototype of an XML Web Services system to conduct multi-fingerprint biometric verification operations in real time. The intention was that current systems would integrate with an existing banking infrastructure, allowing different types of users coexist and consume exposed Web Services in appropriate manner. The domain investigated in this project is an on-line banking application, providing users with an additional security, and preventing unauthorised usage of banking accounts. Due to the inherent flexibility of Web Services, it would be easy to integrate proposed authentication framework with other e-commerce applications, such as an on-line shopping web sites using credit cards payments. The system is designed around a logically centralized broker architecture. The initial version of the broker presented in the prototype of the system is responsible for handling all fingerprint verification operations including enrolment and matching. At a later stage, the broker could also include other Web Services responsible for entire fund/money transfer operations, thus shifting most of the processing done by the banks to the broker. Using the Web Services exposed by participating third party financial institutions (e.g. banks), the broker would be able to perform all checks which are necessary in order to authorise the transfer, including credit limits, balance and credit card details. The on-line banking account management system (bank’s back end system) developed as part of the prototype distinguishes between different types of users, making use of new biometric authentication services. Not all customers would want to expose their fingerprints in a biometric setting, even though a verification system is in place. The application presented in this project caters for three different types of clients: security level 0, being users who do not use fingerprint authentication for on-line transactions; security level 1, comprising users with single print authentication accounts; and level 2 users who participate in the double authentication / confirmation scheme operating at different operational stages. Users in levels 1 and 2 are able to enrol any fingerprint(s) of their choice. For level 2, this may be any combination of two prints, the choice of which will be known only to the user. Double authentication/confirmation approach may prevent any further attempt of accessing someone else’s account using dummy or latent fingerprints [1]. In this case, apart from knowing which fingerprints are to be used in order to gain an access to an account, the person trying to perform fraudulent actions will also have to know the right combination. Users holding an account with security level 2 will be able to use an authentication fingerprint in order to gain access to on-line banking system and view account details. The second confirmation fingerprint will be requested by the system each time a client transfers money or pays any third party bills. Though the system supports different levels of authentication, the main emphasis is on usage of combination of fingerprints as a new approach in biometric authentication [2]. Besides having such
Proceedings of the 6th International Conference on Recent Advances in Soft Computing (RASC 2006), K. Sirlantzis (Ed.), pp. 441-448, 2006
authentication in place the system will still request other details, such as username and login for online banking application and a card details for web sites which opt to use the Web Service exposed by broker. The broker performing fingerprint processing and matching will not hold or store any processed images, for reasons of security and privacy - all templates of the enrolled fingerprints will be held by the participating banks and are only used during verification process. All verification and pre-processing algorithms are implemented at the broker site, requiring that all participants have similar fingerprint capturing devices. This has been a limitation of the widespread adoption of biometrics in the past, but our expectation is that more fingerprint-enabled biometric devices will be released in the future, such as the Microsoft biometric keyboard [3]. The prototype has been developed using .NET technology to allow cross platform integration and implementation of Web Services. The scope of the current project is limited to producing a fully functional prototype for integration of on-line multi-fingerprint verification system. Only the essential functionality and data structures have been implemented to simulate a real life scenario of the confirmation approach in fingerprint authentication using services exposed by the broker. In our own testing, we have used a database of fingerprint images, rather than an actual optical scanner. Currently, the broker is tuned to process images with predefined quality and resolution – however, a clear limitation for pervasive deployment of such systems is the ability to deal with variation in image quality, alignment etc in real-world scenarios.
2. Assumptions A number of assumptions have been made regarding the operation of the prototype. It is assumed that each bank will either store an entire fingerprint image (in case of rejected prints) or a template in its database. It is also assumed that banks will expose all necessary Web Services to the broker in order to utilise broker’s verification facilities (but all image processing operations will be performed at the broker’s site). Advanced security protocols (e.g., WS-Security) and technologies (e.g., template encryption) have been not considered during prototype development. It is also assumed that Fingerprint Broker will be available on 24/7 basis, thus performance and availability are the two nonfunctional requirements given greatest attention. System data is exchanged in XML format, thus, participants will have to comply with a predefined schema. We have not provided details of associated modelling components (e.g., UML diagrams, DFDs) for brevity. In order to enable funds transfer, each participating financial institution will have to expose all relevant operations using Web Services, to allow the broker interaction and eventual support for e-commerce systems. Currently the prototype system allows adding a single additional holder for any account. Each account may have not more than one primary user and one secondary holder. Ideally, the holder will have limited rights (e.g. restriction on fund usage, or withdrawal). The algorithm for image processing and minutiae extraction has some fixed size constructs, such as array size. Though the size of every array is big enough to hold minutiae points from an average quality fingerprint, in some rare cases, a failure may occur where a submitted image was of unacceptable quality. All image processing has been done with the assumption of consistent quality standards at input. A security level (0, 1, or 2 as stated before) will be associated with each account, and not a particular user. Thus, where a client has an access to more than one account, (e.g. being a prime user for one account and a secondary holder of another), different authentication levels may be required.
3. Design The main responsibility of the broker is to handle authentication of the clients through verification of multiple fingerprints submitted from on-line banking application. Therefore the functionality of the broker is limited to the following options:
• Verification – the fingerprint broker will handle the entire process of matching an enrolled template obtained from the bank’s database, with the minutiae extracted from the print submitted by user [4]. This stage is omitted where such verification is not required (i.e., security level 0). • Handling and processing of client requests. • Caching of participating banks and service end points, allowing for dynamic invocation. • Conversion of extracted minutiae points data into string format suitable for storage in a database. This format is standardized and further used for matching purposes. Delimiters are used to separate different components of the template. The broker operates in a “process and forget mode” during fingerprint verification, thus, none of the processed fingerprints are stored or remembered by the broker for privacy and integrity reasons. 3.1. The Bank Every bank in order to be able to use the broker will have to subscribe to the services provided. The bank system comprises two modules which were developed to demonstrate the full integration of the proposed authentication scheme. The first module is an account management system used by the bank’s workers to carry out such management tasks as creating new accounts, setting up account’s details and security levels, adding an additional holder to an existing account, and enrolling user’s fingerprints. Since the main purpose of the project is to demonstrate how a biometric authentication using a combination of fingerprints could be used within on-line banking application, the bank system also includes some simplified funds transfer services exposed locally. These services handle the payments and perform necessary checks and updates on relevant accounts. The bank has two different databases: one to store account details, including fingerprint templates, and one to store rejected fingerprint records. 3.2. The Client An on-line banking application implemented on the client site demonstrates the functionality of the system, by providing a login interface to submit authentication data (username and password). In cases where an account implements security levels 1 or 2, an additional sub-application simulating a fingerprint scanner is invoked for fingerprint submission. A functional space to manage an account and perform transactions is provided, and funds transfer between different accounts that the user is authorized to access is permitted. In cases where a confirmation print is required, the transfer does not take place until the confirmation of the second fingerprint submitted from the user is received. Money transfers to third parties are also supported. A view details option also enables the user to check the details of a selected account. 3.3. High Level Design System use cases are summarised in Figure 1, while the high-level design is shown in Figure 2, and the corresponding activity diagram is shown in Figure 3. Fingerprints captured from the user are passed through the Internet banking application to the fingerprint broker, which then either enrols the fingerprints (for a new user) or matches them (for existing users). The enrolment service is used to process a fingerprint image and extract minutiae points required for matching. It uses Base64Encoding to transfer binary data captured from the client or from an accounts management system during the enrolment stage. The service returns an array of string type to be stored directly in a database or used for further matching. The service is optimised to be used with particular types of fingerprints which were tested during the development of the prototype. The outcomes of using the same web service with different images may vary as all of the processing has been particularly tailored to certain size and quality. The use case detail for logins is shown below. The match service is used to match the fingerprint submitted by the client during authentication (log in) or confirmation (fund transfer) stages. It accepts two sets of bifurcations and ridges from two templates and performs a match in real –time. It uses “brute force algorithm” which checks for all possible matches before a conclusion on similarity of fingerprints is made [5].
Use Case
Login
Goal
Verify client’s credentials (username and password)
Scope and Level
On-line banking applications
Preconditions
A user is an existing client of a particular bank and has a valid username and password set up for on-line banking application.
Success and condition
Users with level 0 of security (password only) are granted full access to the application. User with level 1 and 2 of security are prompted for further verification of identity. Access denied due to: • Username and/or password being incorrect • Authentication fingerprint has not been matched User (Client) Bank Fingerprint Broker User tries to log in Steps Actions 1. Enter username 2. Enter Password 3. Submit details to the system 4. Verify credentials 5. Enter the system
Failed end condition Actors Triggers Description
Includes Extends Sub-variation
None Verify (for authentication fingerprint) 4.1 Password and or username are incorrect. 4.1.1 Deny access 4.1.2 Return to login screen 4.2
Stakeholders and interests
Frequency of Use Case Level of Risk Priority
User has level 1 or level 2 security 4.2.1 Request user’s authentication fingerprint 4.2.2 Enrol fingerprint 4.2.3 Retrieve template from a database 4.2.4 Compare 4.2.5 If matched go to step 5 4.2.6 If not matched go to login (step 1)
User – tries to access application by providing needed credentials Bank – retrieves relevant user’s data Broker – performs matching of the submitted print and a template Very frequent (upon every login) High Very high
Figure 1. System Use Case Summary.
Figure 2. High Level Architecture.
4. Discussion This project investigated how on-line fingerprint authentication could be performed by a set of Web Services in conjunction with on-line banking applications in order to secure transactions. The challenge was not only to use a single fingerprint authentication – which does provide a greater security (in comparison with standards authentication methods) but which can be jeopardized by dummy fingerprints as presented in literature review – but also to demonstrate the use of fingerprint combinations. As stated previously, using a combination of fingerprints provides an additional layer of security for on-line fund transfers since as demonstrated in a prototype – apart from gaining an access to the system, a user will have to submit a confirmation print for every transaction made. One of the key challenges of the project was not to allow a broker to keep any type of sensitive data which may be hacked or accessed otherwise. Thus broker is implemented in totally “process-andforget” mode, not storing any data at all. All templates and any rejected prints are held in a bank database and retrieved only when required. The prototype proved that it is feasible to expose fingerprint authentication in a form of Web Services, as well as it is possible to use a combination of fingerprints as an innovative approach to biometric authentication in real-time. The project also demonstrated that different types of users are able to coexist within single banking environment thus offering biometric authentication to separate users who wish to protect their account with more reliable data than username and password. Having a biometric authentication system as presented in this project will potentially benefit all participating banks. However, while the widespread implementation of XML Web Services for banking may be emerging [6], the limiting factor for commercial implementation of this project is the relative scarcity of appropriate fingerprint scanning terminals. In some countries, such as South Korea [7], fingerprint authentication for supermarket purchases has been adopted, so the eventual deployment of similar devices worldwide will be a welcome eventuality.
Figure 3. Activity Diagram. Using Web Services implies that the system can be publicly available and independent from
particular platform, software or hardware, allowing different parties to integrate easily and with minimum changes to internal systems. A broker structure and shared use of the fingerprint authentication can also be used to justify initial investment in this technology. Generally, banks are not keen on installing such biometric systems due to high initial costs [8]. Being able to use the system in between many participants will bring down the investment to just a fraction of the possible price if biometric authentication system had to be installed by each bank individually [9]. The contribution of this project to the banking and biometric authentication areas is to provide a new approach to more secure identification of the clients by using a combination of fingerprints in collaboration with other types of existing security measures such as username and password. An innovative method of using a sequence of different fingerprints, may appeal to financial institutions as being preferable to a single-print authentication. Besides, as presented in the current prototype the system is able to handle equally all types of users, allowing the banks to present biometric authentication option only to willing clients and not as an enforcement of a new security policy. While many people still remain reluctant to biometric authentication seeing it as an invasion of privacy, some users are keen on using all kinds of preventive measure which may help to protect such sensitive data as bank accounts. Properly organized privacy agreements may encourage clients to adopt the scheme of biometric authentication as proposed in this project.
References [1] T. Matsumoto, Gummy and Conductive Silicone Rubber Fingers. ASIACRYPT 2002: 574-576. [2] R. Cappelli, D. Maio, D. Maltoni, L. Nanni, “A two-stage fingerprint classification system” Proceedings of the 2003 ACM SIGMM workshop on Biometrics methods and applications, ACM Press. [3]
Microsoft Corporation, Fingerprint http://www.microsoft.com/hardware/mouseandkeyboard/productdetails.aspx?pid=036, 29/3/2006.
reader. accessed
[4] D. Simon-Zorita, J. Ortega-Garcia, J. Fierrez-Aguilar and J. Gonzalez-Rodriguez “Image quality and position variability assessment in minutiae-based fingerprint verification” , IEEE Proc.-Vis. Image Signal Process., Vol. 150, No. 6, December 2003 [5] Nalini K. Ratha, Kalle Karu, Shaoyun Chen, Anil K. Jain, “A Real-Time Matching System for Large Fingerprint Databases” IEEE Transactions on pattern analysis and machine intelligence Vol. 19 No 8 August 1996 [6] P.A. Watters, Web Services in Finance, Springer, 2005. [7] “Korean customers pay with their fingers”, “EU visa system could be world’s biggest biometric project” Biometric Technology Today Volume 11, Issue 9 , September 2003. [8] “Woori Bank deploys biometrics at ATMs” Biometric Technology Today Volume 12, Issue 8 , September 2004 [9] “United Bankers'Bank authenticates customers online” Biometric Technology Today, Volume 12, Issue 6 , June 2004
