Mitigating masterprint vulnerability a security threat to fingerprint biometric systems

Abstract

Biometric-based user identification and authentication systems have gained popularity over the traditional password-based schemes wherein the user must remember the secret information. Moreover, fingerprint biometric systems have received wide acceptance in gov ernment offices, academic institutions, and industrial applications due to their affordable cost, user convenience, and high accuracy. However, these systems become vulnerable to various threats due to the diverse components involved in the system. The work in this thesis is an attempt to explore the security aspect of fingerprint biometric systems. Initially, a six teen attack point-based threat model for a match-in-database fingerprint biometric system is proposed and compared with four existing models. The model depicted all probable threats to the system and its description provided the countermeasures for each attack scenario. The model is further employed to categorise the attacks into eight classes based on the vulnerable components. The main contribution of the dissertation focuses on the MasterPrint vulner ability. A MasterPrint is a partial fingerprint identifying at least 4% distinct subjects from the enrolled user’s database. In simple words, a MasterPrint illustrates a non-unique user identification by the system. As latent fingerprints collected from crime spots are usually partial, we experimented on a latent fingerprint dataset to investigate the possibility of La tent MasterPrint. The results revealed that Latent MasterPrint do exist.