Securing Identities through Biometric Template Security

Abstract

Biometric authentication systems provide multiple advantages over conventional authentication systems, which are based on tokens and passwords. However, they still have some limitations, which primarily include the issues related to the security and privacy of the biometric template stored in the system. This poses a great challenge on the biometric systems as the user’s biometric data is not changeable, unlike passwords, if an adversary steals it. Moreover, it has been discussed in the literature that the reconstruction of biometric data is feasible in many cases from an original biometric template. Hence, if it is compromised, it will be a permanent loss of a user’s biometric data. In order to provide the security and privacy of the biometric data, various biometric template protection (BTP) techniques have been proposed. The critical aspect of these techniques is that the encrypted or transformed biometric template of a user is stored in the database instead of the original biometric template. In order to do that, the original biometric template is transformed in such a way that it is infeasible to reconstruct the original biometric data from the transformed template if it is compromised. The BTP techniques can be mainly classified into two categories, which are biometric cryptosystems and cancelable biometrics. The biometric cryptosystems combine the cryptographic key with the original biometric template or directly generate the key from the original template for securing the original biometric template. On the other side, the techniques based on cancelable biometrics introduce some distortions into the original biometric template before storing it into the database. These distortions are obtained with the help of a transformation function such that it is infeasible to reconstruct the original biometric data from the transformed template. Besides this, there are a few more techniques, such as hybrid approaches and Homomorphic encryption, which have been discussed relatively less in the literature. Hybrid approaches are the combination of cryptosystems and cancelable techniques or multi­modalities, whereas Homomorphic encryption relies on an encryption-based approach. There are some essential properties, such as revocability, diversity, security, and performance, which need to be followed to determine the overall effectiveness of a BTP technique. This chapter provides a detailed discussion on all these aspects of biometric template security. © 2025 by Apple Academic Press, Inc.