Title: Secure cloud-based biometric authentication utilising smart devices for electronic transactions
Authors: Bobby L. Tait
Addresses: College of Science, Engineering and Technology, University of South Africa, Private Bag X6, Florida, 1710, USA
Abstract: The release of the latest iPhone device by Apple, named the iPhone 5s which incorporates a fingerprint-based biometric scanner, was met with a lot of criticism from the security and privacy community. It was soon demonstrated that the biometric reader on this new iPhone is just as vulnerable to spoofing attacks as devised by researchers such as Matsumoto et al. (2002). It is an excepted fact that making use of biometrics for effective security during the identification and authentication process is not recommended (Woodward and Orleans, 2004). People leave latent biometric prints of their fingerprints on everything they touch. Biometric technology is vexed with this problem - a biometric characteristic is not essentially covert, as people deposit their biometric characteristics in various ways in the environment they interact with. This paper proposes an approach to allow a person to use a smart device such as the iPhone 5s, for secure biometric authentication over a networked environment for secure electronic transactions. The paper illustrates that a smart device can be considered as a 'smart token', to address the security concerns associated with biometric technology.
Keywords: biometrics; iPhone 5; cloud security; cloud computing; biometric authentication; secure transactions; electronic transactions; spoofing attacks; hacking; smart tokens; smart devices; fingerprint scanning; smartphones; networks; transaction security.
International Journal of Electronic Security and Digital Forensics, 2014 Vol.6 No.1, pp.52 - 61
Received: 21 Oct 2013
Accepted: 22 Oct 2013
Published online: 27 Mar 2014 *