Title: Secure cloud-based biometric authentication utilising smart devices for electronic transactions

Authors: Bobby L. Tait

Addresses: College of Science, Engineering and Technology, University of South Africa, Private Bag X6, Florida, 1710, USA

Abstract: The release of the latest iPhone device by Apple, named the iPhone 5s which incorporates a fingerprint-based biometric scanner, was met with a lot of criticism from the security and privacy community. It was soon demonstrated that the biometric reader on this new iPhone is just as vulnerable to spoofing attacks as devised by researchers such as Matsumoto et al. (2002). It is an excepted fact that making use of biometrics for effective security during the identification and authentication process is not recommended (Woodward and Orleans, 2004). People leave latent biometric prints of their fingerprints on everything they touch. Biometric technology is vexed with this problem - a biometric characteristic is not essentially covert, as people deposit their biometric characteristics in various ways in the environment they interact with. This paper proposes an approach to allow a person to use a smart device such as the iPhone 5s, for secure biometric authentication over a networked environment for secure electronic transactions. The paper illustrates that a smart device can be considered as a 'smart token', to address the security concerns associated with biometric technology.

Keywords: biometrics; iPhone 5; cloud security; cloud computing; biometric authentication; secure transactions; electronic transactions; spoofing attacks; hacking; smart tokens; smart devices; fingerprint scanning; smartphones; networks; transaction security.

DOI: 10.1504/IJESDF.2014.060170

International Journal of Electronic Security and Digital Forensics, 2014 Vol.6 No.1, pp.52 - 61

Received: 21 Oct 2013
Accepted: 22 Oct 2013

Published online: 27 Mar 2014 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article