BioSec: Biometrics and Security in the 6th Framework Programme IST-2002-001766

1. BioSec: Biometrics and Security in the 6th Framework Programme IST-2002-001766 BioSec Biometrics & Security Orestes Sanchez BioSec Coordinator Telefónica I+D, S.A.U.

2. Biometrics: Open issues • Biometrics is a key technology for • improving security and trust • Privacy enhancing • Ambient intelligence Space • Open Issues: • Unsatisfactory level of performance for some biometrics • Lacking reliability and security of sensor technology • Inapplicability of unimodal biometric systems on very large databases • Performance evaluation of biometric systems changes from method to method • Knowledge production is not coordinated • Research/market fragmentation as a result of missing coordinated actions. • Lack of interoperable and reliable biometric data storage • Establishing standards in biometric systems in all system components • Reluctance of users to accept biometry as a trustable, reliable technology • Biometric systems are lacking user point of view, both in ergonomics and in usability • Legal issues concerning the protection of user privacy and rights on biometric data

3. BioSec • BioSec: Biometrics and Security • FP6 IST Integrated Project IST-2002-001766: • Towards a global dependability and security framework • Starting activities 1st December, 2003 for two years. • Security in BioSec means improvements in the following areas through devices, systems and scenarios implementation: • Usability and acceptance security perception • Designing for Trust and Confidence • Robustness and Performance • Physical and logical security • Law fulfilment

4. BioSec Objectives • Enable new technology development in basic biometric technologies to leverage security, across biometric authentication chain • Put the technology to work and to meet requirements of real world applications • Contribute to definition and adoption of standard and interoperable solutions in biometrics and ID Tokens. • Develop effective solutions for secure biometric template storage and match-on-tokens • Two selected scenarios: • physical Access • remote access • Performance, usability and acceptability evaluation with sound and scientific procedures. • Collection of Multiple-biometrics database

5. Template storage and match-on-token • Leverage the use of secure personal biometric storage and providing solutions to overcome the need of centralized biometric databases • Put biometrics under user control. • Enabling privacy preserving scenarios • Develop Biometric ID Tokens: Smart Cards and USB-Tokens • Interoperable a Token Application Program Interface. • Explore the integration of biometric template data formats • Robust and secure template storage and transmission in and out • Integrate Matching Algorithms on the Token • Strong liaison with eEPOCH (FP5-IST) partners

6. Acceptance and Usability First phase studies on acceptance and usability of biometric technology • Cross cultural study (Finland, Spain, Germany) • Crucial result: German participants are better acquainted with biometric security systems than Finnish and Spanish participants, also they express less concerns with regard to centralised data storage • Field study (Vantaan Airport) • Crucial result: Usability and acceptance of the fingerprint system was high, perceived drawbacks are slowness and low reliability during first trial • Laboratory study (Mediascore Lab Cologne) • Crucial result: participants´ acceptance increases after first usage, a number of variables (gender, age, expertise) mediate the evaluation of biometrics

7. Current status (Nov 2004) • Sucessfull first year. • Technical achievements: • Specification of interoperability framework: sensors and storage. • First prototypes: • aliveness detection in fingerprint, • 3D recognition, • Voice noise models, • Iris recognition. • Match-on-Token • Multiple-biometrics database acquisition tools. • Two scenario setups: • Network access with remote authentication. • Physical access: Helsinki airport.

8. Steps for 2nd year • Proof of concept of BioSec technologies • Evolve prototypes of sensors and biometric storage. • Comparative study with first stage results: • Usability and acceptance • Interoperability: final version of BioSec API. • Performance evaluation. • Improve tools for multiple-biometrics algorithms research • Physical access: • Interoperation of components and systems in real usage situation • Remote access: • Biometric authentication in new applications and security vulnerabilities • Standardisation

9. User-centred issues: Legal framework. Identify acceptance barriers. Cross-European studies. Education. Technical: Fusion of multimodal biometrics. Aliveness detection. Robustness. Storage. Certification: Evaluation of performance. Interoperability. Security. Applications: verification of identity in new areas: e-Government, e-Health, e-Everything. Scenarios for AmI Space Networked applications Every-day applications: private identification Biometric in electronic signature Biometric encryption ROI and cost estimation Challenges ahead

10. Further contacts • Coordinator • Orestes Sanchez • Telefónica I+D, S.A.U. • E-mail: biosec-coord@biosec.org • Website: www.biosec.org • Biometrics Standard Observatory • BioSec Office: biosec-office@biosec.org • BioSec Interest Group • Early notification about BioSec project news • Public results of the project • BioSec Newsletters