Though security applications that verify a person’s identity based on their physical attributes, such as fingerprint readers or iris scanners, have been in use for some time, biometric security has only recently started to appear in mobile phones, PDAs and notebook computers where the need for miniaturisation represents a technological challenge.
So far biometric data has been used to tie the device to a person to prevent it from being used illegitimately if lost or stolen. But the IST project SecurePhone is taking a new approach, employing physical attributes to enable the user to digitally sign audio, text or image files, providing proof of their origin and authenticity.
“As far as we know there is no other biometrically-enabled digital signature application available for mobile devices that can guarantee security by storing and processing all sensitive information on the device’s SIM card,” explains SecurePhone technical coordinator Roberto Ricci at Informa in Italy. “Because biometric data never leaves the device’s SIM card and cannot be accessed, except by the verification module which also runs on the SIM card, the user’s biometric profile is completely safe. This is important to meet the highest privacy requirements.”
Although existing communications infrastructure based on the GSM, GPRS and UMTS mobile systems provides a secure means of communication, it lacks any robust method of user identification. Text, audio and image files can be sent by anyone to anyone with no authentication and there are no guarantees the person you are talking to in a phone conversation, if you’ve never met them before, is really who they claim to be.
The upshot is that data exchanged over mobile devices is of limited use for legally binding transactions even though mobile devices, given their ubiquity, would be a prime candidate for carrying out e-commerce (or m-commerce), managing business processes such as signing contracts or even in securing the exchange of data in e-healthcare and e-government systems. A digitally signed and authenticated voice recording during a telephone conversation would, for example, give the speaker’s words legal value.
“The aim is to enable users to exchange information that can’t be disputed afterward. That could be a voice recording that is authenticated to eliminate any doubt about who the speaker is, what they actually said and prove that it has not been manipulated,” Ricci explains. “To achieve that it is necessary to digitally sign the data and to ensure that only the legitimate user can perform the signing.”
The system developed by the SecurePhone project partners consists of two main elements. The first, an authentication module, uses biometric security applications to verify the user’s identity. That in turn gives them access to the second module which digitally signs the data using a Public Key Infrastructure (PKI).
“Rather than relying on something you possess – you can forget a PIN code or write it down and lose it – biometric security relies on what you are,” Ricci notes.
The system, which is designed primarily for PDA-phones but could also be used in new generation smart phones and WiFi-enabled PDAs, offers three methods of biometric identification. One employs the digital cameras that have become commonplace in mobile devices along with a face recognition application to identify the user based on their facial features. Another uses voice recognition software – also detecting any asynchrony between speech and lip movements - and the third verifies the handwritten signature of the user on the device’s touch screen. The three methods are used in combination to enhance the overall levels of security and reliability, and most importantly they require no hardware additions to mobile devices.
“The SecurePhone platform is entirely software based. This is important if it is to be adopted by device manufacturers as it keeps costs down and makes implementing it much easier. There is no need to add fingerprint or iris scanners. Instead, the system uses elements that already exist in the device and which serve alternative purposes as well, while the type of verification carried out is non-intrusive for the user,” Ricci says.
The project partners are currently working on the final integration of the system ahead of trials of a finished prototype that are expected to begin in August. Ricci notes that so far the different elements of the application have performed well during laboratory testing.
Despite SecurePhone’s focus on research, Ricci notes that the resulting application is commercially appealing and that the project partners are planning a further project with the aim of bringing the technology to market.
“We would probably aim at niche markets at first, such as busy executives, e-government or e-healthcare, and then expand from there,” he says.
Tara Morris | alfa
Drones learn to navigate autonomously by imitating cars and bicycles
23.01.2018 | Universität Zürich
Cloud technology: Dynamic certificates make cloud service providers more secure
15.01.2018 | Technische Universität München
Physicists have developed a technique based on optical microscopy that can be used to create images of atoms on the nanoscale. In particular, the new method allows the imaging of quantum dots in a semiconductor chip. Together with colleagues from the University of Bochum, scientists from the University of Basel’s Department of Physics and the Swiss Nanoscience Institute reported the findings in the journal Nature Photonics.
Microscopes allow us to see structures that are otherwise invisible to the human eye. However, conventional optical microscopes cannot be used to image...
On the way to an intelligent laboratory, physicists from Innsbruck and Vienna present an artificial agent that autonomously designs quantum experiments. In initial experiments, the system has independently (re)discovered experimental techniques that are nowadays standard in modern quantum optical laboratories. This shows how machines could play a more creative role in research in the future.
We carry smartphones in our pockets, the streets are dotted with semi-autonomous cars, but in the research laboratory experiments are still being designed by...
What enables electrons to be transferred swiftly, for example during photosynthesis? An interdisciplinary team of researchers has worked out the details of how...
For the first time, scientists have precisely measured the effective electrical charge of a single molecule in solution. This fundamental insight of an SNSF Professor could also pave the way for future medical diagnostics.
Electrical charge is one of the key properties that allows molecules to interact. Life itself depends on this phenomenon: many biological processes involve...
At the JEC World Composite Show in Paris in March 2018, the Fraunhofer Institute for Laser Technology ILT will be focusing on the latest trends and innovations in laser machining of composites. Among other things, researchers at the booth shared with the Aachen Center for Integrative Lightweight Production (AZL) will demonstrate how lasers can be used for joining, structuring, cutting and drilling composite materials.
No other industry has attracted as much public attention to composite materials as the automotive industry, which along with the aerospace industry is a driver...
08.01.2018 | Event News
11.12.2017 | Event News
08.12.2017 | Event News
23.01.2018 | Life Sciences
23.01.2018 | Earth Sciences
23.01.2018 | Physics and Astronomy