Including biometric authentication in a smart card operating system

Abstract

One of the most secure medias in where to store personal a sensible data, are smart cards. They can provide security through cryptography and secret keys. Unfortunately, they suffer a lack of security when the card holder identity is to be authenticated. The only way, nowadays, to achieve such a task is through Card Holder Verification Keys, which are closely related to the Personal Identification Number (PIN). The author, aware of this problem, has worked in enabling a Biometric Authentication inside a smart card, in order to provide the same level of security that PINs have, without being able to be copied. After studying several biometric techniques, he has developed, up to today, three of them (based on Voice, Hand Geometry and Iris). Therefore, he has obtained the conclusions needed to integrate the Biometric Authentication into the Operating System of a Smart Card. Using JavaCards, prototypes have been developed, taking several tests to prove the viability of them. Results obtained, specially the ones using the RISC-based JavaCard, show the possibility of launching a commercial product, without going to an expensive masking level of development. © Springer-Verlag 2001.