Biometric Authentication Systems: Privacy Challenges and Technological Advances

Abstract

The biometric authentication system is used to verify the identity of the user by using the unique physiological and behavioral characteristics like fingerprints, iris scan, facial characteristics, and voice, which is one of the main reasons for its fast growth in the personal, corporate, and government sectors. The present paper discusses the two sides of the biometric authentication problem: technologies that have enhanced the recognition accuracy, the spoof-resistance and the comfort of the users, and the privacy issues that may arise from the collection, storage and irreversibility of the biometric data. Emerging modalities (e.g., behavioral biometrics, brain-wave authentication) and multi-modal fusion, cancellable templates and privacy ensuring methods, e.g., federated learning and homomorphic encryption, are discussed. At the same time, the paper explores some of the most important privacy issues, such as irreparability of breached characteristics, mass surveillance, data breach, and loopholes. The results show that although biometric systems are more or less safe and convenient, to ensure the privacy, a protection strategy, including various types of technological protection, user agreement, and policy enforcement actions is required.