Online Banking With Bio Metrics Authentication

8/8/2019 Online Banking With Bio Metrics Authentication

1/25

ONLINE BANKING WITHONLINE BANKING WITH

BIOMETRICSBIOMETRICS

AUTHENTICATIONAUTHENTICATION

B E- 7th Semester CSE


2/25

INTRODUCTIONINTRODUCTION

y Our purpose is to implement Biometrics toolfor authentication across online transactions.

y Authentication is based on verifying who youare concept.

y Foolproof mechanism, just limited by technology.

y Provides unparalled convenience.

y Biometrics being used:

Fingerprints

Signature

Vein Pattern

Hand Geometry

VoiceB E- 7th Semester CSE


3/25

Current Authentication SystemsCurrent Authentication Systems

y Online Authentication

Name

Password

y Bank Authentication

Token based

ID Card

Signature



4/25

Limitations of CurrentLimitations of Current

Authentication SystemsAuthentication Systemsy Work on the principle of verifying based

on what you know vs who you are.

y Someone else can use the information forcarrying out a payment transaction in the

customers name, once access is available.

y

Using such information poses a problemin certain payment scenarios.



5/25

Gateways for BiometricsGateways for Biometricsy Transaction Security

Securing client transactions and protect their privacy

either remotely or onsite

y Network Security

Security of the banks infrastructure, controls what

activities specific individuals or job functions have access

to

y Access Control

Protecting the physical security of facilities (vaults, safetydeposit boxes)

y Background Checks

Protect against internal fraud and illegal transactions

with applicant background checks B E- 7th Semester CSE


6/25

WHAT IS BIOMETRICS??WHAT IS BIOMETRICS??

y A biometric is a physiological or behavioral characteristic

of a human being that can distinguish one person from

another and that theoretically can be used for

identification or verification of identity.

y Biometric recognition forms a strong link between a

person and his identity because biometric traits cannot be

easily shared, lost, or duplicated.

y Biometric recognition is intrinsically superior and more

resistant to social engineering attacks (e.g., phishing)



7/25

Why Biometrics?Why Biometrics?

y Identify thefts

y Something you know can

be stolen

y Predicted or hacked

y Reliability on manual

verification



8/25

Characteristics to be Considered inCharacteristics to be Considered in

BiometricsBiometricsy Universality

y Uniqueness

y

Permanencey Collectability

y Performance

yAcceptability

y Circumvention



9/25

Online BankingOnline Banking

y Practice of making bank transactions or paying bills via

the Internet.

y

You can access your account at any time of the dayand are no longer confined to conventional business

hours.

y Online banking is generally faster and more convenient

than the traditional banking



10/25

DrawbacksDrawbacks

y Although online banking is generally secure with

modern encryption technology, it is still possible for

identity theft or fraud to occur if you fall victim to a

phishing site or otherwise have your sensitive account

information compromised.

y Most online banking fraud schemes involve two steps.

The criminal obtains the customer's account access

data, i.e. logon name and password.

The criminal uses this information to transfer money

to other accounts and withdrawals the funds.



11/25

Current Biometric SystemsCurrent Biometric Systems



12/25

System ElementsSystem Elements

y Enrollment system

Used for enrolling customers on to the

program and recording their fingerprint

identity.

y Verification system

Used at retail locations for verifying the

live fingerprints with the stored

fingerprints for authenticating payments.



13/25

Physiological Biometrics: Finger ScanPhysiological Biometrics: Finger Scan

y A technology that uses the unique fingerprint patterns

present on the human finger to identify or verify the

identity of the individual.

y Several acquisition techniques can be used

optical scanning

capacitive scanning (silicon chip)

ultrasound scanning

y Very popular technology

Mature and proven core technology

A flexible technology

Employs ergonomic, easy-to-use devices

Systems ease of use can be increased.B E- 7th Semester CSE


14/25

The Biometric TechnologyThe Biometric Technology

y Enrollment

y Feature extraction

y Template creationEnrollment templates

Match templates

y

Biometric matching



15/25

The Enrollment SystemThe Enrollment System

y The customer is asked to enter a

customer account number

y The customer is then asked to present

their fingers on a scanner

y An ISO 19794-2 template is derived from

the captured images.

y The template along with the raw image isstored in the biometric server.



16/25

The Enrollment ProcessThe Enrollment Process

A Pictorial ViewA Pictorial View



17/25

The ISO 19794The ISO 197942 Standard2 Standard

y Specifies the biometric data interchange

formats for finger minutiae data.

y Defines

Finger Minutiae Record format

Normal size Finger Minutiae Card format

Compact size Finger Minutiae Card format.



18/25

The Verification SystemThe Verification System

y The customer enters the account number

y The customer is required to present live fingerprint on

the scanner.

y The live fingerprint is then compared with the

biometric template stored against the customer

account number in the database

y In case the verification is successful the payment

transaction is considered authenticated and the

transaction sent to the bank for processing

y In case of a failure the customer may be asked to

present the finger again up to a certain maximum

number of tries.



19/25



20/25

LevelLevel--0 Data Flow Diagram0 Data Flow Diagram



21/25

LevelLevel--1 Data Flow Diagram1 Data Flow Diagram



22/25

BiometricsAnd CryptographyBiometricsAnd Cryptography

y Biometrics are sensitive data and hence

should be properly protected.

y Password in existing systems is kept

secret.

y But biometrics is not secret.

y So biometric information needs to be

encrypted.



23/25

To Sum Up..To Sum Up..

As a final word, Biometrics provide..

y Increase security

Provide a convenient and low-cost additional tier

of security.y Reduce fraud by employing hard-to-forge

technologies and materials.

y Eliminate problems caused by lost IDs or

forgotten passwords by using physiologicalattributes.

y Replace hard-to-remember passwords which

may be shared or observed.



24/25

To Sum Up..To Sum Up..y Integrate a wide range of biometric solutions and

technologies, customer applications and databases

into a robust and scalable control solution for

facility and network access

y Make it possible, automatically, to know WHO didWHAT, WHERE and WHEN!

y Offer significant cost savings

y Unequivocally link an individual to a transaction

or event.

y Reduce password administration costs.

y Biometric verification shall achieve transactional

error rate of1% or less. B E- 7th Semester CSE


25/25


Documents

Online Banking With Bio Metrics Authentication