Biometric Authentication in M-Payments : Analysing and improving end-users’ acceptability

Porubsky, Jakub

January 2020

Traditional authentication methods like Personal Identification Number (PIN) are getting obsolete and insecure for electronic-payments while mobile-payments are becoming more and more popular. Biometrics such as fingerprint and face recognition authentication methods seem to be a solution to this security issue as they are becoming a regular and integrated part of an average smartphone end-users purchase. However, for mobile-payments to be authenticated by biometrics, end-users acceptability of both technologies must be high. In this research, fingerprint and face recognition authentication methods are being tested with end-users and their current acceptability level is being determined based on interviews which are conducted upon finishing each testing scenario. The interview is using 39 questions which are determining previous usage of the technologies, their likeability, positives, negatives, and feelings about various features biometrics provide such as ease-of-use, stress-free method of payment, security, and many others. Additionally, one more authentication method is tested, namely two factor authentication consisting of one biometric method (fingerprint) and one traditional method (PIN) of authentication. The main goal for testing this method is to find out whether implementing (as currently it is not available) such technology into mobile-payments would be beneficial and how it scored in user-acceptance next to fingerprint and face recognition authentication methods. Once the user-acceptance level is determined the main reasons for it are presented. Last but not least, suggestions for improvements in this domain are presented so that biometrics are even more accepted by end-users who are performing mobile-payments on their smartphones.

mobile payments

m-payments

biometrics

fingerprint

face recognition

2FA

Computer Systems

Datorsystem

Machine Learning for Metabolite Identification with Mass Spectrometry Data / 質量分析データによる代謝産物識別のための機械学習手法構築

NGUYEN, DAI HAI

23 September 2020

京都大学 / 0048 / 新制・課程博士 / 博士(薬科学) / 甲第22754号 / 薬科博第128号 / 新制||薬科||14(附属図書館) / 京都大学大学院薬学研究科医薬創成情報科学専攻 / (主査)教授 馬見塚 拓, 教授 緒方 博之, 教授 石濱 泰 / 学位規則第4条第1項該当 / Doctor of Pharmaceutical Sciences / Kyoto University / DFAM

Metabolite identification

Mass spectrometry

Machine Learning

Fingerprint prediction

Sparse learning

Kernel method

Graph Neural Network

499.3

Detekce duplicitního provozu / Duplicate Traffic Detection

Krch, Petr

January 2013

This thesis describes methods for duplicate traffic detection in computer networks. At first, it analyzes the problem of redundant traffic including the description of its origin and causes. The thesis describes on what data and what methods we are able to detect an operation as duplicate. Finally, this thesis explains design of redudant traffic detection algorithm including testing plan and results evaluation.

Detekce a klasifikace poškození otisku prstu s využitím neuronových sítí / Detection and Classification of Damage in Fingerprint Images Using Neural Nets

Vican, Peter

January 2021

The aim of this diploma thesis is to study and design experimental improvement of the convolutional neural network for disease detection. Another goal is to extend the classifier with a new type of detection. he new type of detection is damage fingerprint by pressure. The experimentally improved convolutional network is implemented by PyTorch. The network detects which part of the fingerprint is damaged and draws this part into the fingerprint. Synthetic fingerprints are used when training the net. Real fingerprints are added to the synthetic fingerprints.

Získávání informací o uživatelích na webových stránkách / Browser and User Fingerprinting for Practical Deployment

Vondráček, Tomáš

January 2021

The aim of the diploma thesis is to map the information provided by web browsers, which can be used in practice to identify users on websites. The work focuses on obtaining and subsequent analysis of information about devices, browsers and side effects caused by web extensions that mask the identity of users. The acquisition of information is realized by a designed and implemented library in the TypeScript language, which was deployed on 4 commercial websites. The analysis of the obtained information is carried out after a month of operation of the library and focuses on the degree of information obtained, the speed of obtaining information and the stability of information. The dataset shows that up to 94 % of potentially different users have a unique combination of information. The main contribution of this work lies in the created library, design of new methods of obtaining information, optimization of existing methods and the determination of quality and poor quality information based on their level of information, speed of acquisition and stability over time.

Biometrická identifikace otisku prstu / Biometric fingerprint identification

Ruttkay, Michal

January 2015

This thesis describes the anatomical characteristics of fingerprints and their applications in identifying the person. The theoretical part describes the importance of papillary lines on fingerprints, statistical analysis and pre-processing of images in particular. The practical section provides the necessary operations to compare fingerprints. The implementation was done in Matlab.

Biometrická detekce živosti pro technologii rozpoznávání otisků prstů / Biometric Liveness Detection for the Fingerprint Recognition Technology

Brabec, Lukáš

January 2015

This work focuses on liveness detection for the fingerprint recognition technology. The first part of this thesis describes biometrics, biometric systems, liveness detection and the method for liveness detection is proposed, which is based on spectroscopic characteristics of human skin. The second part describes and summarizes performed experiments. In the end, the results are discussed and further improvements are proposed.

Fingerprint Damage Simulation / Fingerprint Damage Simulation

Kanich, Ondřej

January 2014

Cílem této práce je návrh a implementace aplikace pro simulaci poškození umělého otisku prstu. Při studiu jsem se soustředil hlavně na projekt SFinGe, který je průkopníkem v této oblasti. Specifikoval jsem přesněji oblast zájmu na optický či kapacitní senzor a poškození otisků prstů v závislosti na tlaku a vlhkosti, poškození a pošpinění senzoru a deformaci pokožky. Navrhl jsem způsob implementace těchto vlivů poškozujících umělý otisk prstu tak, aby se lépe podobal reálným otiskům. Tyto metody využívají morfologické operátory a model plastického zkreslení u otisků prstů. Výsledky nejúspěšnějších metod mají o 62.5% horší skóre v komerčním produktu oproti originálu a o jednu třídu horší hodnocení dle normy pro kvalitu obrazu otisku prstu. Přínosem této práce je tedy poškození umělých otisků tak, že prokazatelně dosahují horších výsledků než originál a návrh aplikace, která umožňuje rozšíření o další metody.

Development and validation of sample clean-up using solid phase extraction prior oil spill fingerprinting

Loorents, Cheryl

January 2022

In a forensic investigation involving oil, a comparative analysis named oil spill fingerprinting between a source and an oil spill is normally performed. It is based on detecting a certain selection of biomarkers with gas chromatography (GC) coupled to mass spectrometry (MS) which are later divided into diagnostic ratios (DRs). An international guideline formed by European Committee for Standardization (CEN) denoted CEN/TR 15522-2:2012 describes the process of conducting oil spill fingerprinting. This method is currently being inspected and adjusted for standardization into EN 15522-2:2022. One section of the upcoming standard describes sample clean-up which is important to inhibit possible matrix effect that could either enhance or reduce peak intensity in the chromatogram. There is yet no conclusive SPE (Solid Phase Extraction) protocol in the current draft version of EN 15522-2:2022. The aim with this study was to develop such a protocol. Development included comparative testing of the recommended stationary phases silica and Florisil®. Additionally, the effect of both elution solvent and elution volume were investigated. The protocol must pass validation criteria to be implemented at National Forensic Centre (NFC) and possibly be used in the final version of EN 15522-2:2022. A successful method for Heavy Fuel Oil (HFO), diesel and lubricating oil was achieved with activated Florisil® as stationary phase, eluted with 6 ml dichloromethane (DCM). If the evidence material is suspected to contain FAMEs (Fatty Acid Methyl Esters), then 2 % acetone should be added to the DCM. The final SPE column was packed with 0.5 glass wool, 4 cm Florisil® and 0.5 cm sodium sulfate. Based on successful validation result, the SPE protocol should be considered for the final version of EN 15522-2:2022 as well as for implementation at NFC.

Oil spill

chemical fingerprint

solid phase extraction (SPE)

development

validation.

Chemical Sciences

Kemi

Software-hardware Cooperative Embedded Verification System Fusing Fingerprint Verification and Shared-key Authentication

Yan, Weiwei

January 2011

In order to protect the security of the commercial information, personnel information, military information, governmental information on the Internet, the claimed identity should be authenticated. Now there are three main security authentication methods: first: using user PIN, such as password; second: using physical key, such as USBKey; third: using biological authentication technology, such as fingerprint, iris, voice and palm prints, etc. Because of the uniqueness, invariance, and ubiquity properties of biometric authentication, biometric authentication is becoming popular, especially fingerprint recognition. However, when the fingerprint recognition information is transported on the public channel, it may be attacked, such as the fingerprint information is stolen. So a cryptology mechanism is needed to protect the fingerprint recognition information. In the field of embedded security authentication system, the traditional hardware implementation mechanism, such as ASIC, can satisfy requires of functions and performances, but it is not configurable, flexible, and easy to expand; the traditional software implementation mechanism, such as general purpose processor, is flexible, but the cost and the power consumption are higher than hardware implementation. In order to take the advantages of biometrics, cryptology, hardware implementation, and software implementation, a hardware-software cooperating embedded authentication system based on shared-key authentication and fingerprint verification is proposed. First, this system authenticates the identities of client and server by shared-key authentication, creates the current encrypt key and hash key, and then authenticates the identity of them via fingerprint recognition. During fingerprint recognition, the information of fingerprint is not needed to transmit over the public channel, so the security of fingerprint is increased. Theoretic analysis and experiments show that, this system reach very high authentication rate and security. This system can resist replay attack, server template attack, device template attack, effectively.

fingerprint

shared-key

embedded system

hardware-software cooperating

Engineering and Technology

Teknik och teknologier