This Article 
 Bibliographic References 
 Add to: 
A Mobile Biometric System-on-Token System for Signing Digital Transactions
March/April 2010 (vol. 8 no. 2)
pp. 13-19
Ricardo Ribalda, Universidad Autónoma de Madrid
Guillermo Gonzalez de Rivera, Universidad Autónoma de Madrid
Angel de Castro, Universidad Autónoma de Madrid
Javier Garrido, Universidad Autónoma de Madrid
The System-on-Token architecture for biometric systems gives users have full control over their biometric data and lets them sign digital transactions using biometrics. The authors implemented and tested in on a commercial mobile device, the Nokia N800. The implementation runs a port of the National Institute of Standards and Technology's Biometric Image Software, and it can complete a transaction in less than two seconds, including verifying the vendor, verifying the transaction, extracting features, matching features, and signing the transaction using a legal X.509 certificate. The authors tested the system's accuracy using 1,664 images from the BiosecurID database with nine types of preprocessing. They tested its speed using 36 fingerprints with nine types of preprocessing. All the certificates were issued by the Spanish Bureau of Money and have legal validity.

1. A. Adler, "Vulnerabilities in Biometric Encryption Systems," Proc. IAPR Audio and Video-Based Biometric Person Authentication (AVBPA 05), LNCS 3546, Springer, 2005, pp. 469–472.
2. I. Buham and P. Hartel, The State of the Art in Abuse of Biometrics, CTIT tech. report TRCTIT-05-41, Univ. of Twente, 2005.
3. A.K. Jain, K. Nandakumar, and A. Nagar, "Biometric Template Security," EURASIP J. Advances in Signal Processing, special issue on pattern recognition methods for biometrics, vol. 2008, 2008, pp. 1–17.
4. D. Moon et al., "Implementation of the USB Token System for Fingerprint Verification," Proc. 13th Scandinavian Conf. (SCIA 03), LNCS 2749, Springer, 2003, pp. 998–1005.
5. Y. Lin, X. Maozhi, and Z. Zhiming, "Digital Signature Systems Based on Smart Card and Fingerprint Feature," J. Systems Eng. and Electronics, vol. 18, no. 4, 2007, pp. 825–834.
6. "Smartcards Use Biometrics," Biometric Technology Today, vol. 10, no. 5, 2002, pp. 9–11.
7. S. Drimer and S.J. Murdoch, "Keep Your Enemies Close: Distance Bounding against Smartcard Relay Attacks," Proc. Usenix Security Symp., Usenix Assoc., Sept. 2007.
8. C. Adams and S. Farrell, Internet X.509 Public-Key Infrastructure Certificate Management Protocols, IETF RFC 2510, 1999;
9. C. Lee et al., "Preprocessing of a Fingerprint Image Captured with a Mobile Camera," Proc. Int'l Conf. Advances in Biometrics (ICB 06), LNCS 3832, Springer, 2006, pp. 348–355.
10. D. Searls and J. Thompson, "The Ultimate Linux Handheld," Linux J., vol. 148, 2006, pp. 70–71.
11. J. Fierrez et al., "BiosecurID: A Multimodal Biometric Database," Pattern Analysis & Applications, in press, Springer; DOI: 10.1007/s10044-009-0151-4.
12. J. Viega, M. Messier, and P. Chandra, Network Security with OpenSSL, O'Reilly, 2002.
13. C.L. Wilson, C.I. Watson, and E.G. Paek, "Effect of Resolution and Image Quality on Combined Optical and Neural Network Fingerprint Matching," Pattern Recognition, vol. 33, no. 2, 2000, pp. 317–331.
14. D. Baldisserra et al., "Fake Fingerprint Detection by Odor Analysis," Proc. IARP Int'l Conf. Biometrics (ICB 06), LNCS 2832, Springer, 2006, pp. 265–272.

Index Terms:
mobile systems, biometric, digital certificate, security and privacy
Ricardo Ribalda, Guillermo Gonzalez de Rivera, Angel de Castro, Javier Garrido, "A Mobile Biometric System-on-Token System for Signing Digital Transactions," IEEE Security & Privacy, vol. 8, no. 2, pp. 13-19, March-April 2010, doi:10.1109/MSP.2010.1
Usage of this product signifies your acceptance of the Terms of Use.