Practical considerations for secure minutiae based templates

Abstract

We illustrate the steps in building a secure authentication system using a construct called PinSketch where the identifier is a set of points derived from the minutiae extracted from a fingerprint. We define a relative set difference based threshold for matching templates, that takes the sizes of the sets being compared into account and show that it performs better than a fixed threshold for all fingerprints in a database. We describe the process of selecting the quantisation parameters and the design of the authentication system based on the PinSketch construct. The main question asked, and answered, is: At the operating parameters chosen, is the authentication system secure? We determine an empirical measure of the entropy of the quantised minutiae-based template and demonstrate how an attacker can exploit a non uniform distribution of the template elements to masquerade as a genuine user. We finally list desirable requirements for a template if it has to be protected using a set difference based construct like PinSketch.