Privacy preserved two factor authentication system using spread spectrum watermarking of fingerprint and crypto code

Abstract

The two-factor authentication (2FA) method provides an additional layer of security to the user accounts and systems beyond a single authentication factor like a simple password. Nowadays, biometric-based authentication is widely adopted as it reduces impersonation fraud and account takeover attacks. Biometric data are relevant to the user’s personal information and can potentially be exploited by the attacker to compromise the user’s additional data. Hence, the protection of the biometric data is also vital, along with the secure authentication of the protected data. This proposed work, a 2FA mechanism is implemented using the Spread Spectrum Watermarking method. Instead of storing fingerprint biometric data in the database, it is embedded in the physical token/security token as invisible watermarking with the user’s image. The user’s unique ID (UID) is stored in the database and embedded as an invisible watermark in the physical or security token, the second factor. This physical or security token, commonly known as a ‘smart card, ‘is a portable device that stores the user’s authentication information and can be used for secure access to systems and services. It becomes a smart card once authentication factors and other user information are embedded. The user’s fingerprint is compared to the embedded fingerprint on the smart card for identification to access protected data. To further validate the user’s identity, the embedded UID is decrypted and matched against the stored UID in the database. A detailed simulation analysis demonstrates the enhanced outcomes of the proposed watermarking-based 2FA model. A comparative study of the results confirms the superiority of the proposed model over traditional biometric-based 2FA systems.