A biometrics-based secure architecture for mobile computing

Mobile computing devices such as smartphones, tablets and wireless enabled laptops are getting widely popular and being frequently used to access information in secure networks through third party providers. With the increasing number of intrusion, device and identity theft incidents, improved security measures are becoming essential for accessing devices as well as various mobile applications. In this paper, a novel security architecture has been proposed for mobile computing platform which utilizes biometric signatures to authenticate users against large databases. Identifying correct biometric credentials in mobile devices can be a challenging task as there are no biometric input devices available with these systems. The task of scanning biometric signatures can be performed via device camera and microphone. The primary challenge is to precisely collect the biometric signatures and minimize the effects of noise, intra class variations, surrounding environment and high error rate when comparing against millions of similar signatures. A multimodal verification scheme applying face, hand geometry, fingerprint and other biometric signatures which can be scanned through mobile devices will increase the reliability of the system. The next challenge this architecture will address is the size of biometric signature and verification data that is sent for comparison. A fusion of multiple signatures can be performed by applying segmented data in order to increase the verification speed while maintaining high accuracy. Fusion also protects against spoofing where criminals and predatory users submit false or modified biometric information for verification. As multiple signatures are weighted and compared, false or unmatched signatures can be easily identified and addressed accordingly. In order to protect the information during data transfer and future storage, encryption and other security enhancement techniques are proposed to be integrated. The proposed architecture is ex- ected to provide secure access to only legitimate users of a system within a short period of time and prohibit intruders from gaining any access.