Search for: All records

Fingerprint-based authentication has been successfully adopted in a wide range of applications, including law enforcement and immigration, due to its numerous advantages over traditional password-based authentication. However, despite the usability and accuracy of this technology, some significant concerns still exist, which can potentially hinder its further adoption. For instance, a subject’s fingerprint is permanently associated with an individual and, once stolen, cannot be replaced, thus compromising biometric-based authentication. To mitigate this concern, we propose a multi-factor authentication approach that integrates type 1 and type 3 authentication factors into a fingerprint-based personal identification number, or FingerPIN. To authenticate, a subject is required to present a sequence of fingerprints corresponding to the digits of the PIN, based on a predefined secret mapping between digits and fingers. We conduct a vulnerability analysis of the proposed scheme, and demonstrate that it is robust to the compromise of one or more of the subject’s fingerprints.