Biometric Transaction Authentication Protocol

Author

Hartung, Daniel ; Busch, Christoph

Author_Institution

Norwegian Inf. Security Lab. (NISlab), Gjovik Univ. Coll., Gjovik, Norway

fYear

2010

fDate

18-25 July 2010

Firstpage

207

Lastpage

215

Abstract

The threat of phishing or malicious software (malware)-based attacks is significant and growing, at the same time online banking gets more and more popular. Financial loss may be one of the consequences if credentials get stolen. In many protocols, the transaction information is not secured properly. The proposed Biometric Transaction Authentication Protocol (BTAP) is based on the one hand on the Helper Data Scheme for biometric template protection and on the other hand on a trusted biometric transaction device. BTAP provides data- and person authentic transactions since the relevant information in financial online transactions is fused with a secure biometric template from a verified natural person in a way that it is proven to the executing party, that the transaction, as it is received, was in fact initiated and confirmed by an identified natural person.

Keywords

banking; biometrics (access control); invasive software; protocols; biometric template protection; biometric transaction authentication protocol; financial online transactions; helper data scheme; malicious software; phishing-based attacks; trusted biometric transaction device; Authentication; Banking; Computers; Malware; Online banking; Protocols; Servers; Biometrics; Electronic Payment Scheme; Non-Repudiation; Online Banking;

fLanguage

English

Publisher

ieee

Conference_Titel

Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on

Conference_Location

Venice

Print_ISBN

978-1-4244-7517-9

Electronic_ISBN

978-0-7695-4095-5

Type

conf

DOI

10.1109/SECURWARE.2010.41

Filename

5633820