Back to projects

Biometric security project with Chi Ventures Pvt Ltd

  • Start Date: January 2020
  • Manager: Dr. Gaurav Bansod
  • Team: Dr. Gaurav Bansod, Anway Deshpande, Vineet Tambe and other students partnered with Chi Ventures Pvt. Ltd.
  • Goal: Defending against advanced attack vectors on Biometric Identification and Authentication Systems(As a part of Cyber Security Grand Challenge)

The emergence of biometric technologies is fueling the notable innovation in the security and usability of the authentication solutions. Consumer-grade, reliable and easy to use biometrics is facilitating the organizations to comply with the security standards by fulfilling requirements of authentication.

There was a time when biometrics required specialized and expensive hardware to operate and were limited to high-security amenities only. But now, most of the smart devices come with fingerprint sensors and cameras that are replacing passwords with fingerprints and face recognition. These innovations are raising a serious concern, i.e. data privacy and security.

The evolution of organizations towards the digital sphere and immense data to deal with every day has attracted the attention of regulatory authorities. Protecting users’ PII is no more ethical decision but a legal obligation for every business. Every organization dealing with consumers’ data is liable to meet the compliance requirements to safeguard information.

Existing biometric authentication systems are not fulfilling the data privacy standards, the increasing number of data breaches is the solid evidence of that. Many international data protection commissioners have argued against the creation of voluminous central databases for storing biometric data. Moreover, they encourage the development and implementation of privacy-enhancing technologies (PETs). These technologies enable individuals to manage their personal information and minimize privacy risks at earlier stages.

Biometric authentication in the current age mostly relies on fingerprint authentication, facial authentication, voice & video recognition, and behavioral contexts. The attack ecosystem has evolved to adopt capabilities to circumvent the authentication system using fake video, audio, and even by playing with behavioral attributes.