Biometrics is the automated recognition of individuals by their behavioral and biological characteristics. Among the most widely used biometric recognition methods are the observation of the characteristics fingerprint and face. Biometric recognition systems are nowadays an integral part of identity management systems. Unlike knowledge- and ownership-based authentication systems, biometric characteristics cannot be lost or delegated to third parties. This advantage improves both the usability and the security of traditional authentication systems, leading to an increasing deployment of operational biometric systems.
In a biometric system, a biometric sample is captured at the time a subject is registered. After pre‐processing the captured data, the biometric features are extracted and stored in a database as a biometric reference (template). During a biometric authentication, another biometric sample is acquired and processed in the same way to generate a probe sample. The features calculated from the probe sample can be compared with one or more reference template(s) within the database. The result of a biometric comparison process is a comparison score or a list of scores. A biometric decision can then be taken, based on the generated scores.
From the described general processes within a biometric system, various problems arise with regard to three core topics: quality, security and privacy, that define open research questions.
To determine the quality of biometric samples, e.g. facial images or fingerprint images, is an essential process of a biometric system when a high recognition performance is required. The signal quality of biometric reference data is crucial and will determine, how well the stored reference data is suited for automated recognition of the enrolled data subject. High recognition performance can only be achieved if the quality of the captured biometric data is sufficient. This applies in particular to biometric systems in which a large number of subjects is registered. Nevertheless, a reliable determination of the quality of biometric data is an unresolved research topic for many biometric modalities. In order to improve the usability and recognition performance of biometric systems, new algorithms must be developed that ensure a robust determination of the quality of biometric samples. This is particularly true for facial data, as shown by a recent study by the Joint Research Centre (JRC) of the European In addition to the need for robust algorithms, this study also calls for the standardization of such mechanisms. The aim of this research area is to develop algorithms and methods that allow a robust quality assessment of biometric samples. Moreover, the quality of service provided within biometric applications with limited resources is targeted in this research area. This requires efficient, adaptive, and application-aware innovations.
The increasing deployment of biometric systems requires a risk and impact assessment of these technologies. Due to the fact that many established biometric methods capture a publicly accessible source ‐ especially the face of an individual, so‐called presentation attacks or spoofing attacks are highly security‐critical. During a presentation attack, the attacker presents a so‐called presentation attack instrument to the biometric capture device, e.g. a 3D face mask, with the aim of being recognized as a (specific) data subject, who registered in the biometric Presentation attacks are probably the most relevant type of attack on biometric systems. In addition to presentation attacks, the vulnerability of biometric face recognition systems with regard to manipulation of biometric samples during the enrolment process (morphing attacks and image processing, e.g. through so‐called Beautification Apps) has recently been confirmed and published in international media. Reliable detection of such manipulations is still an unsolved research task. In addition to developing suitable countermeasures with regard to the security‐relevant vulnerabilities mentioned above, the aim of this mission is to identify possible further vulnerabilities and to develop countermeasures. Moreover, issues inherited within the established biometric systems such as decision bias will be tackled within this research area.
In particular since the EU General Data Protection Regulation (GDPR) came into force, biometric reference data must be permanently protected. Conventional cryptographic methods, however, are unsuitable because they do not allow biometric comparison in the encrypted domain due to the variance in the biometric measurement. So‐called Biometric Template Protection procedures must therefore be used. Existing approaches, however, clearly show a conflict between biometric recognition performance and the degree of protection of biometric data. The aim of this mission is to investigate the use of special cryptographic methods, e.g. homomorphic encryption, in order to tolerate biometric variance in encrypted space. However, these methods are computationally very demanding and result in long response times, when a probe feature vector has to be compared against numerous reference templates. An efficient and data protection‐friendly identification with the help of biometric data is still an open research topic, which will be dealt with in this research area.
The research area “Next Generation Biometric Systems” should make fundamental progress in the field of biometrics and achieve the following goals and objectives.