This article presents an overview of the SecurePhone project, with an account of the first results obtained.
SecurePhone's primary aim is to realise a mobile phone prototype - the 'SecurePhone' - in which biometrical
authentication enables users to deal secure, dependable transactions over a mobile network. The SecurePhone is based
on a commercial PDA-phone, supplemented with specific software modules and a customised SIM card. It integrates in
a single environment a number of advanced features: access to cryptographic keys through strong multimodal biometric
authentication; appending and verification of digital signatures; real-time exchange and interactive modification of (esigned)
documents and voice recordings. SecurePhone's 'biometric recogniser' is based on original research. A fused
combination of three different biometric methods - speaker, face and handwritten signature verification - is exploited,
with no need for dedicated hardware components. The adoption of non-intrusive, psychologically neutral biometric
techniques is expected to mitigate rejection problems that often inhibit the social use of biometrics, and speed up the
spread of e-signature technology. Successful biometric authentication grants access to SecurePhone's built-in esignature
services through a user-friendly interface. Special emphasis is accorded to the definition of a trustworthy
security chain model covering all aspects of system operation.
The SecurePhone is expected to boost m-commerce and open new scenarios for m-business and m-work, by changing
the way people interact and by improving trust and confidence in information technologies, often considered
intimidating and difficult to use. Exploitation plans will also explore other application domains (physical and logical
access control, securised mobile communications).