You have requested a machine translation of selected content from our databases. This functionality is provided solely for your convenience and is in no way intended to replace human translation. Neither SPIE nor the owners and publishers of the content make, and they explicitly disclaim, any express or implied representations or warranties of any kind, including, without limitation, representations and warranties as to the functionality of the translation feature or the accuracy or completeness of the translations.
Translations are not retained in our system. Your use of this feature and the translations is subject to all use restrictions contained in the Terms and Conditions of Use of the SPIE website.
26 May 2011Privacy preserving, real-time and location secured biometrics for mCommerce authentication
Secure wireless connectivity between mobile devices and financial/commercial establishments is mature, and so is the
security of remote authentication for mCommerce. However, the current techniques are open for hacking, false
misrepresentation, replay and other attacks. This is because of the lack of real-time and current-precise-location in the
authentication process. This paper proposes a new technique that includes freshly-generated real-time personal biometric
data of the client and present-position of the mobile device used by the client to perform the mCommerce so to form a
real-time biometric representation to authenticate any remote transaction. A fresh GPS fix generates the "time and
location" to stamp the biometric data freshly captured to produce a single, real-time biometric representation on the
mobile device. A trusted Certification Authority (CA) acts as an independent authenticator of such client's claimed realtime
location and his/her provided fresh biometric data. Thus eliminates the necessity of user enrolment with many
mCommerce services and application providers. This CA can also "independently from the client" and "at that instant of
time" collect the client's mobile device "time and location" from the cellular network operator so to compare with the
received information, together with the client's stored biometric information. Finally, to preserve the client's location
privacy and to eliminate the possibility of cross-application client tracking, this paper proposes shielding the real location
of the mobile device used prior to submission to the CA or authenticators.
The alert did not successfully save. Please try again later.
Torben Kuseler, Hisham Al-Assam, Sabah Jassim, Ihsan A. Lami, "Privacy preserving, real-time and location secured biometrics for mCommerce authentication," Proc. SPIE 8063, Mobile Multimedia/Image Processing, Security, and Applications 2011, 80630G (26 May 2011); https://doi.org/10.1117/12.883101