Intrusive Authentication Approaches

  • Nathan Clarke


Authentication has been at the cornerstone of information security since the ­inception of information technology (IT). Whilst the foundations upon which they rely have changed little, technology has evolved and adapted these approaches to fit a variety of solutions. Prior to describing the nature of transparent authentication, the current technological barriers to implementation and the advantages such an approach could have, it is important to establish a baseline understanding of the current nature of authentication, the current technological requirements, limitations and deployments. From such a basis it is possible to better appreciate the unique environment within which transparent authentication operates and the benefits it could bring.


Facial Recognition Equal Error Rate Biometric System False Acceptance Rate False Rejection Rate 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. Ashbourn, J.: Biometrics: Advanced Identity Verification: The Complete Guide. Springer, London (2000). ISBN 978-1852332433Google Scholar
  2. Balaban, D.: Transport for London to Discard Mifare Classic. NFC Times. Available at: (2010). Accessed 10 Apr 2011
  3. Bank of America: SiteKey at Bank of America. Bank of America. Available at: (2011). Accessed 10 Apr 2011
  4. BBC: Personal data privacy at risk. BBC News. Available at: cbra (2008). Accessed 10 Apr 2011
  5. Blonder, G.E.: Graphical passwords. U.S. Patent 5559961, Lucent Technologies Inc, Murray Hill, 1995Google Scholar
  6. Brostoff, S., Sasse, M.A.: Are Passfaces more usable than passwords? A field trial investigation. In: Proceedings of Human Computer Interaction, Sunderland, pp. 405–424 (2000)Google Scholar
  7. Chip and PIN: Why did we change. Chip and PIN. Available at: (2006). Accessed 10 Apr 2011
  8. Crown Copyright: Using the Iris recognition immigration system (IRIS). Crown Copyright. Available at: (2010). Accessed 10 Apr 2011
  9. Das, R.: Retina recognition: biometric technology in practice. Keesing Journal of Documents and Identity, issue 22. Available at: (2007). Accessed 10 Apr 2011
  10. Daugman, J.: Biometric personal identification system based on Iris Recognition. US Patent 5,291,560 (1994)Google Scholar
  11. de Winter, B.: New hack trashes London’s Oyster card. Tech World. Available at (2008). Accessed 10 Apr 2011
  12. Dimitriadis, C., Polemi, D.: Biometric authentication. In: Proceedings of the First International Conference on Biometric Authentication (ICBA). Springer LNCS-3072, Berlin/Heidelberg (2004)Google Scholar
  13. FVC2006: Open category: average results over all databases. Biometric System Laboratory. Available at: (2006). Accessed 10 Apr 2011
  14. Gosset, P. (eds.): ASPeCT: Fraud detection concepts: final report. Doc Ref. AC095/VOD/W22/DS/P/18/1 (1998 Jan)Google Scholar
  15. Hurley, D., Nixon, M., Carter, J.: Force field feature extraction for ear biometrics. Comput. Vis. Image Understand. 98, 491–512 (2005)CrossRefGoogle Scholar
  16. IBG.: How is biometrics defined? International Biometrics Group. Available at: (2010a). Accessed 10 Apr 2011
  17. Ingersoll-Rand.: HandKey. IR Security Technologies. Available at: (2011). Accessed 10 Apr 2011
  18. IrsisGuard.: Iridian Announces UAE border control system exceeds one million transactions IrisGuard. Available at: (2004). Accessed 10 Apr 2011
  19. ISO.: ISO/IEC 7813:2006 Information Technology – Identification Cards – Financial Transaction Cards. International Standards Organisation. Available at (2006). Accessed 10 Apr 2011
  20. ISO: ISO JTC 1/SC37 – Biometrics. International Standards Organisation. Available at: (2010). Accessed 10 Apr 2011
  21. Jain, A., Patrick, F., Arun, R.: Handbook of Biometrics. Springer, New York (2008). ISBN 978-0-387-71040-2CrossRefGoogle Scholar
  22. Joyce, R., Gupta, G.: Identity authentication based on keystroke latencies. Commun. ACM 39, 168–176 (1990)CrossRefGoogle Scholar
  23. Kent, J.: Malaysia car thieves steal finger. BBC News. Available at: (2005). Accessed 10 Apr 2011
  24. Maltoni, D., Maio, D., Jain, A., Prabhakar, S.: Handbook of Fingerprint Recognition. Springer, New York (2005). ISBN 978-0387954318Google Scholar
  25. Matsumoto, T., Matsumoto, H., Yamada, K., Hoshino, S.: Impact of artificial ‘gummy’ fingers on fingerprint systems. Proc. SPiE 4677, 275–289 (2002)Google Scholar
  26. Miura, N., Nagasaka, A., Miyatake, T.: Feature extraction of finger-vein patterns based repeated line tracking and its applications to personal identification. Mach. Vis. Appl. 15, 194–203 (2004)CrossRefGoogle Scholar
  27. Moreno, B., Sanchez, A.: On the use of outer ear images for personal identification in security applications. In: Proceedings of IEEE 33rd Annual International Conference on Security Technologies, Madrid, pp. 469–476 (1999)Google Scholar
  28. Nanavati, S., Thieme, M., Nanavati, R.: Biometrics Identity Verification in a Networked World. Wiley, New York (2002). ISBN 0471099457Google Scholar
  29. NSTC: Biometrics glossary. National Science and Technology Council. Available at: (2006). Accessed 10 Apr 2011
  30. Oechslin, P.: Making a faster cryptoanalytic time-memory trade-off. In: Advances in cryptology – CRYPTO 2003, 23 rd Annual International Cryptology Conference, Santa Barbara August 17–21, 2003, Proceedings. Lecture Notes in Computer Science 2729. Springer 2003, Berlin/Heidelberg, ISBN 3-540-40674-3 (2003)Google Scholar
  31. Oxford University Press: How many words are there in the English language. Oxford University Press. Available at (2010). Accessed 10 Apr 2011
  32. Paivio, A., Rogers, T.B., Smythe, P.C.: Why are pictures easier to recall than words? Psychon. Sci. 11, 137–138 (1968)Google Scholar
  33. Passfaces: Passfaces: two factor authentication for the enterprise. Passfaces Corporation. Available at (2011). Accessed 10 Apr 2011
  34. Phillips, J., Scruggs, T., O’Toole, A., Flynn, P., Bowyer, W., Schott, C., Sharpe, M.: FRVT 2006 and ICE 2006 large-scale results. NIST IR 2007. Available at: 2007. Accessed 10 Apr 2011
  35. Przybocki, M., Martin, A., Le, A.: NIST speaker recognition evaluations utilising the mixer corpora – 2004, 2005, 2006. IEEE Trans. Audio Speech Lang. Process 15(7), 1951–1959 (2007)CrossRefGoogle Scholar
  36. RSA: Securing your future with two-factor authentication. EMC Corporation. Available at: (2011). Accessed 10 Apr 2011
  37. Sarkar, S., Phillips, P., Liu,., Robledo-Vega, I., Grother P, Bowyer, K.: The Human ID gait challenge problem: data sets, performance and analysis. IEEE Trans. Pattern. Anal. Mach. Intell. II, 162–177 (2005)Google Scholar
  38. Scout Analytics: Sentry: zero footprint, strong authentication. Scout Analytics. Available at: (2011). Accessed 10 Apr 2011
  39. Shepard, R.N.: Recognition memory for words, sentences, and pictures. J. Verbal Learn Verbal Behav 6, 156–163 (1967)CrossRefGoogle Scholar
  40. Smith, R.: Authentication: From Passwords to Public Keys. Addison and Wesley, Boston (2002). ISBN 0201615991Google Scholar
  41. Socolinsky, D., Selinger, A.: Face detection with visible and thermal infrared imagery. Comput. Vis Image Understand, pp. 72–114, July–August (2003)Google Scholar
  42. Socolinsky, D., Selinger, A.: Thermal face recognition in an operational scenario. In: CVP04, Washington, DC, pp. 1012–1019 (2004)Google Scholar
  43. Spillane, R.: Keyboard apparatus for personal identification. IBM Tech. Disclosure Bull. 17, 3346 (1975)Google Scholar
  44. Stolfo, S.J., Wei F., Wenke L., Prodromidis, A., Chan, P.K.: Cost-based modeling for fraud and intrusion detection: results from the JAM project. In: DARPA Information Survivability Conference and Exposition, 2000. DISCEX ‘00. Proceedings, vol. 2, Hilton Head, pp. 130–144 (2000)Google Scholar
  45. Stormann, C.:. Fraud management tool: evaluation report. Advanced Security for Personal Communications (ASePECT), Deliverable. 13, Doc Ref. AC095/SAG/W22/DS/P/13/2 (1997)Google Scholar
  46. Symantec: SennaSpy generator. Symantec Corporation. Available at (2007). Accessed 10 Apr 2011
  47. Thorpe, J., van Oorschot, P.C.: Human-seeded attacks and exploiting hot-spots in graphical passwords. In: 16th USENIX Security Symposium, Boston, pp. 103–118 (2007)Google Scholar
  48. Vuagnoux, M., Pasini, S.: Compromising electromagnetic emanations of wired and wireless keyboards. In: 18th USENIX Security Symposium, Montreal, pp. 1–16 (2009)Google Scholar
  49. Wikimedia Commons: Welcome to Wikimedia, Wikimedia Commons. Available at: (2011). Accessed 10 Apr 2011
  50. Wireshark: Wireshark. Wireshark Foundation. Available at (2011). Accessed 10 Apr 2011
  51. Woodward, J., Orlans, N., Higgins, P.: Biometrics and Strong Authentication. McGraw-Hill, Berkeley (2003). ISBN 978–0072222272Google Scholar
  52. Yeung, D., Chang, H., Xiong, Y., George, S., Kashi, R., Matsumoto, T., Rigoll, G.: SVC2004: first international signature verification competition. In: Proceedings of ICBA. Springer LNCS-3072, Berlin/Heidelberg, pp. 16–22 (2004)Google Scholar

Copyright information

© Springer-Verlag London Limited 2011

Authors and Affiliations

  1. 1.Centre for Security, Communications & Network Research (CSCAN)Plymouth UniversityPlymouthUK

Personalised recommendations