Security Requirements for Store-on-Client and Verify-on-Server Secure Biometric Authentication
H Higo, T Isshiki, M Nara, S Obana, T Okamura… - … for Authorization and …, 2020 - Springer
Abstract The Fast IDentity Online Universal Authentication Framework (FIDO UAF) is an
online two-step authentication framework designed to prevent biometric information
breaches from servers. In FIDO UAF, biometric authentication is firstly executed inside a
user's device, and then online device authentication follows. While there is no chance of
biometric information leakage from the servers, risks remain when users' devices are
compromised. In addition, it may be possible to impersonate the user by skipping the …
online two-step authentication framework designed to prevent biometric information
breaches from servers. In FIDO UAF, biometric authentication is firstly executed inside a
user's device, and then online device authentication follows. While there is no chance of
biometric information leakage from the servers, risks remain when users' devices are
compromised. In addition, it may be possible to impersonate the user by skipping the …
Security Requirements for Store-on-Client and Verify-on-Server Secure Biometric Authentication
N Masahiro, T Okamura, T Isshiki, H Higo, T Hiroto… - (No Title), 2020 - cir.nii.ac.jp
The Fast IDentity Online Universal Authentication Framework (FIDO UAF) is an online two-
step authentication framework designed to prevent biometric information breaches from
servers. In FIDO UAF, biometric authentication is firstly executed inside a user's device, and
then online device authentication follows. While there is no chance of biometric information
leakage from the servers, risks remain when users' devices are compromised. In addition, it
may be possible to impersonate the user by skipping the biometric authentication step.
step authentication framework designed to prevent biometric information breaches from
servers. In FIDO UAF, biometric authentication is firstly executed inside a user's device, and
then online device authentication follows. While there is no chance of biometric information
leakage from the servers, risks remain when users' devices are compromised. In addition, it
may be possible to impersonate the user by skipping the biometric authentication step.
Showing the best results for this search. See all results