Stephen Kent wrote:
At 3:42 PM -0500 11/4/02, Sam Schaen wrote:
Would an acceptable approach be to create a one-way function between the
biometric data and the digest? Similar to the hash algorithm used for
signatures, the objective would be to make it virtually unlikely that two
biometric captures could lead to the same digest but that having the digest, it
would not be feasible to obtain the biometric. Certainly a hash meeting those
characteristics could be included in a certificate without violating privacy
concerns and without making imperonation of the biometric characteristics easier
than they currently are.
-Sam
Sam,
That approach generally does not work, because a verifier needs to "score" the captured biometric data against the template values. It's never an exact match, unlike with passwords.
Steve
The matching methods and sample collections are also vendor specific and proprietary. There's a place holder for processing algorithms and matching methods to be identified by NIST in X9.84, but to date none have been registered. This situation will likely not change for at least the near future.
Phil