...
Vipin: Template is stored for recovery purposes. Is there a situation where the template does not need to be stored at all? (If the hashing algorithm is foolproof- maybe) But recovery may need re-proofing proofing (or re-enrollment)
Email Response from Daniel Bachenheimer:
In some (many) biometric system implementations, images are preserved for a number of reasons including:
- De-duplication: if more than one candidate is returned during a de-duplication (or identification) operation, images are typically used by an adjudicator to reconcile the candidate list. Without biometric images, demographic data would typically be used for reconciliation which is sub-optimal as it opens an otherwise closed fraud vector.
- Feature Extraction Algorithm Updates: if a vendors FE algorithm needs to be updated (or replaced by another vendor), original images are typically needed (required) to regenerate templates. Without the original images re-enrollment will be required.
Follow on question from Vipin Bharathan to Daniel Bachenheimer :
- Preserving biometric images does not come without consequences, obviously the most important of these is the fact that such a trove of very personal information needs to be closely guarded and secured. This exposes the repository and its caretaker to attack as it is valuable data.
- What are the consequences of the leakage of such image data? Can such data be used in spoofing using altered edge devices? If not how? (Can the device itself be authenticated before it can participate to authenticate the user - in preparation for user authorization- are there references on this subject?)