I was asked to investigate fingerprint technology before it went viral on the iPhone 5S and other mobiles.
The work is based on how to stop people stealing your fingerprints. You only have 10 of them and you can't change them easily like your keys or a password! We need a way to produce a reliable key from your fingerprint that is reproducible but not reversible.
What I did was use something called a Fuzzy Embedder and a method called Quantization Index Modulation proposed by Buhan et al to combine a key with a fingerprint.
It worked but it has problems. Basically, you would have random errors and the key couldn't be reproduced. You could produce small keys but not 128-bits reliably.
The problem is getting good, re-usable data points (minutiae) from fingers. Rotation, position, pressure. They all change the image every time you scan. The minutiae change every time. It's difficult to get accurate readings. At leased, with the cheap setup I had.
I did all this with a shitty old microsoft fingerprint reader a friend gave me, freeware C# fingerprint extraction software and a bunch of code from MATLAB. I'm surprised it worked at all.
The quantiser also has trouble when points fall near its boundaries and incorrectly maps vectors to 'ghost' data points. Eg, One that doesn't exist in the original set. It could be overcome with more reliable data and error correcting codes.
Maybe retinal scan would give better results or a better fingerprint reader and optimised software.
🤷♂️
Supervisor: Nandita Bhattacharjee (Monash University)
Thesis: Fingerprint based Biometric Cryptosystem using the Fuzzy Embedder